Archive for Security

Two Factor SSH Authentication with Duo Security

As is probably obvious from our blog posts on Yubikey SSH/WordPress two factor authentication and Google Authenticator SSH two factor authentication, we at MNX Solutions are big proponents of multi-factor authentication schemes to add security to infrastructure. On the other side of things, though, we have to be agile system administrators in order to offer […]

Read more

Securing SSH and WordPress with two factor authentication

I wrote a post about using Google Authenticator for SSH a month ago. After writing this post, I started looking at other solutions in the space for two factor authentication. Yubikeys are USB based, and require no device drivers. They work with Mac, Linux, or Windows and are priced starting at $25 each. Compared to […]

Read more

Two Factor SSH with Google Authenticator

Last week, Google enabled two factor authentication for everyone. This article explains how to install and configure Google Authenticator in conjunction with SSH for two factor authentication. Two-factor authentication relies on something you know (a password) and something you have (your phone).

Read more

Critical exim security update

A privilege escalation vulnerability exists in Exim, the mail transfer agent used by cPanel & WHM. All MNX Solutions customers have been patched, and are no longer vulnerable to this privilege escalation vulnerability. If you are not an MNX Solutions customer, you should read the following page for details on how to correct the problem:

Read more

Hiring a PHP Programmer: Part #1, SQL Security

PHP is a fantastic web development language if for no other reason than its low learning-curve to create dynamic, database-driven web sites quickly. For this reason and others, there has been an obvious influx of web developers ready to hire-on to create your company’s next web application or site. Just like any other employee, contractor […]

Read more

ProFTPD Remote Code Execution Vulnerability and exploit

A flaw in the popular ProFTPD FTP server potentially allows unauthenticated attackers to compromise a server. The problem is caused by a buffer overflow in the pr_netio_telnet_gets() function for evaluating TELNET IAC sequences. ProFTPD bug report: http://bugs.proftpd.org/show_bug.cgi?id=3521 All MNX Solutions Linux Server Management customers have been patched.

Read more

Server Management and Terminating Access

What if you had to let someone go tomorrow for some unforeseen reason. Would you know all of the points that this person or company has access to? How can you be certain unless you keep track of these locations? Even if you know all the locations, do you understand the impact of modifying the […]

Read more

Ksplice Provides Patch for Linux Kernel Exploit CVE-2010-3081

It has been mentioned in many places on the web, that a vulnerability in the 32-bit compatibility mode of the current Linux kernel (and previous versions) for 64-bit systems can be exploited to escalate privileges. The folks over at Ksplice have put together a patch that fixes this vulnerability, and a tool to check if […]

Read more

Server Management Best Practices – Firewall

Every week at MNX solutions we handle issues from server security and patch management to system recovery and performance tuning. In this blog series, we will review a number of firewall best practices that you can implement today on your server infrastructure. First things first, do you utilize a firewall on your server? If your […]

Read more

Great security and auditing resource for your network

The Center for Internet Security  has a great list of security configuration and audit guidelines. A great resource comprised of 40+ consensus Security Configuration Benchmarks for Operating Systems, Middleware, Software Applications and Network Devices. The Benchmarks are: Recommended technical control rules/values for hardening operating systems, middleware and software applications, and network devices; Unique, because the […]

Read more