Posts Categorized: Linux

GHOST – The latest Linux Vunlerability

During a code audit performed internally at Qualys, a buffer overflow in the GNU C Library (glibc) was found. Qualys worked closely with Linux distribution vendors to create a patch for all distributions impacted. Vendors made the patch available Wednesday January 28, 2015. GHOST exposes a buffer overflow that can be triggered locally and remotely… Read more »

Protecting Against the POODLE SSLv3 Vulnerability

Introduction On October 14th, 2014, POODLE (Padding Oracle On Downgraded Legacy Encryption), a vulnerability in version 3 of the SSL encryption protocol was disclosed. This vulnerability allows an attacker to read information encrypted with this version of the protocol in plain text using a man-in-the-middle attack. Even though SSLv3 is an older version and is… Read more »

Bash Security Vulnerability Patch Instructions

A new major security vulnerability impacting Linux customers who leverage Bash as their shell was announced in Sepetember. ZZ Servers strongly recommends customers exposed to this vulnerability apply the appropriate security patch as soon as possible. Below are instructions for patching your systems: For Debian or Ubuntu, run the following command:   apt-get update &&… Read more »

Managing Partner, David M. Zendzian, to give presentation on SSL/TLS protocol, security and configuration issues

Managing Partner, David M. Zendzian, will be giving a short presentation on SSL/TLS protocol, security and configuration issues on Brighttalk tomorrow at 12 EST. SSL is a well designed protocol to ensure communications between two points are secured and that 3rd parties are not able to view the protected communications. As such many applications have… Read more »

Server cabinet door alarm

The first step in securing servers is to ensure that they are physically as secure as possible and and then monitored for unauthorized access  Many times when setting up servers in a small office or co-location facility many people have their systems in a locking cabinet within a moderately secured physical building.  However a determined… Read more »