During a code audit performed internally at Qualys, a buffer overflow in the GNU C Library (glibc) was found. Qualys worked closely with Linux distribution vendors to create a patch for all distributions impacted. Vendors made the patch available Wednesday January 28, 2015. GHOST exposes a buffer overflow that can be triggered locally and remotely… Read more »
Posts Categorized: Debian
A new major security vulnerability impacting Linux customers who leverage Bash as their shell was announced in Sepetember. ZZ Servers strongly recommends customers exposed to this vulnerability apply the appropriate security patch as soon as possible. Below are instructions for patching your systems: For Debian or Ubuntu, run the following command: apt-get update &&… Read more »
Managing Partner, David M. Zendzian, will be giving a short presentation on SSL/TLS protocol, security and configuration issues on Brighttalk tomorrow at 12 EST. SSL is a well designed protocol to ensure communications between two points are secured and that 3rd parties are not able to view the protected communications. As such many applications have… Read more »
The first step in securing servers is to ensure that they are physically as secure as possible and and then monitored for unauthorized access Many times when setting up servers in a small office or co-location facility many people have their systems in a locking cabinet within a moderately secured physical building. However a determined… Read more »
A weakness has been discovered in the random number generator used by OpenSSL on Debian and Ubuntu systems. As a result of this weakness, certain encryption keys are much more common than they should be, such that an attacker could guess the key through a brute-force attack given minimal knowledge of the system. This particularly… Read more »
Build Your Own Debian/Ubuntu LAMP Server – Quick & Easy Do it Yourself Installation Apache 2 – Linux Web server MySQL 5 – MySQL Database Server PHP4/5 – PHP Scripting Language phpMyAdmin – Web-based database admin software. Note: Linux + Apache + MySQL + PHP/Perl together commonly known as LAMP Server.