BitFolk Users March 2013

users@mailman.bitfolk.com

31 participants
21 discussions

File and folder permissions for static web pages

by Samuel Bächler

Dear All I installed nginx and configured it to use /var/www/default-page as its root folder for static web pages. ls -l /var/www returns drwxrw----. 2 nginx nginx 4096 Mar 9 11:00 default-page I do connect to the HOST where nginx is installed using ssh with public key encryption: ssh my_user@HOST my_user is just a plain vanilla user. I added my_user to group nginx. I used my_user to create web content such as a index.html file. ls -l /var/www/default-page returns -rw-r--r--. my_user my_user 827 Mar 5 21:30 index.html Does anyone see any security problems with this setup? When I remove execute permission for nginx of default-page (drwxrw---- -> drw-rw----) I get an error message (403 Forbidden) when I want to see index.html using a browser. I do not understand what nginx has to execute in default-page folder. Can anyone explain why nginx uses this execute permission? Regards Sam -- Samuel Bächler Obere Bläsistrasse 1 8049 Zürich Web: boeser.ch Tel: +41(0)43 817 46 28 Mob: +41(0)79 478 49 42

12 years

Can't get apache to sendmail

by rpassman - Shamac

Hi Please excuse a newbie style question, but I'm pulling my hair out trying to get sendmail to allow apache to send an email.I'm now beginning to wonder if it is somemystic magic that I need know. Getting the Mar 9 18:05:35 bf01 sendmail[9756]: NOQUEUE: SYSERR(apache): can not chdir(/var/spool/clientmqueue/): Permission denied Message. I have spent most of the afternoon checking permissions, checking selinux settings, and virtually every thing inbetween. Anyone got any ideas Thanks Richard

12 years

a.authns.bitfolk.com renamed to a.authns.bitfolk.co.uk

by Andy Smith

Hi, If you don't have any domain names for which BitFolk serves secondary DNS for then you can ignore the rest of this email. This is mainly of interest for users of our secondary DNS service: https://tools.bitfolk.com/wiki/Secondary_DNS_service I've decided to rename a.authns.bitfolk.com to a.authns.bitfolk.co.uk in order to have authoritative server names in two different TLDs. This is so that your domains will still be served in the event of some calamity such as one of those two TLDs breaking, or one of those domains unexpectedly expiring. Therefore when you find time you should adjust your registrar details and zone files to list a.authns.bitfolk.co.uk instead of a.authns.bitfolk.com. There is no rush; a.authns.bitfolk.com remains in existence, will always have the same IP address as a.authns.bitfolk.co.uk, and there is no intention to move away from bitfolk.com in the future, so you can put this off for as long as you like. b.authns.bitfolk.com and c.authns.bitfolk.com remain unchanged. Cheers, Andy -- http://bitfolk.com/ -- No-nonsense VPS hosting _______________________________________________ announce mailing list announce(a)lists.bitfolk.com https://lists.bitfolk.com/mailman/listinfo/announce

12 years

"Boot loader didn't return any data!" starting Xen VM

by John Winters

Before I start, I should say that this problem doesn't actually relate to my Bitfolk VM, but I hope it's OK to mention it here. It does relate to Xen and I suspect there are a lot of people here who use Xen. I have a non-serious Xen host at school, used to let pupils do recreational programming. One Xen host (running on a Mac mini) with one guest. Both host and guest run Debian Squeeze, and the configuration has been stable for a long time. This morning I applied the latest security updates and re-booted them as follows: * Upgrade guest * Shut down guest * Upgrade host * Re-boot host The re-boot was because the updates included a new kernel. I expected the guest to come back up as normal but it didn't. Trying to start it manually I got: hydra:/etc/xen# xm create pragma.cfg Using config file "./pragma.cfg". Error: Boot loader didn't return any data! hydra:/etc/xen# Doing a web search for this error message produces lots of hits, but very little information. xend.log contains lots of debug information from xend, but as far as I can see none from Pygrub. xend invokes pygrub, pygrub doesn't do its thing, xend then halts the process. Both systems are backed up nightly so I have very recent backups. I can mount the guest's root file system on the host and examining it nothing significant seems to have changed, and certainly all the obvious files which were there before are still there and still in the same place (although some are updated versions). It's unfortunate that I did both upgrades at the same time, because I now don't know which one is causing the problem. Can anyone give me any suggestions about how I could get Pygrub to give me more information on what it is unhappy with? TIA, John

12 years

Re: [bitfolk] Security incident: Wordpress install compromised and turned into redirect to porn site

by Adam Spiers

On Tue, Mar 5, 2013 at 8:25 PM, Andy Smith <andy(a)bitfolk.com> wrote: > On Tue, Mar 05, 2013 at 07:23:46PM +0000, Andy Smith wrote: >> RewriteRule ^(.*) http:// crzyluxtds in/go.php?sid=1 [L,R=302] > > Quite a few people rejected this email, probably because of the > above URL (now obfuscated as I should have done before). If you did, > you can find the original in the archives: > > http://lists.bitfolk.com/lurker/message/20130305.192346.4455264a.en.html Do we know which version of WordPress was compromised? And that it was definitely WordPress not another service?

