KML_FLASHEMBED_PROCESS_SCRIPT_CALLS

Posts Tagged ‘Patch’

 

Security Basics: 4 Steps to Tighten up Linux Security

Tuesday, November 20th, 2012 by

Our previous security articles from GoGrid discussed 5 steps to enhance your security on Microsoft Windows and how to tighten up Windows security. But what about making your Linux server security a bit more robust?

security-camera

Overview

Security studies strongly demonstrate that most systems will be attacked within 5 hours after becoming publicly accessible—in some cases, in less than 2 hours. The sources of the attacks are often unsuspecting users whose systems have been compromised by malware and are in turn being used to attack and infect other systems. The majority of attacks target two common threats:

  1. A combination of commonly used system accounts (e.g., the root account) with weak, dictionary-based passwords
  2. Systems that are missing critical or high-security vulnerabilities

Solution

This article provides GoGrid’s security recommendations for Cloud Servers running Linux. Perform these 4 steps in sequential order immediately after provisioning new GoGrid Cloud Servers to maintain the security (confidentiality + integrity + availability) of your system. (more…) «Security Basics: 4 Steps to Tighten up Linux Security»

How To Tighten Up Windows Security

Thursday, October 25th, 2012 by

In the previous Security article from GoGrid, we outlined 5 Steps to enhance your security on Microsoft Windows. This article walks you through some of these steps.

vault

Step 1: Patch your system

The following steps apply to Microsoft Windows 2008 OS and Microsoft applications:

  1. Select the Start button
  2. Type “windows update” in the search area and press the Enter button.
    windows-update
  3. You should see the following screen:
    updates-available
  4. Select the Check for Updates option, which will connect to Microsoft to determine if your system requires security updates.
    check-for-updates
  5. Install security updates by pressing the Install updates button.
    Note: You may need to reboot your system immediately after you’ve applied the security updates.
    install-updates

Step 2: Rename the administrator account

The following steps apply to Microsoft Windows 2008: (more…) «How To Tighten Up Windows Security»

Security Basics: 5 Steps to Tighten Security for Microsoft Windows

Tuesday, October 23rd, 2012 by

Security studies (including GoGrid’s internal research) strongly demonstrate that most systems will be attackedattack-in-5-hours within 5 hours after becoming publicly accessible—in some cases, in less than 2 hours. The sources of the attacks are often unsuspecting users whose systems have been compromised by malware and are in turn being used to attack and infect other systems. The majority of attacks target two common threats:

  1. A combination of commonly used system accounts (e.g., the Administrator account) with weak, dictionary-based passwords
  2. Systems that are missing critical or high-security vulnerabilities

Solution

This document provides GoGrid’s security recommendations for Cloud Servers running Microsoft Windows. Perform these 5 steps in sequential order immediately after provisioning new GoGrid Cloud Servers to maintain the integrity and security of your system.

Note: For a step-by-step how-to with screenshots, please see the companion article, “How To Tighten Up Windows Security.”

lock (more…) «Security Basics: 5 Steps to Tighten Security for Microsoft Windows»

GoGrid Proactively Responds to Xen Vulnerability

Wednesday, June 20th, 2012 by

GoGrid regularly reviews, analyzes, and ranks recently published security vulnerabilities as part of its security program. We typically address security vulnerabilities that pose a risk to GoGrid’s digital ecosystem during our regular patch cycle. However, critical security vulnerabilities require immediate action. Such was the case with last week’s security advisory that impacted software such as Xen, FreeBSD, NetBSD, and some versions of Microsoft Windows. You can find specifics of the security advisory here: http://lists.xen.org/archives/html/xen-announce/2012-06/.

vaultThe vulnerability meant a system admin running a 64-bit paravirtualized (PV) guest (such as Windows 2008 R2 or a Linux 64-bit distribution) on a 64-bit hypervisor could gain kernel-level access by successfully exploiting Intel’s SYSRET design implementation. This vulnerability isn’t unique to Xen or even to virtualized environments. In fact, any guest user—that is, someone with non-administrator privileges—with logical access to a stand-alone server running NetBSD, FreeBSD, Microsoft Windows 7, or Windows 2008 R2 can perform a similar exploit against the OS and gain unauthorized access.

GoGrid’s Security team determined that the vulnerability exposed our customers to an attacker potentially gaining access to their virtualized systems. Even more important, GoGrid’s Security team determined the vulnerability was a prime target for a “zero-day exploit”—one that could occur on the same day the vulnerability becomes generally known.

As a result, we took immediate action: We downloaded and tested the patch, engaged on of our outside security firm partners to gain intelligence on how the Black Hat community perceived the vulnerability, scheduled an emergency patch rollout over the weekend, and deployed the security patch across all impacted systems.

On June 18, 2012, GoGrid Security team confirmed that an exploit had been published and is now circulating on the Internet.

We appreciate your understanding and support in allowing us to continue providing you with a safe, secure, and stable environment.

GoGrid Updates for December 2010 – Dedicated Servers (East Coast), Server Image Sharing, and More!

Wednesday, December 15th, 2010 by

Our software “elves” have been hard at work preparing the latest and greatest feature and service updates to the GoGrid cloud. We are excited about our December 2010 release as it is packed with enhancements and new and updated features to truly make GoGrid your choice for deploying Cloud Infrastructure or setting up a Hybrid Hosting environment.

UPGRADE_sticky

Some of the noteworthy features and changes include:

  • GoGrid Dedicated Servers in our East Coast Data Center
  • Limited Time Promotion on East Coast Dedicated Servers and West Coast GoGrid Firewall
  • GoGrid Image Sharing
  • GoGrid Fortinet Firewall Ordering
  • Increase Windows Sandbox Server Size
  • Other Changes including Windows Patch Updates

Read on for more details on each of the items above.

GoGrid Dedicated Servers on East Coast

(more…) «GoGrid Updates for December 2010 – Dedicated Servers (East Coast), Server Image Sharing, and More!»