First, install all patches available at the SunSolve site. Install them from the bottom of the page to the top - they are listed newest-first, but the oldest patches need to be installed first.
The RaQ 4 patch page is at http://sunsolve.Sun.COM/pub-cgi/show...&nav=patchpage
Second, yes, install SSH. Both www.pkgmaster.com
have free PKGs you can install through the UI. Having telnet enabled isn't inherently insecure -- there aren't any known exploits for it -- but if you use it, there is the chance someone can sniff your password or data since it's sent in clear text. Same for FTP -- if you install SSH, you get a secure replacement (scp).
The SHP (Security Hardening Patch) you refer to that had to be uninstalled added port scanning detection like the RaQ 550 has (and like the Qube 3 has in the Adaptive Firewall). Sun has never released an official SSH for RaQ 4.
There are lots of things you can do to harden your RaQ: install an ipchains firewall and block non-essential ports. Install chkrootkit, a log-analyzer, fcheck/tripwire, etc.
For MySQL read the security stuff on their site -- make it only answer to queries from the RaQ itself (no open MySQL port to the world) unless necessary. Set proper permissions for users, etc.
For ASP, get the 3.6.2 upgrade from ftp.chilisoft.com (_after_ you install all the Sun patches).
Any general Linux security site info will be relevant for the RaQ....