12 years

IPv6 reverse DNS

by Alexander Mann

Hi all, I'm a bit confused by this, I suspect, because I'm more used to setting this up with IPv4 through nice, easy to use control panels! I want to give my VPS's IPv6 address a reverse DNS entry. - DNS for my domain is provided by 123-reg. - I can see in the Bitfolk panel that I can delegate RDNS to various name servers. - 123-reg don't offer the option of PTR records in their control panel - I can see how to make zone files here http://rdns6.com/zone Am I stuck if 123-reg won't let me create PTR records? Can I use the bitfolk panel to delegate to a completely different name server? Would there be a problem using my VPS as the name server? There's probably a fairly fundamental gap in my understanding so any pointers would be appreciated. Thanks Alex

12 years

Security incident: Wordpress install compromised and turned into redirect to porn site

by Andy Smith

Hi, Yesterday we received numerous abuse reports regarding a web site hosted at BitFolk being mentioned in an email spam run. The spam email looked like this: http://pastie.org/private/vjxjhjkpfxqby0fkrv87oq (http://[elided]/wp-content/themes/mantra/uploads/wps.php?v20120226 being the link that was hosted at BitFolk) The link, when visited from a conventional browser, was a harmless redirect to microsoft.com, however when visited from a mobile browser redirected to a porn site. The customer was contacted and their port 80 immediately firewalled off. Later the customer advised that they were unwilling to spend the time to discover exactly how Wordpress had been compromised, preferring instead to completely remove it. The following .htaccess file was found in several places throughout the wp-content directory: RewriteEngine On RewriteCond %{HTTP:X-WAP-PROFILE} !^$ [OR] RewriteCond %{HTTP_USER_AGENT} ^.*(Alcatel|Asus|Android|BlackBerry|Ericsson|Fly|Huawei|i-mate|iPAQ|iPhone|iPod|LG-|LGE-|MDS_|MOT-|Nokia|Palm|Panasonic|Pantech|Philips|Sagem|Samsung|Sharp|SIE-|Symbian|Vodafone|Voxtel|WebOS|Windows\s+CE|ZTE-|Zune).*$ [NC,OR] RewriteCond %{HTTP_ACCEPT} application/vnd.wap.xhtml\+xml [NC,OR] RewriteCond %{HTTP_ACCEPT} text/vnd.wap.wml [NC] RewriteRule ^(.*) http://crzyluxtds.in/go.php?sid=1 [L,R=302] The customer says that no plugins were installed, so it must have been a base Wordpress install that was compromised (may have been out of date or installed incorrectly). Cheers, Andy About this email: https://tools.bitfolk.com/wiki/Security_incident_postings -- http://bitfolk.com/ -- No-nonsense VPS hosting

12 years

Re: [bitfolk] mandiant APT1 md5 virus signature list (part 1 of 2)

