Tag: Security

  • Identifying exploits and exploited websites

    I have made posts before regarding how to find exploits, and what to do about those previously, however it has come to my attention that some people are not even realizing what the basics are to look for. In this post i will give you ideas on what to look for, how to identify exploits…

  • DNS amplification DoS attacks

    If you are running a DNS server, then you need to check it is not being co-opted into ‘DNS amplification attacks’. Random nasty servers (typically part of virus created bot-nets) send your DNS server a short request but use a fake source IP address.  Your DNS server then sends a (typically) long reply back to…

  • WordPress mass update script 3.4

    This script will search /var/www (changeable in a variable) for any wordpress installs and make sure its upgraded to the latest version. It will run a backup to /root/wp_upgrade/ of all files and database before doing anything with the site in case of major catastrophe (make sure you have spare disk space if your sites…

  • Keeping your hosting panel updated

    From time to time hosting control panels (Such as Plesk) get updated by their creators. Those updates may often include patches to critical vulnerabilities, so its a good idea to keep track of those. We try to keep our customers informed. One example is a recent notification from Parallels affecting some older versions of Plesk.…

  • WordPress mass update script 3.3.2

    This script will search /var/www (changeable in a variable) for any wordpress installs and make sure its upgraded to the latest version. It will run a backup to /root/wp_upgrade/ of all files and database before doing anything with the site in case of major catastrophe (make sure you have spare disk space if your sites…

  • Distrubution release support (CentOS4/Debian 5)

    Linux distributions keep moving forwards, and as they progress older releases stop receiving security patches or updates. As part of our commitment to maintaining reliable and safe services, we would like to highlight the following announcements… CentOS-4 End Of Life The CentOS-4 distribution (current version 4.9) will be at End of Life on February 29,…

  • Linux kernel CVE-2012-0056 vulnerability

    You have probably all heard about the recent local privilige escalation in recent Linux kernels by now. If not you can read all about it here. This only affects our recent Ubuntu 11.10 “Oneiric” VPSs, which by default were installed with a Linux 3.0.4 kernel. The 3.0.4 kernel was also tested to work with some…

  • WordPress mass update script 3.1.4

    This script will search /var/www (changeable in a variable) for any wordpress installs and make sure its upgraded to the latest version. It will run a backup to /root/wp_upgrade/ of all files and database before doing anything with the site in case of major catastrophe (make sure you have spare disk space if your sites…

  • Jboss Exploits

    There is a JBoss exploit out in the wild.  See http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0738 and https://access.redhat.com/kb/docs/DOC-30741 for details.