[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] SHP package...

Subject: Re: [cobalt-users] SHP package...
From: Shaun Johnston <shaun@xxxxxxxxxxxxxxxx>
Date: Mon Aug 19 19:05:01 2002
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

Hi

> I just noticed that the SHP (Security Hardening Update) was removed from
> the http://sunsolve.sun.com/patches/cobalt/ site.  Is this due to
> problems with this package?  Should I uninstall?  Please advise!  Thanks
> in advance for your kind support (as always)!

On the cobalt-security list this is a hot topic.  Currently some are 
recommending that you either temporarily stop the scan detection service by 
using:

/etc/rc.d/init.d/scandetection stop
(To restart use the command  /etc/rc.d/init.d/scandetection start)

while others are recommending that you set the scan detection's 'Action 
against detected scans' to 'Do Nothing' in the GUI.

It is not recommended that you attempt to uninstall the package, because it 
has replaced a lot of services with newer versions with no facility to roll 
back replacements, and if it were uninstalled you would lose many of those 
services (such as httpd ;-) )

Apparently Sun is at work on a patch (for the patch!)

To subscribe to the cobalt-security list, visit

http://list.cobalt.com/mailman/listinfo/cobalt-security/

Shaun Johnston

References:
- [cobalt-users] SHP package...
  - From: Joseph A. Hurdt

Prev by Date: Re: [cobalt-users] SHP package...
Next by Date: Re: [cobalt-users] Qube2 -> CacheQube
Previous by thread: Re: [cobalt-users] SHP package...
Next by thread: [cobalt-users] RaQ3 Redundancy with 2 RaQ3's

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index