by Max B

FYI, an appendix of the Mandiant report (see recent traffic on this list) contains a list of md5sum virus signatures from an organisation which Mandiant deems to be an 'Advanced Persistent Threat'. See <http://intelreport.mandiant.com/>, search theregister.co.uk on 'mandiant', and read Zbigniew Brzezinski at ft.com [1] for more news on the evolution of this scandal. Thanks to Kevin Mandia, with whom I have absolutely no connection, for the warning. The md5sum list is ostensibly for suspicious virus payload *attachments*. A quick checker algorithm to determine whether you are targetted by APT1 could be as follows: 0. copy the attachment to a spam directory on local filesystem (name it 'mandiantlist.txt' or some such 1. save spam to email client 'spam folder' 2. on local filesystem: % md5sum therecentlysavedvirusattachment.zip 3. google search the string obtained from the md5sum process 4. % md5sum therecentlysavedvirusattachment.zip | awk '{print $1}' && cat mandiantlist.txt | uniq -d I seem to have been targetted by APT1. I have retained all email traces and headers. I am concerned, angry and displeased. I wish to be governed by an organisation who can address capably and extirpate promptly this kind of threat. Does such a government exist in the English-speaking or European world, for example on one of the Channel Islands? Cheers [1] http://www.ft.com/cms/s/0/170b2a62-7c5a-11e2-99f0-00144feabdc0.html 001dd76872d80801692ff942308c64e6 002325a0a67fded0381b5648d7fe9b8e 00dbb9e1c09dbdafb360f3163ba5a3de 00f24328b282b28bc39960d55603e380 0115338e11f85d7a2226933712acaae8 0141955eb5b90ce25b506757ce151275 0149b7bd7218aab4e257d28469fddb0d 016da6ee744b16656a2ba3107c7a4a29 01e0dc079d4e33d8edd050c4900818da 024fd07dbdacc7da227bede3449c2b6a 0285bd1fbdd70fd5165260a490564ac8 02a2d148faba3b6310e7ba81eb62739d 02c65973b6018f5d473d701b3e7508b2 034374db2d35cf9da6558f54cec8a455 03ae71eba61af2d497e226da3954f3af 0469a42d71b4a55118b9579c8c772bb6 0496e3b17cf40c45f495188a368c203a 04a7b7dab5ff8ba1486df9dbe68c748c 04e83832146034f9797d2e8145413daa 04f481d6710ac5d68d0eacac2600a041 0501bb10d646b29cab7d17a8407010d9 0522e955aaee70b102e843f14c13a92c 052ec04866e4a67f31845d656531830d 0545a524a6bb0b042f4b00da53fec948 05552a77620933dd80f1e176736 f8fe7 0583f58ac3d804d28cd433d369b096b8 0588ffa0a2 44a2c4431c5c4faac60b1f 05bc8309b93676087d5fb0b58ad5e9d8 05cc052686fbdf25fb610c1fe120195f 06598b0490133815541c5ac023623e82 065e63afdfa539727f63af7530b22d2f 078f1e2c528f2318b073e871f73efc21 079028d315d039da0ffec2728b2c9ef6 07ae235391f7b290ea3a35067239a290 07c4032f24ae44614676fbdfe539afe0 07fe9f901fb4f14e16fb5d114a92b0fc 08084604344b5ed11c2612795b2d3608 0829207a8400e2814990f79fbdfe7f4d 082cc969b3eb6786e3e951b450b8de0d 089c9e5407ddb464dfeca2e528536395 08d7679a9c806a2f7d2be26fe9b425ee 08e0d0f5cdfe1bc2e5fc1b992fe1e073 08f21a020f41f0bcacdc9427f84987da 0908d8b3e459551039bade50930e4c1b 09531f851ef74a7238685fd287a395bd 097b5abb53a3d84fa9eabda02fef9e91 09d372e4259980ac95fdadf1846578d9 0b506c6dde8d07f9eeb82fd01a6f97d4 0b680e7bd5c0501d5dd73164122a7faf 0c28ad34f90950bc784339ec9f50d288 0c5858f293aed44ea00eb9e0019609df 0c5e9f564115bfcbee66377a829de55f 0ca6e2ad69826c8e3287fc8576112814 0cad4 2671e5771574df44a23b3634f32 0ccfaeb11defb100b5ddb40057e8fce4 