If the problem was caused by an unprivileged user on the system, then
get the vendor to fix the system.  If the vendor can't/won't, then get
a real O.S. -- one which can protect itself from malicious users.  (Of
course, this requires that the systems programmers and admininstrators
_use_ the security features in the system.)  If the hackers got in by
guessing passwords to privileged userids, I'd say there's an
administrative problem at the site, *not* at the place that provides
various tools.