Cart is empty
SnelServer.com More

GHOST, a critical Linux security is revealed

01/28/2015 | Security |

A critical vulnerability has been found in glibc, the GNU C library. This is affecting all Linux distributions. This flaw gives attackers the ability to execute malicious code on servers, any target system can be controlled without the need of any system credentials. The vulnerability, CVE-2015-0235, has been nicknamed as GHOST because of its relation to the gethostbyname() function.

 

The vulnerability in the GNU C Library represents a big threat and in some ways it can be compared with the Shellshock and Heartbleed bugs of last year.

 

Debian 7, Ret Hat Enterprise Linux 6. CentOS 6 & 7 and Ubuntu 12.04 remain unprotected at this moment. The vulnerability also affects Linux programs written in Python, Ruby, and most other languages because they rely on glibc as well.

 

If you are running a Linux server you should closely monitor your server against the vulnerability and you should also check all available patches. You should also prepare for the unavoidable reboots that will be required after installing the patch.


NOTE 1: Technically it is not needed to reboot your server if you restart all services which are using glibc. Unfortunately there are a lot of services depending on glibc and finding out and restarting those services can be more difficult than rebooting your server.


NOTE 2: If your system is unaffected (like Ubuntu 14.04 for example) you do not have to reboot your server. We advise all our customers to watch the output of the update process and see if glibc is updated before issuing a reboot.

Below you can also find a few Linux distribution commands:

 

Debian / Ubuntu / Turnkey Linux

 

sudo apt-get update && sudo apt-get upgrade

sudo reboot

CentOS

 

sudo yum update

sudo reboot

Gentoo

 

emerge --sync

emerge --update glibc

 reboot

Archlinux

 

pacman -Syu

reboot









Here are 4 out of 12 reasons why you should choose SnelServer.com

Bandwidth pooling

Other providers require extra money for bandwidth you may not even need. SnelServer.com differs from other providers by providing bandwidth pooling across all your servers at no extra cost. If your other servers have plenty of bandwidth left, we allow you to pool the bandwidth to another server that requires more. This enables you to save money and you can use your dedicated server more efficiently.

Upgrade anytime

We offer additional flexibility by allowing you to upgrade your server at any time. You can upgrade your server without having to renumber your IP addresses or lose your data. All our dedicated servers come with hot swap drives, so the upgrades can often be done without any downtime.

Custom built servers

We are committed to meet the changing hosting needs of our customers. SnelServer.com allows you to assemble your own dedicated server with any combination of hardware, memory or processor. By using our user-friendly drag and drop configuration tool you can easily build your own dedicated server completely tailored to your own needs. All you have to do is to drag or click the components you need. Our custom-built dedicated servers provide enterprise solutions which allow you to maximize your IT environment.

Application Programming Interface (API)

SnelServer.com provides a reliable and easy to implement Application Programming interface (API). Our API allows you to integrate our control panel seamlessly into your own systems. By integrating our control panel you can resell our dedicated servers under your own private brand at prices you want. We allow you to use our infrastructure and at the same time you will have a total control in providing support to your own customers. Get started on integrating our powerful API in to your business and earn money easily.

VIEW MORE