Re: [bitfolk] IMPORTANT: You need to renumber the IP address…

Top Page
This message is part of the following thread:
M+\the complete thread tree sorted by date
MMMAndy Smith at <-
MMMAndy Bennett at ->

Reply to this message
Author: Mike Zanker
Date:  
Subject: Re: [bitfolk] IMPORTANT: You need to renumber the IP address(es) of your BitFolk VPS
he
> "?-s" off) and not anything that would scream "VULNERABLE!!!" at me.
>

You sure about Ubuntu not putting an update out?

https://launchpad.net/ubuntu/+source/php5/5.3.2-1ubuntu4.15 suggests otherwise.

Announce went out some days back, and the new packages were already available.

https://lists.ubuntu.com/archives/ubuntu-security-announce/2012-May/001678.html

Al. 


From murray.crane@??? Wed May 09 15:52:22 2012
Received: from mail-ob0-f176.google.com ([209.85.214.176])
    by mail.bitfolk.com with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16)
    (Exim 4.72) (envelope-from <murray.crane@???>)
    id 1SS9Be-000315-1C
    for users@???; Wed, 09 May 2012 15:52:22 +0000
Received: by obbef5 with SMTP id ef5so696811obb.21
    for <users@???>; Wed, 09 May 2012 08:52:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
    h=mime-version:in-reply-to:references:date:message-id:subject:from:to
    :cc:content-type;
    bh=P3cdaWJwVMl3rL0mMWC8b/4nyvqEkTHIp6L4taReC28=;
    b=ZG4Vjlj7UUjkUaZyfILV82cUxiTMwn/fKn2MQ78DWW1ym+GYZNBMHW9unAEUlZyY0t
    w7hHt+dkYwqtvFdnoHLWYStZ2SGnJLcu9q9WtJ9LzNUgvsNIhQPDJqNwDQ6G369fC+JU
    UAKaFZDka6RpJrJOWhTNsBQNvuxDi37Pdle6QO+L6lkpGMQwRTMlEa3OuLG8WpU/Jivc
    t0GXvHOL2JDwFEU8qh9XLmVrmBZ4tu7/EYHGgsJPa1B5Oc+ScS+aaoYlusdz/wEXzgfs
    scJpdunpuPpa+w6fSE5F5eDAUgwI5sdeApAwbfI47MhQJeEwZJPakQN0Y8vgisBgqOiR
    244g==
MIME-Version: 1.0
Received: by 10.182.141.9 with SMTP id rk9mr838901obb.50.1336578735625; Wed,
    09 May 2012 08:52:15 -0700 (PDT)
Received: by 10.60.9.102 with HTTP; Wed, 9 May 2012 08:52:15 -0700 (PDT)
In-Reply-To: <CAJQXyccwd_MJyWBpUt2v=1+PFnkDENs0rKzw7NtyKxt16jMZxg@???>
References: <20120509142238.GR12360@???>
    <CAAiW_Gms7vhofCWzrq0-1tty=xu6r9S58Hx6YWUVTkKDB1CqWQ@???>
    <CAJQXyccwd_MJyWBpUt2v=1+PFnkDENs0rKzw7NtyKxt16jMZxg@???>
Date: Wed, 9 May 2012 16:52:15 +0100
Message-ID: <CAAiW_GkjR4fZNUTJkXAUGvkmW7r96yzM9pNjutpP5t1TJKaRjA@???>
From: Murray Crane <murray.crane@???>
To: Alan Pope <alan@???>
Content-Type: multipart/alternative; boundary=e89a8f6428ecc0567804bf9c7c90
X-Virus-Scanner: Scanned by ClamAV on mail.bitfolk.com at Wed,
    09 May 2012 15:52:22 +0000
X-SA-Exim-Connect-IP: 209.85.214.176
X-SA-Exim-Mail-From: murray.crane@???
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
    spamd1.lon.bitfolk.com
X-Spam-Level: 
X-Spam-ASN: AS15169 209.85.128.0/17
X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
    DKIM_VALID_AU,HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS shortcircuit=no
    autolearn=disabled version=3.3.1
X-Spam-Report: * -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at
    http://www.dnswl.org/, low *      trust
    *      [209.85.214.176 listed in list.dnswl.org]
    * -0.0 SPF_PASS SPF: sender matches SPF record
    *  0.0 HTML_MESSAGE BODY: HTML included in message
    * -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
    author's *       domain
    * -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
    *  0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
    *      valid
X-SA-Exim-Version: 4.2.1 (built Mon, 22 Mar 2010 06:51:10 +0000)
X-SA-Exim-Scanned: Yes (on mail.bitfolk.com)
Cc: users@???
Subject: Re: [bitfolk] PHP-CGI exploit probes seen - please make sure your
 VPS is secured against this
X-BeenThere: users@???
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: Users of BitFolk hosting <users.lists.bitfolk.com>
List-Unsubscribe: <https://lists.bitfolk.com/mailman/options/users>,
    <mailto:users-request@lists.bitfolk.com?subject=unsubscribe>
List-Archive: <http://lists.bitfolk.com/lurker/list/users.html>
List-Post: <mailto:users@lists.bitfolk.com>
List-Help: <mailto:users-request@lists.bitfolk.com?subject=help>
List-Subscribe: <https://lists.bitfolk.com/mailman/listinfo/users>,
    <mailto:users-request@lists.bitfolk.com?subject=subscribe>
X-List-Received-Date: Wed, 09 May 2012 15:52:22 -0000


--e89a8f6428ecc0567804bf9c7c90
Content-Type: text/plain; charset=ISO-8859-1

All my Ubuntu boxes (that I can currently access, that is) have back-port
fixes, so all good. Thanks for the heads up Al.

Kind regards

Murray Crane



On 9 May 2012 16:35, Alan Pope <alan@???> wrote:

> On 9 May 2012 07:56, Murray Crane <murray.crane@???> wrote:
> > I'm running latest WP on Ubuntu LTS (10.04) using PHP5-CGI and lighttpd.
> I
> > know full well that my PHP5 will be vulnerable (v5.3.2, damn you Ubuntu;
> > CATCH UP FOR F**KS SAKE!!!), but I don't know how to go about securing
> it in
> > lighty (
This message was posted to the following mailing lists:
users
Mailing List Info | Nearby Messages		<-Re: [bitfolk] T-DOSERe: [bitfolk] IMPORTANT: You need to renumber the IP address(es) of your BitFolk VPS->
Bitfolk Mailing List Archive administrated by List AdminLurker (version 2.3)