0cf8259502d178a099ab2852e2bddbe1 0cf9e999c574ec89595263446978dc9f 0d0240672a314a7547d328f824642da8 0d678350f05b274844da5d79fee75324 0dd3677594632ce270bcf8af94819caf 0df42947e167cd006b176d305c08d57e 0e84132e5ad04351b644b8d8743fc4d3 0ec0fcd649f3d5aa2e19f110c0089164 0f23d5b93c30681655d8a4258b8de129 0fbdc6e3f79063a4773d4872fa1f15d1 0fed203f3df6a82c9124f24aa3d9d75d 0ff20d023d6b54661d66fb3ce09afe3c 0ff48a336655869a74611236e6e2d249 106338ad223b84fbc2528a55e3e22302 1097ca5269dea866d5c9f2b0cc50af6d 10a38dd9598cc31efe664cfaa8f37bf1 10a68e08c514d3b69296b0eb557d822c 10bb5a8ae053e335fe047cf38db95452 11504971bb85cdacb8ef7d45e6e2aeb7 11ccf3f93b00b01887e50283742cd1e6 11d350127ff1e9ecd665c34326475584 11dbecc954bf8a89d59407a992889cfd 11de4b1ab84bcb8dd28ef0ea4641f6d0 120c2e085992ff59a21ba401ec29fec9 1224527e295380dce1ac9953c850ce97 123505024f9e5ff74cb6aa67d7fcc392 125ebbc6f0c957ee994fcef1431a93f4 129c6cd9d2aa895cf6fa137fa1d3a188 12a410d82a1fc9a8c18b350872e0d465 12f25ce81596aeb19e75cc7ef08f3a38 1328eaceb140a3863951d18661b097af 13835f0d5aafbeda50560afc92c8b7b7 13f0b56c28995e4efc8da784ad862853 1415eb8519d13328091cc5c76a624e3d 1486f48948db4f9afaebd69c7c52f899 150c4c1f589c4baa794160276a3d4aba 150c95865766c2dd0562e7bedb6db104 15137b710414e4e8508ac5ab27e2cbaa 15244d2321faa3a271ff0b1e5a23148f 15901ddbccc5e9e0579fc5b42f754fe8 15d1330be5e27f6f51d011b0575ffa05 165ef79e7caa806f13f82cc2bbf3dedd 16e53c619803d0068611bb6d448d1d49 17199ddac616938f383a0339f416c890 173cd315008897e56fa812f2b2843f83 177e0270f25a901c216ffb2e7a36e5b1 17f5a2e0997b59449ca2120b20b5b7ce 17f6602f1c507b006b9d09eedcde0096 1809c3cc93332d7bc0799238519a2938 18316e6ebb356a66c8ff51e73c1bcc8a 18e5ef23b634344321b2b3f5fa80a598 19fc27aeb48b3ce8d00eb2e76dfe283 7 1a0c7e61bcc50d57b7bcf9d9af691de5 1ae2dadd85cd97452bb26b2c901d0890 1aea4d24f3bd2c51288ad643fc66e0d2 1b36190794516da078decaff881d9864 1b7eed9d2438b494197e95fe57114f9b 1ba6fee7d4e73752b39a09b1396b69f0 1baa7f5813e259c6346d1b02a1370d75 1c16bd1488163c03cd506c2f71486a0f 1c7538951b21d93ef7ecf3fa94ae5c5e 1ca3ca9ec20474d07fc798f2b41e2625 1ce4605e771a04e375e0d1083f183e8e 1e314c972075b8058099fd8759c11ce8 1e48f6ba839d2c4794e23c10e5c4c138 1e5ec6c06e4f6bb958dcbb9fc636009d 1ea61a0945bde3c6f41e12bc01928d37 1ede2c69d50e0efbe23f758d902216e0 1f2eb7b090018d975e6d9b40868c94ca 1f92ff8711716ca795fbd81c477e45f5 1f9b32bac55ba4c015181ebf55767752 1fad25d4fef631f8ec3115e0944e4621 1fb4ce2e56ced51ddf1edff8ed15c21b 1fff3f96f53c5bbdd39eb2351f12549d 201fb83679a1fe05007fc6b8d6d96680 2080f463388aebe6deb7edf11c01f7ff 20e2c8c7a98ddd4c16f6e878194c1e78 212c724346400853d05a4440cabd716c 2156942db0293565c9420c1e25 4a2c32 215df0c319b98dad4f202849b097f8b2 2198fea94bb79b001fcfd3e03b269001 2244c60f4c1dc285c259f3ac5bf88ff8 225e33508861984dd2a774760bfdfc52 2272791cadf422ce02a117a3a857f84e 22aa55134d621672e93c6de928c8b122 22d9466d6aab8410bea006b5d3df8bd0 23059de2797774bbdd9b21f979aaec51 23e371b816bab10cd9cfc4a46154022c 24259ae8b0018b0ce9992fb1d9b69e2a 2479a9a50308cb72fcd5e4e18ef06468 24c4ed0a6cc4e9671b72c104977fa215 24f1b8266f4faf550999581bf0edac83 24fefb8b9338e2300308260be19bbaab 251c817f4144264c3e7a9dac03071daf 255cd53f9bdb6f3755e621885cb34382 257258344edad17f689b1c6d14833cbc 25f240aed433c4ea52ccdb898e43756f 2640cb47de607a8276c26e8a27f1150b 268988aa1df82ab073f527b5b6c8bff7 