Tag: Security

There’s a new POODLE in town, but unfortunately it’s not the kind of pooch you want around. POODLE stands for Padding Oracle On Downgraded Legacy Encryption. It’s an exploit that, although not considered to be as serious as Heartbleed, is one that should still be protected against. For more information read the Google Blog.

There’s a new POODLE in town, but unfortunately it’s not the kind of pooch you want around. POODLE stands for Padding Oracle On Downgraded Legacy Encryption. It’s an exploit that, although not considered to be as serious as Heartbleed, is one that should still be protected against. For more information read the Google Blog.

On September 24th, a vulnerability was reported in the GNU Bourne-Again-Shell (BASh, or Bash), specifically a flaw with how Bash processes values of environment variables, that allows remote code execution of varying types in many common configurations. The overall risk is severe due to bash being configured for use, by default, on most Linux servers.

Firewalld is a complete firewall solution that has been made available by default on all CentOS 7 servers, including both Liquid Web Core/Self Managed dedicated servers as well as Liquid Web Self Managed VPS servers. Occasionally, perhaps for testing, disabling or stopping firewalld may be necessary. Follow the instructions below or, watch the newest video on how to disable and stop firewalld.

OpenSSL is a common cryptographic library which provides encryption, specifically SSL/TLS, for popular applications such as Apache (web), MySQL (database), e-mail, virtual private networks (VPNs), and more.

What is OpenSSL?

OpenSSL is a common cryptographic library which provides encryption, specifically SSL/TLS, for popular applications such as Apache (web), MySQL (database), e-mail, virtual private networks (VPNs), and more.

Updating the kernel on Red Hat Linux or CentOS Linux is a very simple process. Most commonly you will use the following command in the case of a security vulnerability, or perhaps just to verify that you’re running the most up-to-date kernel:

A vulnerability found in the Linux kernel, specifically a flaw with the pseudo tty (pty) device, allows an unprivileged user to cause a denial of service (system crash) or potentially gain administrator privileges. A small number of CentOS and Ubuntu versions are vulnerable, thus we want to highlight the following information:

Advanced Policy Firewall, or APF, is a software firewall commonly installed on Liquid Web servers. It is an interface to iptables, which is standard software for managing network ports on Linux. Interacting with iptables can be complex, but APF greatly simplifies the process. APF is only accessible via ssh, and there is no way to make changes in APF through WHM or cPanel.

CSF is generally considered an advanced firewall given it has many more configuration options than most other software firewalls (such as APF). It’s also still simple enough to install and configure, even for novice system administrators. For a simple overview on how to install and configure CSF and its security plugin LFD (Login Failure Daemon), visit our tutorial.