Blog

Are firewalls and patching enough?

March 2, 2012

Written by: Michael Shinn

We got an interesting question from a potential customer recently that I’d like to answer here.  Our customer asked:

“I recently purchased a new dedicated server. I was told the server is managed so not to worry about security, and they will patch the system and also provide a complementary firewall.  Is this enough security for my server?  Thank you in advance, I just want to make sure I’m doing the right things to protect my server and data.”

The short answer is no.

Read More...


Why does use so much memory?

February 27, 2012

Written by: Michael Shinn

Note: This article is not about Atomic Secured Linux (ASL), it is about all modern Linux based systems. This characteristic of modern Linux based systems is universal to all modern Linux systems, not just systems running ASL.

We often get asked why a Linux based systemseems to be using so much memory.  Even on huge systems with tons of memory, over time a Linux seems seems to use up all the memory available.  People get worried that something is wrong, and that maybe that there is a bug in something.  Most of the time, it turns out that a Linux system isn’t really using as much memory as it may appear, and this article is targeted at explaining how memory works in Linux and what tools you can use to find out how much memory is actually being used.

Read More...


ASL Kernel 2.6.32.41 updates

June 13, 2011

Written by: Scott Shinn

Now that we’re nearing the finish line for the 3.0 ASL release, there has been some time for those of us that are not gifted with user interface design skills to focus on some much needed back end updates & feature completion. The first major project was to get the Kernel build system into a much less manual state.

Read More...


Detection and Tripwires

May 9, 2011

Written by: Michael Shinn

Recently we had a customer ask a great question if the WAF could be configured to only inspect attacks if the file existed.  In other words, to only look at an action if the URL was valid.  The WAF can be configured to do this, and this article explains how to do it.  But before you do it, I’d like to take a moment to discuss why I recommend against this.

 

Read More...


Virtual Patching

April 27, 2011

Written by: Michael Shinn

Virtual patching is an invaluable tool for immediate remediation to fix vulnerabilities in web applications. Atomic Secured Linux and the Atomicorp.com/Gotroot.com modsecurity rules contain thousands of Virtual Patches which we update everyday.

Sometimes you may need to patch a vulnerability in an application that we are not aware of, such as with a custom application.  This paper outlines exactly where and when Virtual Patching is appropriate, how it can be integrated into the Incident Response process, and how it can be integrated into the incident response process, and the proper steps for creating and testing real-world examples.

Read More...


3.0 Reports & other updates

April 26, 2011

Written by: Scott Shinn

We’re getting close to the release candidate series so its time to give the hip-shot list of new things since the last abbreviated update:   1) More updates for DirectAdmin and Cpanel environments, specifically for their custom Apache implementations. This should keep settings in parity across rebuilds. 2) The reporting module is now active, we […]

Read More...


New WAF rule class

March 31, 2011

Written by: Michael Shinn

We’ve added a new rules class to the WAF “untrusted code content”. Untrusted code rule classes allows us to detect cases where web code may be allowed, but will still be inspected to determine if its malicious. This allows for a more nuanced approach to cross site scripting attack protection, that significantly reduces false positives […]

Read More...


Cpanel Beta now Available

March 8, 2011

Written by: Scott Shinn

Among other developments in the 3.0 branch is our initial foray into support for cpanel. As long time users have known, ASL has supported just about every CP (Plesk, Interworx, DirectAdmin, even Ensim) out there except the all-source builds like cpanel.   We’ve managed to assemble a mostly RPM based ASL distribution for Cpanel systems, […]

Read More...


A quick 3.0 update

February 23, 2011

Written by: Scott Shinn

If you follow the forums you’ve probably already seen these screenshots of ASL 3.0. I figured a repost on the website wouldnt hurt for any newcomers curious about some of the things in store for 3.0:   File Integrity Checks Starting first with file checks, this is a major update to visualizing changes on the […]

Read More...


Portal and other changes

December 29, 2010

Written by: Scott Shinn

We just finished up some (very, very) overdue updates to the support portal. The first is probably one of the more popular user requests to create support portal accounts that line up to the ASL user ID. Previously we had maintained a policy of separate portal portal accounts to allow users to have multiple tiers […]

Read More...


1 2 3 4

Protect Your Server Now

©2015 Atomicorp, All Rights Reserved

twitterfacebook