268eef019bf65b2987e945afaf29643f 270d42f292105951ee81e4085ea45054 2762fb36161086f7ef3f33232aa790dc 277964807a66aeeb6bd81dbfcaa3e4e6 277f95bff2e0fe317f86b5010bd83a18 286f48dda20e2ccc3250a6e09a130db1 28dbd86bd86eb9153ecb2 0d883c41ae0 28e64dfeab48030bc532ae4ace2c9e4c 2976a62c2a829a153a9b0b5f433bdc77 29c691978af80dc23c4df96b5f6076bb 2a214ce037f5f6bb01ddc453f0265d92 2a4604fcae876dee445de5ad74fd7835 2a84b88c4a2ce0fb6227f7990f465737 2acfc925e66e1b820a67c4d0f3e6ae8c 2af105519133baaee57c9ade00543de2 2b379d5346ffd386c28038630a9b0292 2b659d71ae168e774faaf38db30f4a84 2b732257d8d9f09560fdcb7d84d430ca 2ba0d0083976a5c1e3315413cdcffcd2 2bd02b41817d227058522cca40acd390 2bdc196cdac4478ae325c94bab433732 2c49f47c98203b110799ab622265f4ef 2c78d8bb5912d8174042f81197d9b449 2c9c691e15a48b20dbead0a6d6bf0300 2ca8ba14ff07ef8616372c53ee84d20e 2cdbeebcf4e0b6dbd24b8c7b4cd6d862 2d08595e73de31a36c1187fcaac73bf0 2d57aa4e7f2f4088f1b96313b24c7602 2daa4a4574ba06aa3203ae0e0b45b3b8 2dd892986b2249b5214639ecc8ac0223 2e8484f59899046452392c236460ebb6 2ef062fa86537db34f5907a9775664a1 2f5979eaa728550a352c1ffee0b31236 2f930d92dc5ebc9d 53ad2a2b451ebf65 2fae9efa753d3d821e1efdbc1335b966 2fccaa39533de02490b1c6395878dd79 30a7aa13b1f8d272cb36576952e8b6c0 30b3b17eab05ecffaa055b5091aa66f9 30e78d186b27d2023a2a7319bb679c3f 3107de21e480ab1f2d67725f419b28d0 3120fc8630c5252002f26f6e11b09eca 3122fbb558e1a5f32c90eba31f674add 31b1d316b46c967c80fe7398a9e4cf41 31e5e58dbdfad05175613e795298ebb5 321d75c9990408db812e5a248a74f8c8 328c3ebb2fd2e170483e8d51ccc6c505 32c32e936cffa8ab370c7f3f2dd43d65 335df3ffb8cee61c20ab91a401204df4 3364813bcbd111fc5ec1e4265c533506 338782d2df367156a2c7e12e9526c600 33d974011c4b047bf9874a71ba261a11 33de5067a433a6ec5c328067dc18ec37 33e9ccd45ef133b2c100d5a4f50635d5 341f5e7215826d07ada1ed2b96264c0d 342939e5fe4770c545659a6bf1e50df4 3441cbdf8de9472c19b021b241429b22 349f6cfb77bb360063c477e9b6ca24d6 34ca3fbcaac48498aeff6035b172bf69 34cebbb4d35a66a7a7fb1ce857c195c9 35008d12dfa47447112495f430e4aefe 351afebaf03 ef12e6ad1b412612d0c53 35b9f05cf70017cc485af87660109dc8 35f32431a069398d25efda2dafa32d93 36a7c3a6460c98e161e1005c925da0b2 36c0d3f109aede4d76b05431f8a64f9e 36cd49ad631e99125a3bb2786e405cea 36d5c8fc4b14559f73b6136d85b94198 370c50aea66cc338b37801e1bd1c244f 37cf3f25895c27ca5e647bbfdc1d5b2d 37ddd3d72ead03c7518f5d47650c8572 37df1896ba54e85ef549ccc1a88d34ab 37e7dc80c1eb618b3cd1b442858afa60 37eee514b04167f8e17e2caa3bfd3049 389f43a8af199da8da6b7c75b2c69595 390d1f2a620912104f53c034c8aef14b 39e28f48c138dc156d1436fd02222e45 3a3e4bca1197e4abab03340ea97d718d 3a45d4bfd1f919f167ce4a5e5ba00e15 3a4cda1973cacd78740ff30774d6375e 3abe9c84fc13d0a82c1c3e0dced5825d 3b0829e2e966dae17d4c235893a3ae8a 3b1b190407b868406c5c155a79f3d146 3b320b90e024bfa48bda72aa7a82322c 3c1b2fabb7d74bc5be0820eae4107f8a 3c4066b252722c873348d43b4c3ec0e5 3cda17269c246a2e3bfcda6fa02fceb8 3d0c1dc5ac55f6d0e6b7fabfeb5158f5 3d3283 95d0cefc67e2909774125196b1 3d573866620eae070a220be89e113f69 3d61d23c2be95177937aa50769c0c512 3d6fe3928f2f5ce41622f3f958b894a0 3de1bd0f2107198931177b2b23877df4 3de60420845a582b0e44081b1138a7e4 3e12ffa5ad676a41754e2cc59e980e57 3e32ab6a2eac5bd1cddd3146d1a1348b 3e3e6fe1a8c6ffc00a9c644997a4f7a1 3e69945e5865ccc861f69b24bc1166b6 3e6ed3ee47bce9946e2541332cb34c69 3e72fd40e47e232496b303734f1b2b11 