Website Hacked OR Blacklisted? Get it Cleaned & Protected Immediately! 50% OFF – Attacker.NET

Website Hacked OR #Blacklisted? Get it Cleaned & Protected Immediately! 50% OFF


https://attacker.net/website-security-plans-pricing

https://attacker.net/website-security

Free Scanner: https://scan.attacker.net

#Security #wordpress #joomla #magento #drupal #hosting #cpanel #linux #websitesecurity #securedwebsite #hacked

FREE Trial

You can signup and Try our Website Security Monitoring, Website Firewall Protection, Malware detection and Blacklists Monitoring Services for 30 days – Completely FREE Trial! No obligations, No contract, No credit card required!

Try it Now – It’s FREE:

https://attacker.net/website-security-plans-pricing

Read more at: https://attacker.net/website-security

Attacker.NET 50% End of Year Promotion

Our biggest sale of 2019 is live until Jan 1st 2020! Get 50% off Websites Security plans, Server Management plans, Malware Cleanup & Removals, Website Firewall protection and more.

Our website security solutions include website monitoring, Malware detection, Hack cleanup, Firewall protection and much more!  

https://attacker.net/website-security

https://attacker.net/website-security-plans-pricing

You can check our Free Website Security Scanner: https://scan.attacker.net/

Our Server Management plans are available for Linux & Windows servers.

https://attacker.net/linux-server-management

https://attacker.net/windows-server-management

You can also check out our Outsourced Hosting Support services for white-labeled Hosting support.

https://attacker.net/outsourced-support

Don’t miss checking out our Partnership & Affiliation offers at https://attacker.net/affiliate

Please use this promotion code to claim your discount: welcome2020

Kind regards,

Attacker.NET Team

Professional Linux & Windows Server Management & Security Services (cPanel, Plesk, DirectAdmin and others)

 We provide a wide range of server management plans. You can completely customize your order or feel free to contact us. All of our experts are highly trained and certified. You can rest assured that you’re always in safe hands.

Our Server Management services:

Linux Server management

Windows Server Management

VPS Node management

Feel free to contact us for any customized or additional requests by clicking here

Rsync remote attack-CVE-2014-9512

rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path.

 

Timeline

January 5, 2015 MITRE reserved CVE
February 12, 2015 NVD published advisory

Authority references

Vendor & other references

GHOST: glibc vulnerability (CVE-2015-0235)

Background Information

GHOST is a ‘buffer overflow’ bug affecting the gethostbyname() and gethostbyname2() function calls in the glibc library. This vulnerability allows a remote attacker that is able to make an application call to either of these functions to execute arbitrary code with the permissions of the user running the application.

Impact

The gethostbyname() function calls are used for DNS resolving, which is a very common event. To exploit this vulnerability, an attacker must trigger a buffer overflow by supplying an invalid hostname argument to an application that performs a DNS resolution.

A list of affected Linux distros

  • RHEL (Red Hat Enterprise Linux) version 5.x, 6.x and 7.x
  • CentOS Linux version 5.x, 6.x & 7.x
  • Ubuntu Linux version 10.04, 12.04 LTS
  • Debian Linux version 7.x
  • Linux Mint version 13.0
  • Fedora Linux version 19 or older
  • SUSE Linux Enterprise 11 and older (also OpenSuse Linux 11 or older versions).
  • SUSE Linux Enterprise Software Development Kit 11 SP3
  • SUSE Linux Enterprise Server 11 SP3 for VMware
  • SUSE Linux Enterprise Server 11 SP3
  • SUSE Linux Enterprise Server 11 SP2 LTSS
  • SUSE Linux Enterprise Server 11 SP1 LTSS
  • SUSE Linux Enterprise Server 10 SP4 LTSS
  • SUSE Linux Enterprise Desktop 11 SP3
  • Arch Linux glibc version <= 2.18-1

Resolution

Update the glibc and nscd packages on your system using:

Fix for Centos/RHEL/Fedora 5,6,7:

  •  yum update glibc
  • Restart ALL running services or reboot the server as an alternative.

Fix for Ubuntu:

  • sudo apt-get clean
  • sudo apt-get update
  • sudo reboot

The POODLE Attack – SSL 3.0 Protocol Vulnerability (CVE-2014-3566)

Systems Affected

All systems and applications utilizing the Secure Socket Layer (SSL) 3.0 with cipher-block chaining (CBC) mode ciphers may be vulnerable. However, the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack demonstrates this vulnerability using web browsers and web servers, which is one of the most likely exploitation scenarios.

 

Solution

There is currently no fix for the vulnerability SSL 3.0 itself, as the issue is fundamental to the protocol; however, disabling SSL 3.0 support in system/application configurations is the most viable solution currently available.

 

** Updates available: RHEL/CentOS/RPM based OS:

yum -y update openssl

** You MUST disable SSLv3 in all used services (httpd, mail, etc) , The update just prevents the downgrading but the protocol itself is still vulnerable.

Can I add more RAM to my 32 bit Operating System (OS)?

Some 32 bit Operating Systems (OS) limit the amount of RAM they will support. Exceeding that limit may contribute to a number of problems. Therefore it is not supported. Upgrading to a 64 bit Operating Systems (OS) is recommended. A list of 32 bit Operating Systems (OS) with limited RAM is below.

 

Operating System (OS)

Bit

RAM Limit (GB)

CloudLinux 5 32 bit 64
CloudLinux 6 32 bit 8
Debian 6 32 bit 32
RHEL/CentOS 5 Minimal/LAMP 32 bit 64
RHEL/CentOS 6 Minimal/LAMP 32 bit 16
Ubuntu 8.04 LTS 32 bit 64
Ubuntu 10.04 LTS 32 bit 64
Ubuntu 12.04 LTS 32 bit 64

How to increase /tmp partition size on a non-control panel server

Stop Apache and MySQL services.

# /etc/init.d/httpd stop; /etc/init.d/mysql stop

Take a backup of /tmp

# cp -rp /tmp /tmp.bak

Create a partition of 2GB using the below command

# dd if=/dev/zero of=/usr/temp-disk bs=2M count=1024

Create the file system on it using the mke2fs command

# mke2fs -j /usr/temp-disk

Unmount the current /tmp partition

# umount /tmp

Mount the new /tmp filesystem using the below command

# mount -t ext3 -o rw,noexec,nosuid,loop /usr/temp-disk /tmp

Set the correct permission for /tmp

# chmod 1777 /tmp

To verify the partition, execute:

# mount

Restore the content of old /tmp.bkp directory

# cp -rp /tmp.bak/* /tmp

Start Apache and MySQL services.

# /etc/init.d/httpd start; /etc/init.d/mysql start

To make sure this partition is mounted automatically after every reboot, edit the /etc/fstab and replace /tmp entry line with the following one.

/usr/temp-disk /tmp ext3 rw,noexec,nosuid,loop 0 0