RSS Feed
Latest Updates
Feb
13
[FIXED] - Vulnerability Note VU#867968
Posted by Ruchir Shastri on 13 February 2017 12:09 AM
Hi Customers,

With regards to vulnerability note http://www.kb.cert.org/vuls/id/867968 - we have updated our firewall filters to block outbound SMB connections (TCP ports 139 and 445 along with UDP ports 137 and 138). If you are utilizing any of these ports for outbound SMB connections and want to have an exception created, please open a ticket with our technical support team with IP address that you'll like to exclude from above rule (adding an exception will mean that your server is open to above vulnerability until Microsoft rolls out a patch for this).

Thanks,
Softsys Support
www.softsyshosting.com
Read more »



Jan
27
[COMPLETED] - Memory Upgrade // HVUK3 (LONDON DC)
Posted by Brad Hack on 27 January 2017 06:47 AM

This memory upgrade has completed successfully and the server is now back online.

============

We are bringing the server down for memory upgrade.

============

Dear Customers,

We will be upgrading/adding more memory on our Hyper-V host machine HVUK3 to allow more scalability for existing customers. This task will be undertaken at 2:00 AM GMT Saturday, 28 January 2017. This task will take around 45-60 minutes during which VPS's hosted on HVUK3 will remain inaccessible.

We will keep this announcement section updated regularly during the upgrade process.

Best regards,

Softsys Support
www.SoftsysHosting.com


Read more »



Jan
13
[COMPLETED] - Chicago - Upgrade To 10Gbps Uplinks
Posted by Ruchir Shastri on 13 January 2017 07:51 PM

Update: 15 Jan 2016 10:10AM CST

This is now completed with almost no downtime..

---------------------

Update: 15 Jan 2016 10:00AM CST

We will be starting this shortly.

---------------------

Date: 15th January, 2017

Time:  Starting 10AM Chicago time (CST) for about 30 minutes

Expected Impact:  Brief periods of latency and small outage during spanning tree reconvergence.

Purpose of Work:  We will be upgrading our uplinks in Chicago data center with redundant 10Gbps uplinks from our provider (currently setup as 4 * 1Gbps LACP). The optics are laid out on both ends and our data center will turning up these links and disable the old links. This upgrade provide increased throughput and better network performance for our entire Chicago setup.


Read more »



Oct
26
Security Advisory: Important Linux Kernel Vulnerability
Posted by Mark Brown on 26 October 2016 10:24 AM

A vulnerability has recently been disclosed in the Linux kernel which affects all supported Linux systems running any distribution.  This vulnerability is serious and may allow a remote exploit or local user to cause privilege escalation, resulting in root access to your server. A working example of the exploit has already been publicly disclosed, thus no advanced knowledge of the Linux kernel is required to gain root access once shell access has been obtained on the target system.

The CVE entry for this vulnerability may be found here:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5195
[http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5195]

Windows users are unaffected by this vulnerability.  We have not evaluated the status of Linux distributions or versions not mentioned here.  You should consult your distribution's security documentation to determine if your distribution is vulnerable and how to apply the update.

It is especially important to upgrade your kernel if your system provides multi-user services via shell accounts, jail or container-based virtualization, or dynamic web sites. Updates which fix this vulnerability and other security issues and bugs are available immediately for most systems.

CENTOS

CentOS has patched this vulnerability as of:

     * CentOS 7: October 24th, 2016
     * CentOS 6: October 26th, 2016
     * CentOS 5: Updated packages are not yet available.  This post will be updated when they are published.

To verify your system is running the correct kernel, run the following
command:

uname -r

The version should be greater than or equal to the following, depending on your distribution:

     * CentOS 7: 3.10.0-327.36.3
     * CentOS 6: 2.6.32-642.6.2

If your version does not match, please run the following command and ensure an update to the kernel package is included:

yum -y update kernel

If no update is available, please try the following commands, then repeat the command above:

yum clean metadata
curl -s mirror.steadfast.net/mirrorize | bash

These commands will remove cached update information and force your server to use our mirror server, which is known to already contain the updated kernel version.

After the upgrade processes, you should REBOOT your system _as soon as possible_.

Red Hat published the following advisories regarding this
vulnerability:

     * https://access.redhat.com/security/cve/CVE-2016-5195
[https://access.redhat.com/security/cve/CVE-2016-5195]
     * https://access.redhat.com/security/vulnerabilities/2706661
[https://access.redhat.com/security/vulnerabilities/2706661]

DEBIAN

Debian has patched this vulnerability as of October 20th, 2016.

To verify your system is running the correct kernel, run the following
command:

uname -v

The version (appearing after "#1 SMP Debian") should be greater than or equal to the following, depending on your distribution:

     * Debian 8 (Jessie): 3.16.36-1+deb8u2
     * Debian 7 (Wheezy): 3.2.84-1
     * Debian 6 (Squeeze): You must upgrade to Debian 7 or later.  This version is no longer supported.

If your version does not match, please run the following command and ensure an update to the kernel package is included:

apt-get update
apt-get install linux-image-`uname -r`

If no update is available, please try the following commands, then repeat the commands above:

curl -s mirror.steadfast.net/mirrorize | bash

This command will force your server to use our mirror server, which is known to already contain the updated kernel version.

After the upgrade processes, you should REBOOT your system _as soon as possible_.

Debian published the following advisories regarding this
vulnerability:

     * https://security-tracker.debian.org/tracker/CVE-2016-5195
[https://security-tracker.debian.org/tracker/CVE-2016-5195]
     * Jessie: https://www.debian.org/security/2016/dsa-3696
[https://www.debian.org/security/2016/dsa-3696]
     *
Wheezy: https://lists.debian.org/debian-lts-announce/2016/10/msg00026.html
[https://lists.debian.org/debian-lts-announce/2016/10/msg00026.html]


Read more »



Nov
7
Enhanced PayPal Billing Gateway
Posted by Ruchir Shastri on 07 November 2015 11:38 PM

We're excited to launch all new PayPal Billing Gateway - please visit https://support.softsyshosting.com/index.php?/Knowledgebase/Article/View/181/2/enhanced-paypal-billing for details and steps on how to configure it.


Read more »