Thursday, December 3, 2009

Scheduled Outages

We've created an area for scheduled maintenance listed on the front page, as well as a separate page for outages. In the future you will be able to subscribe via RSS to our outages page so you can subscribe to this feed, and receive a notification anytime we post an outage. We will do our best to keep unscheduled outages to a minimum, but as you know at times this is unavoidable.

Any network events which we are aware of that may affect the operability of our network are evaluated by our staff. When we evaluate whether an event constitutes an outage we will take the following criterion into consideration: point(s) of failure, status of our network monitors, whether or not it is customer affecting (if yes, then the number affected), duration of event, and the cause of the event. The Internet does have minor issues now and again for short periods of time (less than 15 minutes), especially during periods of high network congestion. We will not post any network event which we feel does not satisfy sufficient concern on our outages page. If you feel that there may be an outage then please contact us at [email protected].

Wednesday, December 2, 2009

FreeBSD "local r00t zeroday" exploit patched

The FreeBSD security team has released a patch to correct a critical security flaw which has been confirmed to be present in the FreeBSD 8.0-RELEASE, FreeBSD 7.2-RELEASE, and FreeBSD 7.1-RELEASE operating systems. NullShells Networks has two DDoS Protected shell servers which run FreeBSD 7.2-STABLE; and these may have been vulnerable to this security flaw. However, both machines were immediately patched within 24 hours of the release of this exploit code.

The exploit code for the flaw was published on the Full Disclosure security mailing list, to which we are subscribed. This code allowed restricted users on a machine to circumvent standard security conventions present in the aforementioned operating systems. The problem was caused by a bug in rtld (run-time link editor), under which the LD_PRELOAD environment variable could be manipulated to load libraries which would normally require root privileges. In this case, rtld could be tricked into executing binaries with root privileges.

Fortunately, our 6.3-STABLE machines with our web hosting customers are not vulnerable to this exploit. All of our customers can be confident that we are doing our best to stay up to date with the latest versions and patches, while maintaining the security and integrity of our systems.

If you have a server running FreeBSD 8.0-RELEASE, FreeBSD 7.2-RELEASE, or FreeBSD 7.1-RELEASE then we recommend you patch your systems immediately. A restricted user on your machine could exploit this hole to compromise your entire server. You can find the FreeBSD security team's notice and a link to the temporary patch in their mail archives at http://docs.FreeBSD.org/cgi/mid.cgi?200912010120.nB11KeaW086655.