I must say, I am very happy with the support you and your crew are analysis and DB development, and other folks would do the sysadmin. This is like having that same setup, except you guys are more responsive.
|Posted||Thu, 23 Oct 2014 06:57 AM UTC|
|Last Update||Thu, 23 Oct 2014 07:11 AM UTC (53 hours ago)|
Thu, 23 Oct 2014 07:10 AM UTC: A VPS flooding the network has been isolated to prevent further issues. Normal service should be restored.
host599.rimuhosting.com is not responding normally. We are investigating and may have it restarted.#
|Posted||Mon, 20 Oct 2014 22:14 PM UTC|
|Last Update||Mon, 20 Oct 2014 22:43 PM UTC (110 hours ago)|
|Affected Data Center||New York|
We are seeing issues with some servers located in the NY data center we use. We are investigating.
@UTC 2221: Servers are responding again now.
Update from the data center:
Between 6PM – 6:15PM One of our upstream Peers started flapping, The Network Team got the Alert and responded.
The BGP Flapping took 5-10 minutes to stabilize across the networks. Some clients indicated some routes took longer to settle, however once everything completed there were no more issues being seen. We do not expect any other problems.#
|Posted||Wed, 24 Sep 2014 21:59 PM UTC|
|Last Update||Thu, 2 Oct 2014 22:10 PM UTC (23 days ago)|
Shellshock update at 3 October
What a busy few days! Security researchers have found a few related bugs. And there are now (as of a day or two ago) patches for all of them.
We been working night and day to create a deshellshock script (if you are a syadamin, please feel free to review and provide improvements at https://github.com/pbkwee/deshellshock ).
We have created a page where customers can review the status of our running that script on their servers. So you can see if you were vulnerable (tip: you were) and whether we can detect any current vulnerabilities after applying any changes.
To review the status of your servers go to http://rimuhosting.com/cp/shellshock.jsp
We have emailed customers where we have access to all their servers and cannot detect the vulnerability on any of their servers.
We are continuing to work on the deshellshock script for other customers to see if we can get it working for even more servers.
If the shellshock page reports we cannot log in, please enable our login (per https://rimuhosting.com/knowledgebase/rimuhosting/rimuhosting-ssh-access)
Shellshock: the bash vulnerability
There is a vulnerability (actually a set of vulnerabilities) in most versions of bash.
Bash is used in a variety of ways. Via web scripts. OpenSSH environment variables. And probably a number of other ways no one has thought of yet. This means there are potentially many ways (vectors) this vulnerability could be exploited.
So it is very important to fix this issue.
Patching the vulnerability
To check if you are vulnerable, first check http://rimuhosting.com/cp/shellshock.jsp
This will report the results of https://github.com/pbkwee/deshellshock running on your server.
If we do not have access to your server you can run download and run https://github.com/pbkwee/deshellshock or submit a ticket via http://rimuhosting.com/cp/shellshock.jsp for us to manually do that for you.
For modern, supported distros you can simply run apt-get install bash. Or yum install bash. To install the fixes. This should work fine on Centos 7, Centos 6, Debian 7. And Debian 6 if you are using the lts repositories.#