Hiring a PHP Programmer: Part #1, SQL Security
PHP is a fantastic web development language if for no other reason than its low learning-curve to create dynamic, database-driven web sites quickly. For this reason and others, there has been an obvious influx of web developers ready to hire-on to create your company’s next web application or site. Just like any other employee, contractor or otherwise, you want to be sure that the work being done isn’t just quickly thrown together by a novice, but that there is consideration with regard to appropriate programming practices and security being thought of during development. Read more
ProFTPD Remote Code Execution Vulnerability and exploit
A flaw in the popular ProFTPD FTP server potentially allows unauthenticated attackers to compromise a server. The problem is caused by a buffer overflow in the pr_netio_telnet_gets() function for evaluating TELNET IAC sequences.
ProFTPD bug report: http://bugs.proftpd.org/show_bug.cgi?id=3521
All MNX Solutions Linux Server Management customers have been patched.
Read more
Server Management and Terminating Access
What if you had to let someone go tomorrow for some unforeseen reason. Would you know all of the points that this person or company has access to? How can you be certain unless you keep track of these locations?
Even if you know all the locations, do you understand the impact of modifying the users access? Was this users access tied to a critical cron job? Was this user account tied to MySQL access for performing monthly billing? What if this employee happened to own one of your domain names? Surprisingly, we see scenarios like this too often.
Ksplice Provides Patch for Linux Kernel Exploit CVE-2010-3081
It has been mentioned in many places on the web, that a vulnerability in the 32-bit compatibility mode of the current Linux kernel (and previous versions) for 64-bit systems can be exploited to escalate privileges.
The folks over at Ksplice have put together a patch that fixes this vulnerability, and a tool to check if your system has been compromised. More detail is available on the Ksplice Blog.
Read more
Plesk PHP upgrade
We are often asked to upgrade PHP on Plesk based systems. When working with Plesk based control panel systems, PHP is typically maintained by the operating system. This means RedHat 5 and CentOS 5 based servers will be running PHP version 5.1.6. Many applications have a requirement of PHP 5.2 or greater.
A few options are available, we will discuss two solutions below..
Read more
Building an Empty RPM
When searching for information on creating an empty, or null rpm file, I was unable to locate the spec file details needed. In another post, I will describe my need for this empty rpm, but for now here is the minimal spec file needed to build an empty rpm:
Place the following in a file called, php.spec
Summary: Empty PHP
Name: php
Version: 0
Release: 0
License: Public
Group: Applications/System
%description
Empty PHP RPM
%files
Now, build your new php rpm using the following command:
# rpmbuild -bb php.spec
Processing files: php-0-0
Checking for unpackaged file(s): /usr/lib/rpm/check-files %{buildroot}
Wrote: /usr/src/redhat/RPMS/i386/php-0-0.i386.rpm
And that’s it, you now have an empty rpm!
Server Management Best Practices – Firewall
Every week at MNX solutions we handle issues from server security and patch management to system recovery and performance tuning. In this blog series, we will review a number of firewall best practices that you can implement today on your server infrastructure.
First things first, do you utilize a firewall on your server? If your answer is “no” or you are not sure, this should be one of your top priorities. Read more
bash_history date
Bash_history date
Ever try to determine what caused the latest outage by trying to determined when a command was last executed?
Look in your .bash_history (if you are running a bash shell), and you will see your recently executed commands. However, it is generally impossible to tell when the command was executed.
yum python logger error bad marshal data
Interesting bug encountered today after a fresh install of RHEL5 from 5.3 media.
When attempting to run the command, ‘yum’. The following error was presented:
# yum
Traceback (most recent call last):
File "/usr/bin/yum", line 4, in ?
import yum
File "/usr/lib/python2.4/site-packages/yum/__init__.py", line 30, in ?
import logging
ValueError: bad marshal data
CentOS5 and PHP52 upgrade rpms
We encounter many scenarios where using the latest version of PHP is required. No great way, aside from downloading the PHP5 source and compiling, is available. That is, until you discover then IUS Community Project.
