-
DNS amplification DoS attacks
If you are running a DNS server, then you need to check it is not being co-opted into ‘DNS amplification attacks’. Random nasty servers (typically part of virus created bot-nets) send your DNS server a short request but use a fake source IP address. Your DNS server then sends a (typically) long reply back to…
-
WordPress mass update script 3.4
This script will search /var/www (changeable in a variable) for any wordpress installs and make sure its upgraded to the latest version. It will run a backup to /root/wp_upgrade/ of all files and database before doing anything with the site in case of major catastrophe (make sure you have spare disk space if your sites…
-
Keeping your hosting panel updated
From time to time hosting control panels (Such as Plesk) get updated by their creators. Those updates may often include patches to critical vulnerabilities, so its a good idea to keep track of those. We try to keep our customers informed. One example is a recent notification from Parallels affecting some older versions of Plesk.…
-
WordPress mass update script 3.3.2
This script will search /var/www (changeable in a variable) for any wordpress installs and make sure its upgraded to the latest version. It will run a backup to /root/wp_upgrade/ of all files and database before doing anything with the site in case of major catastrophe (make sure you have spare disk space if your sites…
-
Account authorization and password resets
The primary way we identify our customers is via the email addresses associated with your account. If you do not communicate with us using one of these listed accounts, it may delay or slow the work we do on your server until we can verify you are authorized to request work done on the server.…
-
Distrubution release support (CentOS4/Debian 5)
Linux distributions keep moving forwards, and as they progress older releases stop receiving security patches or updates. As part of our commitment to maintaining reliable and safe services, we would like to highlight the following announcements… CentOS-4 End Of Life The CentOS-4 distribution (current version 4.9) will be at End of Life on February 29,…
-
Linux kernel CVE-2012-0056 vulnerability
You have probably all heard about the recent local privilige escalation in recent Linux kernels by now. If not you can read all about it here. This only affects our recent Ubuntu 11.10 “Oneiric” VPSs, which by default were installed with a Linux 3.0.4 kernel. The 3.0.4 kernel was also tested to work with some…
-
WordPress mass update script 3.1.4
This script will search /var/www (changeable in a variable) for any wordpress installs and make sure its upgraded to the latest version. It will run a backup to /root/wp_upgrade/ of all files and database before doing anything with the site in case of major catastrophe (make sure you have spare disk space if your sites…
-
Jboss Exploits
There is a JBoss exploit out in the wild. See http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0738 and https://access.redhat.com/kb/docs/DOC-30741 for details.
-
WordPress mass update script 3.04 – Urgent
From the guys at wordpress We’ve fixed a pretty critical vulnerability in WordPress’ core HTML sanitation library, and because this library is used lots of places it’s important that everyone update as soon as possible. I realize an update during the holidays is no fun, but this one is worth putting down the eggnog for.…