Hi,
By now you have probably been made aware of a security deficiency in
the design of SSL 3.0 which has been dubbed "POODLE". Here's some
more info:
http://googleonlinesecurity.blogspot.co.uk/2014/10/this-poodle-bites-exploi…
I am writing to you because, unless this script is flawed:
https://gist.github.com/bitfolk/18e8f48ebe937e802967
then there are over 150 customer IPs at BitFolk that are still
supporting SSLv3 on port 443.
I don't intend to open tickets with individual customers and nag
until this is fixed, because it's very time-consuming to do that.
To check if your server needs reconfiguring:
https://www.tinfoilsecurity.com/poodle
To disable SSLv3 on Apache newer than 2.2:
Add "-SSLv3" to the end of the "SSLProtocol" line which can
normally be found in /etc/apache2/mods-available/ssl.conf on
Debian and Ubuntu.
On Apache 2.2 or older:
You'll need to use "SSLProtocol TLSv1"
Nginx:
Make sure that the "ssl_protocols" line does not contain the
string "SSLv3". e.g.:
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
is good.
Cheers,
Andy
--
http://bitfolk.com/ -- No-nonsense VPS hosting
_______________________________________________
announce mailing list
announce(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/announce
Greetings
Anyone else seeing system time oddness at dunkel?
By the end of October I had one of my VMs moved to dunkel. Since then
there have been five occasions where my monitoring have reported that
that VM's system time being way off.
Actually, on all occasions the reported offset was the same: -46.87s.
On all occasions the system time was afterwards restored by ntpd.
Based on my monitoring, this is when the time lapses happened.
Tue Nov 4 00:37:20 UTC
Sun Nov 9 09:52:21 UTC
Thu Nov 20 01:52:29 UTC
Sun Nov 23 21:37:31 UTC
Sat Dec 13 00:12:26 UTC
// Andreas
I am talking to a friend of mine about heroku vs AWS vs other hosting.
I am trying to find out how many tenants each host has on bitfolk but
I'm coming up short. I'm sure I saw this on the wiki a while ago but
simply cannot find it now.
Does anyone have a quick answer to this without bothering Andy?
n
Just installed a kernel update and noticed that the time was way out
upon reboot, until ntpdate ran:
Dec 5 15:41:24 osprey xinetd[1409]: Started working: 1 available service
Dec 5 15:41:24 osprey snmpd[1386]: NET-SNMP version 5.3.2.2
Dec 5 11:49:22 osprey ntpdate[1421]: step time server 94.228.40.3
offset -13923.906495 sec
Is this a problem with the host server (kahlua) or my VM?
Thanks,
Mike
Hi,
Around 1432Z IPv6 connectivity to all hosts was lost, and VPSes on
kwak.bitfolk.com became unreachable (both IPv4 and v6).
Subsequent investigation has revealed that kwak.bitfolk.com was
unexpectedly power cycled and returned in a configuration that had
no networking.
IPv6 connectivity was restored at around 1503Z and VPSes hosted on
kwak.bitfolk.com are now in the process of being booted again.
If you are unable to reach your VPS, and it is hosted on
kwak.bitfolk.com¹, please log in to your Xen Shell and look at its
console to see what is happening:
https://tools.bitfolk.com/wiki/Xen_Shell
There is a high possibility that the VPS is still booting, is
performing a filesystem check, or has failed to boot because of some
configuration problem local to your VPS.
If you have ruled all of those out then please do send a support
ticket to support(a)bitfolk.com. For those of you with Nagios
monitoring set up I will be watching to make sure any alerts
recover where that is within my power.
To follow:
- How kwak came to be power cycled
- Why it didn't boot with networking enabled
- Why IPv6 broke for everyone even though it should have failed over
to another router.
Cheers,
Andy
¹ If you don't know, you can find out which piece of hardware your
VPS is hosted on as follows:
https://bitfolk.com/customer_information.html#toc_3_Which_piece_of_actual_h…
--
http://bitfolk.com/ -- No-nonsense VPS hosting
Please consider the environment before reading this e-mail.
— John Levine
_______________________________________________
announce mailing list
announce(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/announce
Hello,
I would kindly ask you if it could be possible to repost a very old
thread of this mailing-list, I really need it to solve my problem:
The subject post is:
[bitfolk] Debian Lenny (and others?) grub-probe / grub-update
the date is:
2008-05-29 16:21 +200
I can see in the archive only a post from the whole thread.
http://lists.bitfolk.com/lurker/message/20080529.142153.954fedf4.en.html
Thank you in advance,
Simona
Hi,
As is now customary, we should do Christmas drinks in London in late
November / early December. If you'd be up for that please help pick
a date:
http://doodle.com/bx7dpumh2ygpvhc3
Everyone welcome, partners too.
I'd like to get this booked quite soon so I'll give it until around
the middle of next week and then I'll try to book a table on the
most popular date at De Hems:
http://www.nicholsonspubs.co.uk/dehemsdutchcafebarsoholondon/
If that doesn't work out then I'll try places we've tried before
(The Cask, The Horse) and other suggestions.
Cheers,
Andy
--
http://bitfolk.com/ -- No-nonsense VPS hosting
Sent from Samsung Mobile
<div>-------- Original message --------</div><div>From: Andy Smith <andy(a)bitfolk.com> </div><div>Date:08/11/2014 00:18 (GMT+00:00) </div><div>To: users(a)lists.bitfolk.com </div><div>Subject: [bitfolk] Christmas drinks </div><div>
</div>_______________________________________________
users mailing list
users(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/users
Hi,
You may be aware of the "free LWN for a year" offer:
https://tools.bitfolk.com/wiki/Free_LWN_subscriptions
The current set of subscriptions are up for renewal on 28th November
and I don't intend to renew them. Therefore those of you currently
using them are going to need to pay for an account if you wish to
continue using LWN as a subscriber after that point.
The reason for this is that for the last couple of years it's
actually been quite hard to give these away to new customers, and
it's not something I want to just keep giving away to the same
people.
I think something like an electronic subscription to Linux Voice may
be more desirable, and that's something I'm willing to explore if
they implement an institution subscription system. That is an idea
I've heard them mention in passing but I'm not sure it will ever
happen as although I think it might be a better fit for BitFolk
customers, it's hard to imagine it being that popular amongst
institutions.
Cheers,
Andy
--
http://bitfolk.com/ -- No-nonsense VPS hosting
_______________________________________________
announce mailing list
announce(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/announce
Greetings
I'm wondering whatever Bitfolk has made any preliminary plans in regards
to the still embargoed XSA-108 Xen security issue? If it turns out to be
something sufficiently bad, can we expect short notice patching-reboots?
Asking since at least both Amazon EC2 and Rackspace have scheduled
reboots, presumably XSA-108 related.
On that note, has Bitfolk made any attempts to get on the Xen
pre-disclosure list? I see that prgmr.com recently got added to it, and
they kind of appear to be in the same category as Bitfolk.
// Andreas