3e87051b1dc3463f378c7e1fe398dc7d 3ea7bf3b469499f0f6d4a78af865138f 3f19992be3606c136b15041207daf6e4 3f243b304358041fb163007e0c066d4a 3f33c0dab564c35485fd227d97b98443 3f34e41d8ea034e6246ef6426bc91336 3f8682ab074a097ebbaadbf26dfff560 3fb8f4cdcb4d1d48be2e473fd8727239 3fc26910f9c31bd9ba3ccb09132d9ca3 40831b3799c94b609a91d517d14bea21 40b1e9cf468f499d749c0863cfa6c8c1 40ee45b1343406b6f7ad6204f1af7693 4111fbc14558385c10091543c439264a 411d770b2939e968c692dbdd3116e179 4192479b055b2b21cb7e6c803b765d34 4 1a5d40ecc735172b18b61e01a30a178 41bb847963a8fce70ad21e70dd786107 41d623c1de3b0d182c51e56b2a3f3fba 420deefd91db5e177b46e4134441a35e 4227f2872817cfc74d134ee9f3d06d14 42462d31a2e5b1e4602a1a4d39abeca9 435991e0c67f0c0b4504355b6d4493f0 438401c9ae36e9ed1bf4f410ae116484 438983192903f3fecf77500a39459ee6 43b844c35e1a933e9214588be81ce772 44066f29aab6a9379f8dd30f6bec257d 456d298649a7ec31a7250ed9312ebbaf 45aa4177bb42eb3ded5edf397a4aaded 465b085d3ddd22f63d8f7721ce5736d7 46817cabd6618d2126067430a78f06a3 468ff2c12cffc7e5b2fe0ee6bb3b239e 46a86e3c12d5025aa78c7ddf46717c38 46acae84a04e41730d0502d9080bbb4a 46c36c11238100e155f6d418332869ea 471005f73280264c48f769e1c21fbcc1 4749f6336eb86b5fa7029661f88ded20 476fea8761a03bef16e322996c2f6666 4788960e489197f2633f581607eb0d26 47e7f92419eb4b98ff4124c3ca11b738 494637c4ac6d04bb50a681e87b81043f 494fca685834f3158d133f6b09cbb507 4962cb3f255b2eaf48847c754d2a553d 496f04719a365f9718919002eff5748b 497f07f54a4c29fe3be1a15f4516e32d 49bacedcd18f6d8929d43a10dae8645f 4a2320b41a5216c741bf63fce562961a 4a54d7878d4170c3d4e3c3606365c42c 4aadab80ce16c588b8719f15e84aba82 4ab62c8e525bee410cd4b6cfeea7d221 4ad4258b73430fc3e843a2e59d8ee70a 4b19a2a6d40a5825e868c6ef25ae445e 4c6bddcca2695d6202df38708e14fc7e 4c858a80df0d6de5d69824c9502b65cf 4c9c9dbf388a8d81d8cfb4d3fc05f8e4 4cabfaef26fd8e5aec01d0c4b90a32f3 4cd3bed14aaffcf61f4d2948484c4c90 4d21cc82e4031e1d6bb15541827b9e67 4e1a92036a577a87a6fa36168d192c4b 4e3ddb5c27e45ee0e6dcc02e87b0abb5 4e551abcd14506092a0f8d54a45f3569 4f65bc571cdd9c9cd11e771e1db35a4c 4f763b07a7b8a80f1f9408e590f79532 50361f8793258b6e883b31269e053ed2 50a3aaaebae6cee7ecb150ac395276b9 50f35b7c86aede891a72fcb85f06b0b7 5100f0a34695c4c9dc7e915177041cad 51326bf40da5a5357a143dd9a6e6a11c 51ce169debea41314f591290839fd55f 522d32a505f78f09303e689999a 3e461 523cf1c9741f5f9d11388a58de6a83a4 523f56515221161579ee6090c962e5b1 52509abd1cc7b7fb391b19929e0d99c0 52bd3ceef33900d53315f89538128026 52cb7fed85bd7ff6797fbc70105a09fe 531a3b0acd95f55c3a7418d31f741357 53600687ec97c297f03b4f0f4710d0c5 53b263dd41838aa178a5ced338a207f3 543c283d691939d99667e22bcb7be610 543e03cc5872e9ed870b2d64363f518b 54d5d171a482278cc8eacf08d9175fd7 5537bdce991797198a9ff97ff1492f90 55886d571c2a57984ea9659b57e1c63a 55bd26326db3d512b6bd9f75d6671819 55f60194833efcbc8ac16bd0a1cced1a 55fb1409170c91740359d1d96364f17b 5613e6d7111b327307c02bec1701ac3f 565b6fedccab184c92e40483ea49a25f 567395a3c720fcd09eb75b6c188b8687 56892b0befe8b7a188fdb7e72a07e60f 56a5d0575c0c712deb16f465ac888a65 56c26b175ae23d90244805a6ec347e42 56c8ff5c6832f1e31a59e0717c3ab79c 56de2854ef64d869b5df7af5e4effe3e 56dff5cdfee293100b59096326fb0daf 57326cd78a56d26e349bbd4bcc5b9fa2 575836ebb1b8849f04e994 e9160370e4 5790c7c09735cf1ccf10625c7cd87f5e 57cbf78c226265cc1e61ad86779bf906 57cfef3e32e60df11b8d2c5375f3185c 