Critical exim security update

A privilege escalation vulnerability exists in Exim, the mail transfer agent used by cPanel & WHM. All MNX Solutions customers have been patched, and are no longer vulnerable to this privilege escalation vulnerability. If you are not an MNX Solutions customer, you should read the following page for details on how to correct the problem:

Read more

Server Management and Terminating Access

What if you had to let someone go tomorrow for some unforeseen reason. Would you know all of the points that this person or company has access to? How can you be certain unless you keep track of these locations? Even if you know all the locations, do you understand the impact of modifying the [...]

Read more

Ksplice Provides Patch for Linux Kernel Exploit CVE-2010-3081

It has been mentioned in many places on the web, that a vulnerability in the 32-bit compatibility mode of the current Linux kernel (and previous versions) for 64-bit systems can be exploited to escalate privileges. The folks over at Ksplice have put together a patch that fixes this vulnerability, and a tool to check if [...]

Read more

Great security and auditing resource for your network

The Center for Internet Security  has a great list of security configuration and audit guidelines. A great resource comprised of 40+ consensus Security Configuration Benchmarks for Operating Systems, Middleware, Software Applications and Network Devices. The Benchmarks are: Recommended technical control rules/values for hardening operating systems, middleware and software applications, and network devices; Unique, because the [...]

Read more

Red Hat, Fedora openssh security compromise

Many of you may have already read the news, but for those of you that have not here is a recap. But first, let me state that we have tested all of our customer’s servers, and none have been compromised. An email was sent to the fedora-announce mailing list, it started with, “Last week we [...]

Read more

Securing your Linux server

We deal with security related issues nearly every day. Many of these issues could be prevented with a few minor changes to php.ini along with the installation of mod_security. It is simply amazing how many machines are hacked, and then used for the sole purpose of sending spam, denial of service (DoS) attacks or Botnets.

Read more