Thursday, December 3, 2009

Scheduled Outages

We've created an area for scheduled maintenance listed on the front page, as well as a separate page for outages. In the future you will be able to subscribe via RSS to our outages page so you can subscribe to this feed, and receive a notification anytime we post an outage. We will do our best to keep unscheduled outages to a minimum, but as you know at times this is unavoidable.

Any network events which we are aware of that may affect the operability of our network are evaluated by our staff. When we evaluate whether an event constitutes an outage we will take the following criterion into consideration: point(s) of failure, status of our network monitors, whether or not it is customer affecting (if yes, then the number affected), duration of event, and the cause of the event. The Internet does have minor issues now and again for short periods of time (less than 15 minutes), especially during periods of high network congestion. We will not post any network event which we feel does not satisfy sufficient concern on our outages page. If you feel that there may be an outage then please contact us at [email protected].

Wednesday, December 2, 2009

FreeBSD "local r00t zeroday" exploit patched

The FreeBSD security team has released a patch to correct a critical security flaw which has been confirmed to be present in the FreeBSD 8.0-RELEASE, FreeBSD 7.2-RELEASE, and FreeBSD 7.1-RELEASE operating systems. NullShells Networks has two DDoS Protected shell servers which run FreeBSD 7.2-STABLE; and these may have been vulnerable to this security flaw. However, both machines were immediately patched within 24 hours of the release of this exploit code.

The exploit code for the flaw was published on the Full Disclosure security mailing list, to which we are subscribed. This code allowed restricted users on a machine to circumvent standard security conventions present in the aforementioned operating systems. The problem was caused by a bug in rtld (run-time link editor), under which the LD_PRELOAD environment variable could be manipulated to load libraries which would normally require root privileges. In this case, rtld could be tricked into executing binaries with root privileges.

Fortunately, our 6.3-STABLE machines with our web hosting customers are not vulnerable to this exploit. All of our customers can be confident that we are doing our best to stay up to date with the latest versions and patches, while maintaining the security and integrity of our systems.

If you have a server running FreeBSD 8.0-RELEASE, FreeBSD 7.2-RELEASE, or FreeBSD 7.1-RELEASE then we recommend you patch your systems immediately. A restricted user on your machine could exploit this hole to compromise your entire server. You can find the FreeBSD security team's notice and a link to the temporary patch in their mail archives at

Sunday, November 29, 2009

Special offer ending Cyber Monday

Did you know we recently introduced our VPS services? NullShells is offering customers VPS at rock bottom prices; there is no setup fee, no contract, and the standard technical support we offer comes with no additional charges. With our VPS you have full root access and control over your server, you can install what you want to install. We recommend these VPS for more experienced users, who want to administrate their own server. If you would like we can offer you managed VPS with the Premium Support Package which includes 10 hours of "hands on" administration from our staff.

In addition to the above, I am able to extend a special offer to include free Secondary DNS, or Primary DNS (with your VPS as a hidden primary) on any Copper VPS until Monday, November, 30th 2009. Our DNS service allows you to create unlimited sub-domains. Our DNS network has name servers geographically distributed and ready to handle all your domains without problems. For customers who wish to use only our DNS, we will be introducing a DNS service in the near future which is based on our DNS network.

Our Copper VPS is a great service for organizations and individuals: web hosting, development, and even casual IRC usage. The competitive prices and these offers we for our Cyber Monday sale will not last. Our Copper VPS with the ISPManager Lite control panel which is also being thrown in for free is a $588/yr. value for only $200/yr.

With the free DNS and free ISPManager any customer who purchases Copper VPS will be receiving a $888/yr. value for only $200/yr; this DNS service included for free will work for up to 100 domains. An additional 100 domains is $300/yr.

Offer ends with Sale on 11/30/09 11:59 EST.
Order Now on our page before the sale is over!

Friday, November 27, 2009

Black Friday through Cyber Monday Bonanza

Our Black Friday through Cyber Monday Bonanza includes former, current, and new customers and can be applied on any new order through Monday, November, 30th 2009; details are as follows: Okay our Black Friday through Cyber Monday sale is as follows:

Micro Shell Hosting
1 Back Ground Process
25 MB Storage
Crontab, GCC, JDK
IRC Allowed
Bots/BNCs Allowed
SSH Access
SALE: 12/yr.
50% Off!

Advanced Shell Hosting
8 Back Ground Process
300 MB Storage
Crontab, GCC, JDK
IRC Allowed
Bots/BNCs Allowed
SSH Access
SSH Tunneling
SALE: $96/yr.
Save $24/yr.

