[cobalt-users] security issues?

[canderso@xxxxxxxxxxxxx]

Howdy, I'm still somewhat new to SunCobalt products but have been lurking
on the list and recently obtained a RaQ 4 to learn on. I have some
security-related questions below that perhaps some of the list members can
help me with. I want to thank everyone in advance, the cobalt-users list
and its members have been very helpful over the past few months.

I am planning on deploying a RaQ 4 to host DNS, web, and mail for my low
traffic site and eventually for about a dozen other sites, each with their
own site administrators. I will probably boost the machine up to 512 MB of
RAM but will keep the stock ~30 GB HD. I will probably follow the pointers
and make a custom restore CD to allow for larger /var and / partitions. I
will also install all current SunCobalt patches and probably pkgmaster (or
similar) OpenWebmail and Webalizer.

Here's where the questions come in...

What is the best way to go about moving from telnet (and ftp) to ssh (and
secure ftp)?

What security issues should I be concerned about after I install the
latest cobalt packages for my RaQ 4 and move to SSH? Are there any
well-known security holes that have not yet been patched by Sun/Cobalt?

I am happy with the performance and features of the stock PHP. Is there
any security-related reason to do an unsupported upgrade?

Are there any other issues (security or otherwise) that I should be aware
of or that you would like to point out? Any little tidbits would be
helpful. My experience with sysadmin-ish tasks has been limited to Solaris
and IRIX on trusted internal networks. I am very rusty when it comes to
security.

Thanks!
Colin