Friday, December 23, 2011

Outgoing mail server certificate replaced

We have replaced our outgoing mail server certificate with a new certificate. Our SMTP certificate is signed with a 4096-bit key which exceeds the NIST RSA keys post-2010 standard recommendation. The recommendation was that 1024-bit RSA keys should only be depended on until December 31st, 2010 after which the minimum key size should be 2048-bit RSA.

NullShells networks has been proactive in staying up to date with the NIST standards and recommendations. All certificates issued after December 31st, 2010 should have a minimum 2048-bit RSA keys. We are actively moving any remaining certificates to 2048-bit and 4096-bit root certificates. We currently support and often exceed the same level of encryption offered in the banking industry. In the future we will continue to implement internal policy standards to protect our subscriber's security.

FreeBSD new exploit advisories patched

Today the FreeBSD security team has released new advisories related to security flaws which could affect our servers. Our machines were patched in less than 24 hours of the release of these advisories.

All of our customers can be confident that we are doing our best to stay up to date with the latest versions and patches, while maintaining the security and integrity of our systems.

We do not always announce security updates on our blog, but when there are major vulnerabilities patched we do generally make a post to keep everyone in the loop.

You may find the latest security advisories here:
http://www.freebsd.org/security/advisories.html

We wish you a joyful holiday season!



May the warmth of the holiday season fill your heart and home with love, joy, laughter, and goodwill. Let us cherish the special time we share with our friends, family, and loved ones this holiday season.

Together we will welcome and celebrate this blissful new year.

Monday, December 12, 2011

Congress wants to break the net!

Stop the Internet Blacklist Legislation

Congress is trying to pass a couple bills (Protect IP Act, SOPA Act) that would create internet censorship, and severely inhibit and even destroy large portions of the technology industry. This bill threatens NullShells and it's parent ISPs, it potentially puts a huge burden of DNS spoofing onto us and our parent ISPs as well as leaving our very existence on the net up to major media corporations.



Please visit the link above or visit https://www.eff.org/action and take action to prevent this bill from passing. Please also stop the government from forcing us to log your actions (putting an additional burden on us), and protect your privacy.

Don't Let Congress Order Internet Companies to Spy on You — Block the Data Retention Mandate

Monday, March 14, 2011

Competitor Pricematching

You may have known we do customized services for people who want specific packages, that include only for what they wish to use. In this way our customers with very specific needs can save money.

You may not have known we price match competitors which offer similar services to us. We wish to remain highly competitive within the market of the quality of services we provide. if you are wish to have services with us, don't hesitate to ask us to price match.

One thing I have always tried to stray away from is to offer service plans with unlimited space and unlimited bandwidth for some relatively cheap dollar amount. That's very dishonest. Realistically speaking unlimited bandwidth is almost incomprehensible and never could be reached by a single website. The idea itself is impractical, a hosting company could not legitimately offer unlimited bandwidth to every client.

Most websites consume a very small amount of bandwidth and disk pace. Web hosting companies that provide unlimited anything as a plan feature are banking on the fact that you won’t use very much, or they are planning to drop those who do use the most of their resources.

We will not price match unlimited plans, many of them have exorbitant setup fees, more strict requirements about what you can store and what you cant, a limit on the percentage of their resources you can use at any time, as well as poor support and overall service. We will gladly price match competitors that offer the same service plans we offer.

All of our customers could fully utilize their plans and our services would still have the same level of performance, reliability, and availability to which our community is attuned. We would also still be able to stay in business. You can expect fair and sensible prices from us. We can try to give you the lowest price possible; feel free to customize your plan and ask to "pay only for what you use". We don't mind haggling on details and pricing, and we'll do our best to match any competitors pricing.

Thanks for visiting our blog!

If you liked this article, you might also read:

10++ Reasons to choose NullShells Networks

Thursday, March 3, 2011

Our IPv6 Readiness

I know some of you are curious about where we stand as far as IPv6 readiness, goes and what our plans are as far as IPv6 hosting for the future on our network.

I have had multiple requests for IPv6 web hosting so that is a top priority for us to offer.

We just finished up an IPv6 beta on our shell services that lasted about 3 years, that has ended now and we are bundling IPv6 with shell packages as add ons. Currently these are $0.25 to cover the costs (fiscal and physical) of reverse DNS requests. I will be making them free on paid accounts in the near future. I hope that you will take advantage of this opportunity to experiment with IPv6 on our services.

Currently we're working with one of our ISPs to finalize our offering of native IPv6 on our VPS and VPN hosting. We've started the initial planning stages for IPv6 and OS/application upgrades for most services on our network, this should go seamlessly with little downtime. We've currently got the IPv6 SSH, Web Hosting, Mail, DNS, and FTP on our networks slated for completion by Q3 2011.