Premier Web Hosting
5 GB Storage
50 GB Bandwidth
100 FTP Accounts
500 EMail Addresses
100 MySQL Databases
50 Domains
SALE: $168/yr.
50% Off!

Copper VPS Hosting
10 GB Storage
100 GB Bandwidth
1 IP Address
Root Access
SSH Access
SALE: $200/yr.
Save $28/yr.

Add On to Copper VPS for Web Hosting only:
ISPManager Lite
Save $360/yr. (discount applies to non-IRC customers only).

One item per customer.
All features are not listed.
Sale ends 11/30/09 11:59 EST.

Order Now on our page before the sale is over!

Monday, November 23, 2009

Happy Thanksgiving!

For those of you who celebrate it, we're wishing you a Happy Thanksgiving! You are probably already getting excited for some turkey, stuffing, gravy, cranberry sauce, and the rest of the holiday feast this Thursday - don't forget to save room for dessert! We're very grateful for you all and we hope you'll get to spend a wonderful time visiting with friends and family, sharing your gratitude, and eating lots of great food.

We know that immediately after Thanksgiving, the holidays are only a short while ahead and everyone is ready to start their holiday shopping. Our 4 year anniversary just went by, and we wanted to give you something special this year to look forward to... we're going to kick off the holiday season here at NullShells Networks with a 4 day sale. I'm not able to divulge all the details of the sale yet, but I can tell you that the sale is going to start on Black Friday and end the night of Cyber Monday.

If you don't know already, Black Friday is the day after Thanksgiving. Many retailers across the U.S.A. open their doors at 5AM with long lines of patrons waiting to partake in their special one-time a year sale prices. You can really get amazing prices on some quality products. Cyber Monday is the Monday after Black Friday; it's the online equivalent of Black Friday when many online retailers begin their special one-time holiday sales where you can often find the lowest prices throughout the year.

Check back on Black Friday, and tell your friends to also; we will be posting our special sale prices early on that day.

Tuesday, November 17, 2009

SSL Encryption is in at Nullshells Networks - Part 3

SSL Encryption is totally in at Nullshells Networks!

It's been almost a year since our first post about SSL Encryption here at NullShells and it's amazing how much changes in a year. Now we've decided on an SSL certificate authority for the main site... even though we do have some reservations. I still believe that browsers generally distort the user experience by labeling self-signed certificates as untrusted, and trusting corporate certificates from authorities. I think that this is all steeped in greed and the desire to manipulate people into paying for something that they can create themselves for free. Anyone can setup their own CA, when they don't want to make a self-signed certificate, they can do it the same way the trusted CAs do, and it still won't recognize your certificate as trusted in a browser.

The authority we decided on was AlphaSSL; we purchased an SSL certificate through Dynadot for only $12, that's $53 off the price through AlphaSSL directly. All in all this is a pretty reasonable price to allow our customers to avoid the annoyance of having to trust a self-signed certificate. In my opinion, this is a fair price considering the costs that are involved with creating a certificate authority and distributing certificates through the web. Overall this is a good value for both us and you. In addition to that, we found that the AlphaSSL certificates support many mobile devices that aren't supported through other websites!

If you've got your own website, you have web hosting with us, and you want SSL then we recommend you get one of these $12 certificates on your website too. Otherwise, you are still welcome to use our systems to generate a free self-signed certificate for your website. However, please note that in order to take advantage of your certificate on our hosting servers, you do need to purchase an IP for $2/mo. for your domain name. Once you purchase an IP you can use your self-signed or purchased SSL certificate on your website. You only need to contact us to have us add it to our our apache configuration file, or we request access to this file yourself.

Alternately, you also can use our shared certificate (self-signed) simply by enabling SSL through the checkbox in our control panel. Once you enable this you will have the shared SSL certificate we offer on the main IP for all of our websites on that server. As an example, below you can see what an SSL dialog looks like in the control panel for our main website at

AlphaSSL SSL certificate should be supported as trusted by pretty much all browsers. If you have problems then we definitely want to know! So in the rare case that this happens, write us a detailed report of the problem (please include a screenshot) and mail it to [email protected].

Tuesday, October 13, 2009

Our Unbeatable 4 Year Anniversary Sale

Nullshells Networks has an Anniversary coming up!

