Security

Disabling DCOM Support in RPC Over HTTP in Windows Server 2003

I know this is an older exploit, but, my servers are still getting scanned for the vulnerability. It’s always better safe than sorry when dealing with anything that opens your Windows server up to an attack and possible compromise.

Read on to determine if RPC over HTTP is installed and if it is how to secure your server against any attack that exploits this vulnerability.

Read More

The Basics Of Network Security

I was going to write up an article about network security. Right before I was ready to start the writeup I found this article so rather than re-inventing the wheel I decided to go with it.

A network is two or more computers linked together in order to share data. From a security standpoint, the problem with networks is that unauthorized individuals might also be able to access that data. Network security is a term that encompasses your overall system for keeping your network as impenetrable as possible, be it hardware, software, or company policies.

Read More

MySQL Server Privilege Escalation And Denial Of Service Vulnerabilities

Found this at SecurityFocus. MySQL is vulnerable to a couple new exploits.

MySQL is prone to multiple vulnerabilities, including privilege-escalation and denial-of-service issues.

Exploiting the privilege-escalation vulnerability may allow attackers to perform certain actions with elevated privileges. Successful exploits of the denial-of-service issue will cause the database server to crash, denying service to legitimate users.

These issues affect versions prior to MySQL 5.0.52, MySQL 5.1.23, and MySQL 6.0.4.

To exploit these issues, attackers can use standard database client software in conjunction with standard operating system utilities.

Solution:
The vendor released updates to address these issues. Please see the references for more information.
Note that MySQL 6.0.4 and 5.1.23 have not been released yet.

Hard to Detect Exploit in the Wild

I posted this on a couple forums I frequent and thought I would also post it here. While I run Windows servers I keep up with all web server security. As an admin I couldn’t afford not too.

I am sure most of you by now know there is a LKM (Loadable Kernel Module) exploit that is nasty and hard as heck to clean.

Read this thread at Webhosting Talk. Make sure you read it through as there is a users there that has investigated several boxes.

The original story first broke a week or so ago at TheRegister and then again a couple days ago at TheChannelRegister.

Read More