I've placed a a group of graphs, similar to the ones below, on the right side of this blog. You can follow our IPv6 readiness progress by looking at the overview there on the right. Without too much detail about the individual steps required, you can look below and get an idea of how we calculate percentages.

1. IPv6 Shell Hosting: Complete

null, atom, wave, vector, dimension (+ircd)

2. IPv6 SSH Access: Partially Complete

obsidian
dew

3. IPv6 FTP Access: Partially Complete

obsidian
dew



4. IPv6 Web Hosting: Unfinished

hosting & control panel

5. IPv6 DNS Hosting: Partially Complete

control panel
ns1
ns2
ns3

6. IPv6 Email Hosting: Unfinished

smtp,imap,pop3, webmail

7. Backup Hosting: Unfinished

flash**, lightning**, sprite** backup
( suspended beta and will need to be reviewed)

8. VPN Hosting: Unfinished

ssl/tls 2048bit siege vpn

8. VPS Hosting: Nearly Complete
copper*, bronze, silver, gold, platinum

0% = no plan
10% = no ipv6 connectivity, planning stages
25% = ipv6 connectivity, but planning stages
50% = ipv6 connectivity, but waiting for major configuration updates
90% = ipv6 ready & but waiting for config tweaks & improvements
* Removed service: we don't offer this service any longer.
** Suspended service: depending on interest, this service may be offered in the future.

Tuesday, March 1, 2011

SSL Certificate Updated in CRM

We have offered 128/256-Bit SSL Encryption when accessing our page for quite some time. You'll find that this is the same level of encryption offered in the banking industry and the highest standard supported by browsers today. All our certificates are signed with 2048-bit root keys and meet the latest NIST standards.

We strongly recommend accessing our ordering system/CRM over SSL, and this is why we have updated our certificate with a Comodo Positive SSL certificate in our ordering system/CRM. No annoying browser nags that come with a self-signed certificate on these pages.

You may also access our main page over SSL; this is not necessary, none of your personal information is displayed or stored on this domain. If you wish to use SSL on these pages we suggest you accept the self-signed certificate here and then trust this certificate. It is perfectly safe, and we feel it is as secure as the Comodo certificate since we are the issuer.

We also will continue to provide a self-signed certificate on our hosting/dns server panel for customers. We suggest you use SSL here as well, and accept the self-signed certificate. While no personally identifiable information is here, you will want your login information to go to our control panel encrypted over SSL.

If you have web hosting, and want your own SSL Certificate with NullShells Networks, we don't charge you at all. Our control panel automatically will generate you a self-signed certificate that offers 256-Bit SSL encryption when you check the box to enable SSL on your website. Self-signed certificates are just as good as "trusted" certificates; however, these are not recommended for e-commerce areas. If you wish to use any SSL Certificate with your Web Hosting plan, you will need to purchase a Static IP address and contact us to put the certificate in place.

Saturday, February 5, 2011

Goodbye 2010, Hello 2011!

It's been awhile, and things went slow here at NullShells Networks in 2010. I hope you all had a good Holiday Season, and were able to enjoy time spent with your friends and family. Don't worry, you didn't miss out on any Holiday sales in 2010 there weren't any! We'll have some sales coming up in the future, but for now we focusing on the updates needed to make this possible.

We have a new ordering/billing system, and there is a lot of tweaking to do; I still have to finish linking the services into our billing system. It has a special interface for promotions/sales, etc. and once the services are all linked in with our main page it will be easier to create special pricing for you all. Thanks for your patience, and please email [email protected] for now with any order/upgrade requests. I can enter whatever you need in manually into our ordering system for now. I've run this all out of pocket/for free for the past 5+ years so I appreciate your understanding with the time it takes to finalize the completion of the new web page.

NullShells Networks has new goals for 2011, which will allow us to better serve our customers. I will give you a short preview of what is in store for early 2011.

1) Improved DNS efficiency (80% complete)
2) Faster connections and more resources (50% complete)
3) DDoS attack mitigation within 24 hours (100% complete)

This should all be 100% complete by this weekend. We have always had an active DDoS mitigation strategy, but as of this year the way we mitigate attacks will change. We will continue to aggressively report any and all abuse to the originating data center(s), and our zero-tolerance policy for users abusing our network will remain in effect.

Our IRC Shells will continue to be DDoS Protected.

If there's something you want this year please write [email protected] and give us a heads up about what you're looking for in the future. Right now we're already seriously looking at including svn with our web hosting. I'll read at each email personally and seriously consider all of your suggestions.