PCI compliance – a basic HOWTO

A lot of people are wanting to be PCI compliant these days, and this is generally a good thing. PCI compliance is not just a server spec, but a list of procedures, policies, controls over access to data. Therefore the server side is only one part of the process. It can be expensive and time… Continue reading PCI compliance – a basic HOWTO

Disabling exploitable proftpds

A stack overflow bug has been identified in ProFTPd.  This bug allows users to gain remote access (usually root) to an attacker.  This bug requires immediate attention and potentially a restore to the last backup image of your server. Information on the bug can be found here: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4221 We have been handling the issue per… Continue reading Disabling exploitable proftpds