- Status Closed
- Percent Complete
- Task Type News
- Category DataCenter / DC
- Assigned To No-one
- Operating System All
- Severity Low
- Priority Medium
- Reported Version Development
- Due in Version Undecided
-
Due Date
Undecided
- Votes
- Private
FS#26 - Security Alert
Since the beginning of January, we've noticed a resurgence of security issues on the Internet.
Website hacks, attempted SSH penetrations using dictionary methods, denial of service attacks, etc.
The most recent being the exploitation of an OSPF vulnerability in one of our routers, which disrupted the broadcasting of routes to connected services. This caused a major network disruption for 5 to 8 minutes yesterday (12/01/15) and for 20 minutes later that evening. The issue has been identified and the vulnerability is now fixed.
We therefore encourage our customers to audit their services. Rkunter and chkrootkit will help you detect potential problems. A #netstat -laputen command is also useful to see which services are listening on the network.
Finally, we recommend changing your SSH passwords to a mix of uppercase and lowercase letters and numbers.
The fail2ban tool is also a good solution to avoid ssh dictionary attacks.
RSS