Results 1 to 4 of 4
  1. #1

    RaQ4: Security Hardening Update 2.0.1


    there could be an interesting update at

    Security Hardening patch for the Sun Cobalt RaQ 4 server appliance. Includes port scan detection and buffer overflow detection.
    Daniel - the free backup-solution for your RaQ!

  2. #2
    Here's a reply I just sent to the Cobalt Users mailing list...

    I've installed it on a test server and tested out the port scanning
    functionality and it works wonderfully. It' much more effective than
    portsentry on its own since it operates directly with the ethernet port,
    though you probably don't gain anything over a portsentry+ipchains

    It appears to use the same firewall as the Qube3 package (Sun's Phoenix
    FireWall) and you can monior activity of that in /var/log/phoenix.log

    As for the buffer overflow protection, they've implemented Immunix'
    StackGuard . This protects against "stack smashing"
    and uses a replacement GCC compiler. What they have done is rebuilt the
    existing binaries for the port exposed daemons plus the kernel to prevent
    this type of attack. This is why if you've upgraded any of the typical
    services such as proftpd, sendmail, apache, qpopper, imap bind, telnet and
    your kernel it will be downgraded to the Sun Cobalt standard version.

    It seems like a very handy update.

    One point of interest, there is a warning in the configuration of the port
    scan protection that if you go beyond just logging and switch on blocking it
    does warn that you may open yourself to DOS attacks. It's obvious why, but
    will be interesting to see if and when people are affected by this.

    Funny that it's not actually been announced - who feels like a beta tester?

  3. #3
    Join Date
    Mar 2001
    They finally announced it, but the funny thing is that the PDF describing it's usage is month's old.
    Thanks for some inside information!
    It would be helpful if Cobalt provided details of what this update changes exactly, as I've spent a lot of time upgrading and fixing things.
    ICANN accredited domain registrar

  4. #4
    Join Date
    Mar 2001
    This was posted earlier this morning:
    ICANN accredited domain registrar

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts