RSS Feed
Latest Updates
Dec
22
December Holiday Schedule
Posted by Juli Z. on 22 December 2015 04:39 PM

Happy Holidays!

rackAID's sales, case-based support, and billing departments will be closed 12/24 - 12/27/2015 for Christmas. These departments will also be closed for New Year's, 12/31 - 1/3/2016.

Customers with managed services or managed servers will continue to receive 24/7 support during this period. 

If you are a management client and need assistance, just open a ticket in our helpdesk - as always we are staffed 24/7 to handle urgent issues.

 


Read more »



Nov
20
Thanksgiving Holiday Schedule
Posted by Juli Z. on 20 November 2015 05:33 PM

rackAID's sales, case-based support, and billing departments will be closed 11/25 - 11/27/2015 for the Thanksgiving holiday. 

 

Customers with managed services or managed servers will continue to receive 24/7 support during this period.

 

Sales, case-based support, and billing departments will reopen Monday, 11/30.

 

If you are a management client and need assistance, just open a ticket in our helpdesk - as always we are staffed 24/7 to handle urgent issues.

 

 

 


Read more »



Oct
28
Joomla SQL Injection Attacks
Posted by Jeff H. on 28 October 2015 11:19 AM

Joomla SQL Injection Attacks

Security groups have reported a spike in Joomla based attacks over the past week.

 

An SQL injection attack allows a remote attacker to execute SQL statements against your database.  

 

If you run Joomla, check that your site is fully patched.

 

You can find more details here:

Truswave Report

Sucuri Report

 

There are multiple CVE's that relate to this issue.  These will be updated as more details emerge.

CVE-2015-7297

CVE-2015-7857

CVE-2015-7858

 

Web Application Firewalls

If you cannot update your application, we may be able to assist you in setting up a Web Application Firewall (WAF) service.   We work with a few different companies depending on your needs.  Cost range from $35-150/mo.  A WAF intercepts suspect traffic before it reaches your site.   This can give you more time to patch your software and prevent future attacks.

 


Read more »



Aug
26
PhoenixNAP Network Issues
Posted by Jeff H. on 26 August 2015 02:01 PM

PhoenixNAP Network Outage and Latency

We are seeing widespread outages and latency for the last 5 minutes for servers located at the PhoenixNAP facility.

Currently we are seeing these IPs starting with these number impacted:

  • 198.15.x.x
  • 108.170.x.x
  • 184.95.x.x
  • 184.164.x.x

We are working with the data center to determine the cause of the issue.  These issues are usually short lived.

 

Update 14:10

From our investigation, appears certain routes are experiencing higher packet loss than others.  We have checked servers and all server are online.  You may get reports of sites being up then down from end-users.   The Network Ops team at the data center is still investigating.

 

Update 14:13

Network Operations has identified the issue with an upstream transit provider.  They are working to mitigate the issue now.   They may have to adjust routing which can take 10-15 minutes to propagate. 

Update 14:33

We are now seeing recovery of our monitoring and general improvement on all routes.  We will request a Reason For Outage report from the data center.

At this time, we are showing all systems recovered.


Read more »



Jan
29
GHOST Security Issue in Linux
Posted by Jeff H. on 29 January 2015 04:31 PM

GHOST Exploit Update

If you have a management subscription with us, we have already patched your server.   With our automation framework, most systems receive security patches within hours of their release.

 

cPanel's Exim

In the proof of concept data released by Qualys they mention that Exim, which is used by cPanel, is vulnerable.  This only appeared to be an issue with certain scripting conditions enabled.  We have restarted Exim to assure that it is using the patched glibc.

Reboot Needed?

At this time, we do not see a need for a full server reboot.  While many programs use glibc, the exploit impacts a specific hostname function.  This function must be used in a specific way within the application. 

At the time of this update, most services used on hosting systems are not impacted.   As a precaution, we have restarted some key services.

 

If any changes emerge or significant security issue develops, we will update our news.

 

Questions?

If you have a question about GHOST, please open a low priority ticket.  If you have a security issue, GHOST is unlikely the cause.  In more than 98% of all security incidents we investigate, outdated web application software or poor PHP programming is the cause of the security breach.

 

 

 

 

 

 


Read more »