Openssl Vulnerability – Heartbleed Bug

What is it?

Chances are, you’ve already heard about the recent discovery of what’s being called the “Heartbleed” bug in OpenSSL. Basically, this is a vulnerability that existed in OpenSSL for around 2+ years. The vulnerability caused by a gap where encrypted information could potentially be leaked out to hackers. It is important to note that this is NOT due to a flaw in SSL, but rather the platform and implementation of the latest batch of OpenSSL updates.

The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.

Given the widespread use of OpenSSL on the internet as the implementation for SSL, and the fact that the bug has been in the wild for years, this means that it is possible that a lot of sensitive information may have been stolen by hackers.

Am I affected?

For servers running RHEL/CentOS 5, the version of OpenSSL used is not affected. For servers running RHEL/CentOS 6, the bug was patched the same day the bug was made public. For all servers managed and hosted with us, we have automatically patched the bug the day it was made public on affected servers. However this does mean that you are not vulnerable to the issue. The key used for your SSL certificates may have already been stolen in the time the bug is in the wild.

For safety, if you are running RHEL/CentOS 6, you are recommended to rekey your domain and request for a reissue of the certificate. If you ordered the certificate from us, we will be regenerating the keys and reissuing the certificates automatically as well.

Personally if you have changed your passwords on any affected sites over the past 2 years, you are encouraged to confirm that the affected site have updated their certificates and change your passwords again.

How does Sprintserve network outperforms our competitors?

There are a few main criteria that determines how a network performs. Each transit provider is a highway for data to travel upon. The more transit providers you have, the more highways you have to choose from when considering the best route. How is this advantageous? To put it simply, just like a highway, you may have traffic jams, or some highways may be more direct than others. Similarly, not every provider promises to be the best route. As such, more options gives us more alternative routes to choose from, allowing for a more optimal choice. Our network offers 8 transit providers. The next determinant of how a network performs depends on how this optimal route is chosen. Most networks uses Border Gateway Protocal (BGP) which typically route the traffic best on the shortest route. In the ideal world, this will be the fastest way as well. However the world is seldom ideal. For a highway, you may have a traffic congestion, road closures, and other blockages that resulted in the most direct route being slower. If you monitor the traffic conditions realtime using actual traffic maps, you could use detours that are not congested. That’s what our network does as well. Instead of simply using BGP to choose the shortest route, our network utilized intelligent routing based on Internap’s Flow Control Protocol. For more information, feel free to drop us an email.

Reclaiming space from PHP error logs

If you ever have a Cpanel server running after a while, you would notice invariably that most of the accounts or users will have accumulated error logs within their home directories. When you have a running server for a while, this can take up many GB. Here’s a quick way to reclaim some space:

find /home/ -name error_log  -exec rm -rf {} \;

Enjoy some extra space!

Sprintserve Net Antispam Cloud

For any of our shared server clients, most of you should be aware by now the conversion of all our emails handling over to our own cloud. For those who are still blissfully unaware, there is just one thing we like to mention in this post that’s technical. If you are using your own DNS, please send us a support ticket with the domain so that we can activate your domain in our cloud. The entries you need to edit at your DNS provider is to change all your MX entries to the following:

  • mx1.sprintserve.net (Priority: 0)
  • mx2.sprintserve.net (Priority: 1)

If you are procrastinating, here is just some statistics that we will share with you that may help give you some impetus to do it as soon as possible:

Antispam Cloud Statistics

Antispam Cloud Statistics – 92% spam rejection rate

For those who want to save some time, that is a spam rejection rate of about 92% of all emails received.

Some of the benefits:

  • The cloud will be geographically dispersed shortly. This will ensure your emails will still be received and queued by our cluster and it will forward to your account once your server returns.
  • We will also scan outgoing emails. This will help protect the integrity of the IPs of the server and reduce incidences of blacklisting.

 

For our dedicated customers, we can protect your server as well. Please contact sales and we can provide you a quote. We will take care of all the setup and conversion for you.