Time flies so fast, as I'm writing this we've been providing shell accounts to users around the world for nearly 4 years. I'm excited to celebrate our our upcoming anniversary and to blog about our special sale. Our Unbeatable 4 Year Anniversary Sale includes former, current, and new customers and can be applied on any new order through Sunday, October, 18th 2009; details are as follows:

Micro Shell Hosting
1 Back Ground Process
25 MB Storage
Crontab, GCC, JDK
IRC Allowed
Bots/BNCs Allowed
SSH Access
PRICE: $2/mo. SALE: $1/mo.

Starter Web Hosting
100 MB Storage
1 GB Bandwidth
1 FTP Accounts
5 EMail Addresses
3 MySQL Databases
1 Domain Zone
PRICE: $3/mo. SALE: $1.50/mo.

One item per customer.
All features are not listed.
Sale ends 10/18/09 11:59 EDT.

See services page for additional details.

With this sale you must pay for a year at once. Please email [email protected] with any questions you may have about our sale, or other services. If you're reading this and the sale is already over, don't worry. Anytime you pay for a half a year, or a year in advance then we may be able to set your package(s) up with a special discounted price. When you pay in advance, we're happy to pass on the money we save from PayPal fees over to you. We challenge you to find any established competitors that are offering a sale or discounts like these!

Thursday, August 20, 2009

Short URL Redirection - Part 2

Shortened URL's are getting increasingly popular everyday. Some services such as actually offer traffic statistics on how many people click each URL, and from what location they're located. It's really great to see that there are multiple URL shortening service choices for users around the world.

In the past, we did use for all of our URL shortening needs, but for the time being we've decided to choose another service with more features. At first, I was a little wary about, because I didn't know much about it. However, now I'm feeling a bit better about it because it is the shortest URL for a URL shortening service out there.

Unfortunately, these services are difficult to monetize and these can be expensive to run.... especially a service as big as which doesn't have the support that has gotten from twitter. A week ago The Nambu Network Inc. announced that they were shutting down completely. Luckily, was been brought back to life by almost immediately after it's announcement of being shut down. There was so much popular demand that Eric Woodard from The Nambu Network Inc. has agreed to handle the shortfall in’s operating expenses, in the blog indefinitely. He's also agreed to make it community owned and operated from donations, and release the code as open source. In my opinion, this is absolutely brilliant! I'm really glad is sticking around and that it is going open source.

Well, I don't particularly care for the fact that at the present time twitter has integrated into their services. I liked it the way it was before they integrated everything together. The service also doesn't always shorten URLs so I'll be posting something on our twitter, from nullshells, and then it won't shorten it. Really frustrating... so I think I'll just use to setup the URLs I want to shorten.

Going forward, as stated in their blog, " will add the capability for anyone to use their own domain name on’s platform, also free of charge, on a donation basis." I'm waiting for this capability, this is something I'm eagerly anticipating.

Tuesday, August 4, 2009

SSL Encryption is in at Nullshells Networks - Part 2

We offer 256-bit SSL Encryption when accessing our page. You'll find that this is the same level of encryption offered in the banking industry and the highest standard supported by browsers today.

We've also recently decided to try one of the 90 day free Comodo SSL certificates. Our users have been asking for a certificate to get rid of those annoying browser nags that come with an "untrusted" certificate, and since it is free for 90 days we figured we'd try it out. We're hoping this will boost sales and customer satisfaction enough to warrant to purchasing one of these exorbitantly priced certificates (they run around $100). However, if we don't see any significant benefits, we're going to ask you please deal with the nags when move back to self-signed certificates in the future. I'm sure you all would rather have service upgrades than a fancy certificate with someone else's name on it than ours. We'd hope you have enough faith in NullShells Networks to properly create our own certificates.

Unfortunately, some people don't realize that "trusted" only means that someone gave some cash to one of the organizations that have made shady deals with the browser companies. If you do your research you'll find these certificates are not any more secure at all. These "trusted" certificates are about making money, and there are obvious drawbacks to really trusting a "trusted" certificate. Many people trust sites simply because the certificates are "trusted", when they actually don't pay attention to the address bar and see that the site address is actually different from the one they intended to visit, e.g.; this is called phishing - don't enter your information on these sites. In addition to phishing, having "untrusted" warnings on legitimate websites discourages people from visiting a secure site and even people from using SSL encryption altogether.

I believe browsers need to recognize self-signed certificates the same as other certificates; without fear mongering people into purchasing certificates from some major corporation. I've never seen an illegitimate business that uses a self-signed certificate, and it's not fair to punish legitimate companies that are offering encryption because they don't want to shell out the cash to some "trusted" certificate authority (CA).

