Blog
Atomic reaches 1 million servers and counting…
February 28, 2013
Written by: Scott Shinn
Some time back in january the Atomic repo for the first time hit 1 million active servers in a single month. These stats dont count devices behind nat, or private repo users so it could have hit this a while ago. I can remember not that long ago when we were reaching maybe 10,000 and thinking that was pretty cool.
Blocking outbound spam and viruses with ASL
November 21, 2012
Written by: Michael Shinn
How do you prevent outbound spam and viruses from being sent from your server? Just enable the FW_OUTPUT_MTA feature in ASL.
Zero Days: Hype or Reality?
May 14, 2012
Written by: Michael Shinn
While participating in a security conference, I was asked a very important question: “How do we protect ourselves from Zero Days?”. My answer: “There is no such thing as zero days”. Crazy right? How can that be true? People report “zero days” everyday, so how can that statement be true? And how does that answer solve the problem? Fear not fair reader, all will be revealed! Lets dig a little deeper and find why there may not really be “zero day” vulnerabilities and why protecting against them isn’t as hard you may think.
XMLRPC vulnerability: An oldie but a goodie
April 29, 2012
Written by: Michael Shinn
And oldie but a goodie: we run a number of honeypots as part of our ongoing efforts to learn what attackers are doing and how to best protect customers and users of our products. An interesting trend we have seen lately is the use of a very old xmlrpc vulnerability from 2005 being widely used in attacks. What’s really interesting is that there appears to be a new variant to this old vulnerability. Could there be holes in new applications using this old vulnerability? And what should you do about it?
Are firewalls and patching enough?
March 2, 2012
Written by: Michael Shinn
We got an interesting question from a potential customer recently that I’d like to answer here. Our customer asked:
“I recently purchased a new dedicated server. I was told the server is managed so not to worry about security, and they will patch the system and also provide a complementary firewall. Is this enough security for my server? Thank you in advance, I just want to make sure I’m doing the right things to protect my server and data.”
The short answer is no.
Why does use so much memory?
February 27, 2012
Written by: Michael Shinn
Note: This article is not about Atomic Secured Linux (ASL), it is about all modern Linux based systems. This characteristic of modern Linux based systems is universal to all modern Linux systems, not just systems running ASL.
We often get asked why a Linux based systemseems to be using so much memory. Even on huge systems with tons of memory, over time a Linux seems seems to use up all the memory available. People get worried that something is wrong, and that maybe that there is a bug in something. Most of the time, it turns out that a Linux system isn’t really using as much memory as it may appear, and this article is targeted at explaining how memory works in Linux and what tools you can use to find out how much memory is actually being used.
ASL Kernel 2.6.32.41 updates
June 13, 2011
Written by: Scott Shinn
Now that we’re nearing the finish line for the 3.0 ASL release, there has been some time for those of us that are not gifted with user interface design skills to focus on some much needed back end updates & feature completion. The first major project was to get the Kernel build system into a much less manual state.
Detection and Tripwires
May 9, 2011
Written by: Michael Shinn
Recently we had a customer ask a great question if the WAF could be configured to only inspect attacks if the file existed. In other words, to only look at an action if the URL was valid. The WAF can be configured to do this, and this article explains how to do it. But before you do it, I’d like to take a moment to discuss why I recommend against this.
Virtual Patching
April 27, 2011
Written by: Michael Shinn
Virtual patching is an invaluable tool for immediate remediation to fix vulnerabilities in web applications. Atomic Secured Linux and the Atomicorp.com/Gotroot.com modsecurity rules contain thousands of Virtual Patches which we update everyday.
Sometimes you may need to patch a vulnerability in an application that we are not aware of, such as with a custom application. This paper outlines exactly where and when Virtual Patching is appropriate, how it can be integrated into the Incident Response process, and how it can be integrated into the incident response process, and the proper steps for creating and testing real-world examples.
3.0 Reports & other updates
April 26, 2011
Written by: Scott Shinn
We’re getting close to the release candidate series so its time to give the hip-shot list of new things since the last abbreviated update: 1) More updates for DirectAdmin and Cpanel environments, specifically for their custom Apache implementations. This should keep settings in parity across rebuilds. 2) The reporting module is now active, we […]
« Previous 1 2 3 4 Next »