57e79f7df13c0cb01910d0c688fcd296 57f98d16ac439a11012860f88db21831 580a4c05982accc678a72c366b45815d 585691777080b419b523938edd3ba2d6 588c40520a3cea27d2b35cd1fa05e23f 58b020fd3bc0d34e8c4eaf0a3f3135af 592a33f691daa01ccbfc8078ad961b43 59620925bf1c4f760c4bf225c7efd6c0 5a032c13942a46c5ae015f53d9ce138a 5a3abb8053c271c58e879b3b9cf8c8f5 5a728cb9ce56763dccb32b5298d0f050 5aeaa53340a281074fcb539967438e3f 5bac505fdc202e1c6507ef381a881ed1 5bcaa2f4bc7567f6ffd5507a161e221a 5bd5a22d42c04db7ac1343a2a9f471fe 5c4806b5859b35a3df03763e9c7ecbf6 5c6f30cc369cd164d44941d381e282cc 5ccb52a8e3c31dde2ddbc486a2215e85 5cd578614afb50b925008b68b3accdb9 5cd7526fc7d849cbbf8c9d1ffe97a991 5cf0959687427850a92d7f69edd41b86 5d8129be965fab8115eca34fc84bd7f0 5dea347d29a3e9c21c52385a10224b65 5e17055c51724b0b8 9ff036d02f5208a 5e1d81618eaf005b8e0cd63fbc9a4937 5e33a9835bced338cb1959c347ac6798 5e42780f52763c77d592044e535e4b01 5e686bd284022e35559a9c6118df8f1e 5f837bbfd3b458321070e2aebca4ec46 5fa50476240c9c59cb72b345751434ce 5ff3269faca4a67d1a4c537154aaad4b 6040dd5b603483f738be6a02a63538f2 605c1dc91a5c85024160ce78dfac842d 609d917a7f0c526b0d8091c8191da376 611b1577ba976f76fc01368545bc395c 611c8f862864af818202865b78ad7ca8 61daab56e07dfa3a236d8aec9eb80545 61e0da42d5d084af24d31fbcef4ff409 620c6a6cff832e35090487680123f52b 62a35021454e17f4a913e577d7ecd22f 62bee50b480f6a6aa427a00464baf376 62c72767508e461cfe94b0c706e6d446 62d60a1cd1e7ba73aebc98812e5ac266 62ea10608f0d54cd284e8d7be32f206e 633cb95904ab9dc0a3de4ddd443494e8 6377ec0c87f4ec1e7897751dd85d73d4 63db2f4fd717723f0e6f94e0a6a62c7b 6461ea41f179e660c40ed65aee1a4a2d 648ce1c45927b24563dd8361a1b74311 649d54bc9eef5a60a4b9d8b889fee139 64fa1239f5aa 9a9031e61533283f8c22 65018cd542145a3792ba09985734c12a 650a6fca433ee243391e4b4c11f09438 6510cee34da30c7ef5e5e39980402257 651d83c1b85acb204abd5bf7990a1298 656baf38fa5ee776e2576cead664d004 6570163cd34454b3d1476c134d44b9d9 6576c196385407b0f7f4b1b537d88983 668b92feb7cbcc7ac75ff97dcec28d10 66c287675cd4c7172590f71181e723a8 67504a0c2c2bf47efccdab5ca981ad7d 6767eeb485232436de9553988765fb89 67f62f5accfeacf5e828c3b3905248fe 6808ec6dbb23f0fa7637c108f44c5c80 6846ad52c9208830ceaf4cfd81402015 687a58dcbc076b04bef4ec6050310fb5 689dcd40d5eae8c0d315265f3d90ffae 68af7be698e8a7408451c158c04a9712 68c67a6e26855ebc2569d67689c69a6e 68d2fd5049e70942d164e4e25d13dd8e 68e5bff12ac33ecb98977afed51ebad0 693f711d8fab66a3efca98a19a733d56 698fbe7ed1ddd7f5c76b86fad3f7a485 69dc1e1ee273e531e91c60eb86396cc8 6a4fbcfb44717eae2145c761c1c99b6a 6a88f170ab6cb0f9b3252adc61b4f487 6ab7fa8e5fb63b8d0723387d0a1ffe6d 6b3d19c c86d82b06f5db3ae9d5ba8a5f 6b4ac249f918be9f7bc64ae7fdda947e 6b6c4c0e2959df248be90d89899953a9 6bf8f1f99ac5bba0db1b66518df378a4 6bf9083f1567edce004bd1f7c456659d 6c5c5e4049265fffc87973f3e4978b26 6c65c697bcff935484a5cd2e7dd2e7d2 6c9c9e40683467f60b910d5bad5285ae 6ca59c9c4165796e08ba6ca3eeffdee6 6d2320af561b2315c1241e3efd86067f 6db47757ba324bb61ce3cbcabbec52d4 6deae79fc82df523ba99852266a33f9e 6e442c5ef460bee4c9457c6bf7a132d6 6e8f302794cfaae731840e345063e652 6e9bedcf80f21171adb951a0d85d2adb 6eb99bed5b5fcb3fdb26f37aff2c9adb 6ebbfa603aa4e90148ad0b726806c359 6ebd05a02459d3b22a9d4a79b8626bf1 6eebee2aebd5194db62cb8230502378c 6f4182baa5a57b717cb9d850dfadb60a 6f551594fdf3539c62389c0cf0d2e16a 6f6abd53e10567d1534514fc36fca2e9 