[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] RAQ4 Security Suggestions

Subject: RE: [cobalt-users] RAQ4 Security Suggestions
From: "Manny Tau" <mtau@xxxxxxx>
Date: Mon Apr 21 23:07:53 2003
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

I can't speak highly enough of Michael Stauber over at www.Solarspeed.net
and his $200 security package. He installed it in my 550 within 24 hours of
my order/purchase. The configs are easy, and they work. Its great now to be
emailed alerts of those triggering the honeypot, and then get blocked out,
etc. I see on his site he has this package for a RaQ4. Here's a blurb from
his site in Germany:

"More than a year before Sun Cobalt released the Security Hardening Package
we already had acknowledged that the RaQ3 and RaQ4 had way too many security
issues which made them a too easy target for hacking and abuse. So back in
March 2001 we developed our Security Package for the RaQ3 and RaQ4, which
installs intrusion detection and intrusion prevention tools - as well as a
fully fledged software firewall. This package has been installed on more
than thousand servers in the same year and not a single of those protected
servers has been compromised."

More specifically:
"Installation of all missing patches
Installation of OpenSSH
Improved configuration files
Installation of our custom built Firewall
Installation of Portsentry in "Honeypot"-mode
Installation of LCAP to prevent loading of kernel modules
Installation of Logwatch
Installation of FCheck (similar to Tripwire)
Installation of automated CHKROOTKIT"

You might want to d/l his .pdf manual on his site for a closer look.

Manny

-----Original Message-----
From: cobalt-users-admin@xxxxxxxxxxxxxxx
[mailto:cobalt-users-admin@xxxxxxxxxxxxxxx]On Behalf Of Mark Jaggers
Sent: Monday, April 21, 2003 6:33 PM
To: cobalt-users@xxxxxxxxxxxxxxx
Subject: [cobalt-users] RAQ4 Security Suggestions


Since we recently had problems with someone hacking our Raq4, I want to find
out what suggestions everyone has to make the server as secure as possible.
We are going to be doing a complete restore in the next few days, so it will
be clean and fresh.

I already know we should use SSH instead of telnet.  But what other
suggestions are there.

Thanks
Mark

_____________________________________
cobalt-users mailing list
cobalt-users@xxxxxxxxxxxxxxx
To subscribe/unsubscribe, or to SEARCH THE ARCHIVES, go to:
http://list.cobalt.com/mailman/listinfo/cobalt-users

References:
- [cobalt-users] RAQ4 Security Suggestions
  - From: Mark Jaggers

Prev by Date: [cobalt-users] Flushing mail queue on Qube3
Next by Date: [cobalt-users] Quotas
Previous by thread: RE: [cobalt-users] RAQ4 Security Suggestions
Next by thread: [cobalt-users] Re: cobalt-users digest, Vol 1 #5898 - 16 msgs

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index