If you have web hosting, and want your own SSL Certificate with NullShells Networks, we don't charge you at all. Our control panel automatically will generate you a self-signed certificate that offers 256-Bit SSL encryption when you check the box to enable SSL on your website. If you want to generate your own self-signed certificate you can find directions for this here.

Thursday, July 9, 2009

New Billing System

I know that there have been some billing system problems with automatic payment detection. This was a feature we wanted in our systems and this is why we migrated to this new billing system at the beginning of this year.

We've now done some tweaks and are able to fix automatic payment detection for accounts that were transfered to the new billing system back in January 2009.

We still check all payments manually as well; however, it can take some time to complete this process.

If you're having any problems at all please send us an email to [email protected] or open a support ticket.

Page Revamped!

Our main page has been merged into the new billing & ordering system at We hope you understand that the changes to our web page will make ordering service and making payments easier for you.

List of Changes:

1. Support area added with a direct link to Open a Ticket.

2. Search Box changed to Search Link in Support section on the left hand side navigation area.

3. Client area added with Client Info, Order Info, Invoice Info accessible on the left hand side navigation area.

4. Alternate Contact Us page with direct emails.

5. Added an About Us page with some quick facts about the company.

6. News is accessible now through the left hand side navigation area.

We've recently got in touch with Brad the guy who did some design on and he's volunteered to help us a bit with design. So hopefully we will see additional improvements soon!

Thursday, April 23, 2009

Short URL Redirection

These days pretty much everyone uses short URL redirection services like Lately I've been playing around with, which has neat place called "My Lenks" where you can store your shortened URLs for future use. If you email back and forth with me for your account, you might see I've shortened your URL with one of these services. I usually use different short url redirection services, but I think I'm about to switch over and use solely.

I like the page design at as well; Brad Purchase, you are welcome to help redesign our page anytime.

Wednesday, February 11, 2009

Launch Minefield now

My Mozilla Firefox kicked the bucket on my P4 2GHZ workstation. I've gone ahead and installed the latest experimental Minefield browser from Mozilla. Minefield is essentially the next version of Firefox, however many problems are fixed from the previous version. Unfortunately all add ons won't work unless you use the nightly tester tools. It's not THAT new though, other bloggers {, have been using it, they have blogged about how great Minefield works quite some time in the past.

If you're still using Firefox, I highly recommend upgrading. I've been testing it personally for a while, it's stable and 10% faster than Google Chrome. The restore session dialog, which I love using, is much improved from previous versions of Firefox. I use Minefield to surf NullShells Networks as well.

Tuesday, January 13, 2009

SSL Encryption is in at Nullshells Networks

I thought I might title this "SSL Encryption is totally in at Nullshells Networks," but then I found myself heralding the 80's colloquialisms such as "totally radical man" and "totally awesome dude" back too soon. Still, that's not to say I've simply decided to hold onto a belief that humanity might just be okay with these left in the past. I figure these can make it back on their own time without my help.

In the meanwhile, take comfort while you're reading that I won't cry when you leave our blogger page to surf the rest of our web pages securely over HTTPS, which is HTTP over SSL. 128-bit SSL is the minimum standard for HTTP based secure communications. This technology is used for transmissions which might include personal information, such as online shopping. We use 256-Bit SSL here at NullShells Networks, and we recommend you always use the encrypted version of our web page by visiting

Okay, you clicked the link, and it says "This Site is Untrusted", or something to that effect. It's because we use what's called a self-signed certificate. This secure certificate we use is an SSL certificate that is signed by it's own creator. That is to say the person that created the certificate has also signed off on its legitimacy. You can be sure this certificate is safe as long as you trust NullShells Networks.

We don't use certificates signed by widely trusted third parties, I see this as an obvious scam. Most, if not all of these sketchy third parties charge exorbitant fees for being able to generate or sign your shared certificates and personal certificates. When you want an SSL ceritifcate with a higher level of encryption than their entry level certificates, these organizations charge you. In addition to that, often times these companies sell shared certificates which are used by frighteningly vast numbers of other individuals.

However, there still are advantages to purchasing a certificate from a trusted third party, especially for those individuals who desire the backing of a trusted organization in order to boost sales. In these cases, we recommend using our servers to begin the process of creating your SSL certificate, by creating a CSR and then sending it off to the certificate authority of your choice.

Our servers are compatible with both self-signed, shared, and other SSL certificates which are available for integration with your websites. We're more than happy to help any of our customers with the process of getting their page setup with the SSL certificate of their choosing.