6f9992c486195edcf0bf2f6ee6c3ec74 6faa4740f99408d4d2dddd0b09bbdefd 6fbf667e82c1477c4ce635b57b83bfa0 6fdec862951e8b128cd7a07b2031eef6 70a55fdc712c6e31e013e6b5d412b0d6 70 bb674fc97d7bf4d8dbbe3636f65c4a 70c10f8b4dcd01b07be6cfb4df0d3348 70e2827ab4af1a38dc09a02fa95b82fe 71173ad2bc7b39342b1bdaadeaaa0d8a 7127241c033c403b18bd281d0dfc4e31 71536d2e95420c55412c12dffea1a0a6 7253de652a025b2b4fa7b02e97a1ee6b 727a6800991eead454e53e8af164a99c 7388d67561d0a7989202ad4d37eff24f 73a63c21a08b0ad2c69999e448f8e6a1 73d125f84503bd87f8142cf2ba8ab05e 74b3ee9f3f6c52413db6e5c9ace34893 75372eb37415140fa5464f1ebb8a0e74 753ec12f61c2f7c9a5763c9063a16106 759b320aca72ba446e7e156407ebc10d 75dad1ccabae8adeb5bae899d0c630f8 75f37a69664362462ad491741a34f195 75ff4bd6b209b6f10472c4cd22e3f9e6 760339e927e391e289bd91bad4cd59c3 769aeae232c6162cedcb6c7255640c4c 76ba06bac23a2c445cb982bf38b82199 76bf44d7734ec8581e846a9f3005aed4 76c1b246703a10cb6e71a3e5b7b55b24 76f6c7301dbf0219eae991d65804292a 7704ad9e8e0e3d75075e4c294f698d53 7712d05c8b499fc7a1f4a6a6b6dee825 772c771e13e599cbf25bf9e0199681f7& amp; lt; br>77382bb7fd431211b32d84d4de74b043 775459afc5415984dfa2a0f533011763 77afced93e20b1bb906796197fa1dd1d 77dc072fdd632c12bacc09ceb8e6ee39 77fbfed235d6062212a3e43211a5706e 785003a405bc7a4ebcbb21ddb757bf3f 78524ba7f66c0ec4a3755e51709db1aa 7852b941a46e37fe9b332b1be77a6960 79841c13f645118a600d19def3642d1a 79f3bac2826f8511c96240758af116b4 7a2692cafec377c444bc3147fc43e57f 7a2eba5ca6f9b2cec61c5cc55dfca762 7a660a9e48f6065333f388f2c0a67bd8 7a670d13d4d014169c4080328b8feb86 7a7a46e8fbc25a624d58e897dee04ffa 7ab86c938b960dfc0c4ffbadd4163666 7acb0d1df51706536f33bbdb990041d3 7aecb34616245eb6b2906358151be55b 7aef47f9fd84669976c4b152910a6328 7af399ff99109a9501da73337c0bdf4b 7b3ce6c2af1acd119a25831fac670bab 7b42b35832855ab4ff37ae9b8fa9e571

12 years, 1 month

Local user privilege escalation, kernel 3.3 and beyond

by Andy Smith

Hi, A flaw in the Linux kernel introduced in 3.3 allows a local user to crash the kernel or obtain root access. Those running new enough distributions (notably including Ubuntu 12.04) are vulnerable, so please check whether you need to update. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1763 http://lwn.net/Articles/540082/ Cheers, Andy -- http://bitfolk.com/ -- No-nonsense VPS hosting _______________________________________________ announce mailing list announce(a)lists.bitfolk.com https://lists.bitfolk.com/mailman/listinfo/announce

12 years, 1 month

nginx

by john lewis

When I first setup my VPS I installed apache because at the time I didn't know about alternatives but am now thing about switching to nginx. Not that I have had any problems with apache but nginx apparently isn't as memory hungry. I have very basic needs. I have only a few websites to serve and apart from one that uses gallery2 the content is all static html. I don't remember if I had to enable any thing in apache2 to be able to use gallery2 but it looks like I'd need to do something with rewrite rules to use it with nginx Has anyone switched from apache2 to nginx and are there any 'gotchas' to be aware of. -- John Lewis Debian & the GeneWeb genealogical data server

12 years, 1 month

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

BitFolk Users March 2013