During a code audit performed internally at Qualys, a buffer overflow in the GNU C Library (glibc) was found. Qualys worked closely with Linux distribution vendors to create a patch for all distributions impacted. Vendors made the patch available Wednesday January 28, 2015. GHOST exposes a buffer overflow that can be triggered locally and remotely… Read more »
Posts Categorized: Linux
Introduction On October 14th, 2014, POODLE (Padding Oracle On Downgraded Legacy Encryption), a vulnerability in version 3 of the SSL encryption protocol was disclosed. This vulnerability allows an attacker to read information encrypted with this version of the protocol in plain text using a man-in-the-middle attack. Even though SSLv3 is an older version and is… Read more »
A new major security vulnerability impacting Linux customers who leverage Bash as their shell was announced in Sepetember. ZZ Servers strongly recommends customers exposed to this vulnerability apply the appropriate security patch as soon as possible. Below are instructions for patching your systems: For Debian or Ubuntu, run the following command: apt-get update &&… Read more »
Managing Partner, David M. Zendzian, will be giving a short presentation on SSL/TLS protocol, security and configuration issues on Brighttalk tomorrow at 12 EST. SSL is a well designed protocol to ensure communications between two points are secured and that 3rd parties are not able to view the protected communications. As such many applications have… Read more »
ZZ Servers Managing Partner, David M. Zendzian (@dmz006) will be presenting How Do You Know Your Colo Isn’t “Inside” Your Cabinet, A Simple Alarm Using Teensy” which is based on a prior blog post.
The first step in securing servers is to ensure that they are physically as secure as possible and and then monitored for unauthorized access Many times when setting up servers in a small office or co-location facility many people have their systems in a locking cabinet within a moderately secured physical building. However a determined… Read more »