Jump to content
Slate Blackcurrant Watermelon Strawberry Orange Banana Apple Emerald Chocolate Marble
Slate Blackcurrant Watermelon Strawberry Orange Banana Apple Emerald Chocolate Marble

Giannis

Moderators
 View Profile  See their activity

  • Content Count

    77

  • Joined

  • Last visited

  • Days Won

    13

  • Feedback

    N/A

Posts posted by Giannis

  2. Posted · Report reply

    MariaDB 10.1 is the previous stable series of MariaDB. It is an evolution of MariaDB 10.0 with several entirely new features not found anywhere else and with backported and reimplemented features from MySQL 5.6 and 5.7.

    MariaDB 10.1.33 is a Stable (GA) release.

    For an overview of MariaDB 10.1 see the What is MariaDB 10.1? page.

    Notable Changes

    • PCRE updated to 8.42
    • The embedded server library now supports SSL when connecting to remote servers.
    • ALTER TABLE fixes: MDEV-14693, MDEV-16080, MDEV-15937
    • encryption fixes: MDEV-15937, MDEV-16092, MDEV-15752, MDEV-15566
    • systemd and shutdown fixes: MDEV-14705
    • As per the MariaDB Deprecation Policy, this will be the last release of MariaDB 10.1 for Debian 7 Wheezy
    • In this release experimental Ubuntu 18.04 "bionic" packages are present in the MariaDB 10.1 repository. However, because Ubuntu includes MariaDB 10.1 in its main repositories we recommend using the Ubuntu provided MariaDB 10.1 packages for general use.


    Security Fixes
    Fixes for the following security vulnerabilities:

     

    https://mariadb.org/mariadb-10-1-33-and-mariadb-galera-cluster-10-0-35-now-available/

  4. Posted · Report reply

    Good news is Oracle has announced that MySQL 8.0 has gone GA Stable with 2x the performance of MySQL 5.7

     

    MySQL adds NoSQL and many new enhancements to the world’s most popular open source database:

    1. NoSQL Document Store gives developers the flexibility of developing traditional SQL relational applications and NoSQL, schema-free document database applications. This eliminates the need for a separate NoSQL document database.
    2. SQL Window functions, Common Table Expressions, NOWAIT and SKIP LOCKED, Descending Indexes, Grouping, Regular Expressions, Character Sets, Cost Model, and Histograms.
    3. JSON Extended syntax, new functions, improved sorting, and partial updates. With JSON table functions you can use the SQL machinery for JSON data.
    4. GIS Geography support. Spatial Reference Systems (SRS), as well as SRS aware spatial datatypes, spatial indexes, and spatial functions.
    5. Reliability DDL statements have become atomic and crash safe, meta-data is stored in a single, transactional data dictionary
    6. Observability Performance Schema, Information Schema, Invisible Indexes, Error Logging.
    7. Manageability Persistent Configuration Variables, Undo tablespace management, Restart command, and New DDL.
    8. High Availability InnoDB Cluster delivers an integrated, native, HA solution for your databases.
    9. Security OpenSSL improvements, new default authentication, SQL Roles, breaking up the super privilege, password strength, authorization.
    10. Performance Up to 2x faster than MySQL 5.7.

     

    Observability
    Information Schema (speed up)

    MySQL 8.0 reimplements Information Schema. In the new implementation the Information Schema tables are simple views on data dictionary tables stored in InnoDB. This is by far more efficient than the old implementation with up to 100 times speedup.

    Performance Schema (speed up)

    MySQL 8.0 speeds up performance schema queries by adding more than 100 indexes on performance schema tables.

     

    Security features
    OpenSSL by Default in Community Edition

    MySQL 8.0 is unifying on OpenSSL as the default TLS/SSL library for both MySQL Enterprise Edition and MySQL Community Edition. 

    SQL roles

     

    Performance
    MySQL 8.0 is up to 2x faster than MySQL 5.7. MySQL 8.0 comes with better performance for Read/Write workloads, IO bound workloads, and high contention “hot spot” workloads.

    MySQL 8.0 implements SQL Roles. A role is a named collection of privileges. The purpose is to simplify the user access right management. One can grant roles to users, grant privileges to roles, create roles, drop roles, and decide what roles are applicable during a session.

     

    Scaling Read/Write Workloads

    MySQL 8.0 scales well on RW and heavy write workloads. On intensive RW workloads we observe better performance already from 4 concurrent users and more than 2 times better performance on high loads comparing to MySQL 5.7. We can say that while 5.7 significantly improved scalability for Read Only workloads, 8.0 significantly improves scalability for Read/Write workloads. The effect is that MySQL improves hardware utilization (efficiency) for standard server side hardware (like systems with 2 CPU sockets). This improvement is due to re-designing how InnoDB writes to the REDO log. In contrast to the historical implementation where user threads were constantly fighting to log their data changes, in the new REDO log solution user threads are now lock-free, REDO writing and flushing is managed by dedicated background threads, and the whole REDO processing becomes event-driven.

     

    Better Performance upon High Contention Loads (“hot rows”)

    MySQL 8.0 significantly improves the performance for high contention workloads. A high contention workload occurs when multiple transactions are waiting for a lock on the same row in a table, causing queues of waiting transactions. Many real world workloads are not smooth over for example a day but might have bursts at certain hours. MySQL 8.0 deals much better with such bursts both in terms of transactions per second, mean latency, and 95th percentile latency. The benefit to the end user is better hardware utilization (efficiency) because the system needs less spare capacity and can thus run with a higher average load.

  6. Posted · Report reply

    Sucuri's yearly Hacked Web Site Report is out for 2017 Hacked Website Report 2017 Statistics | Sucuri

    Παράθεση

    The Hacked Website report is a report produced by Sucuri. It summarizes the latest trends by bad actors, identifying the latest tactics, techniques, and procedures (TTPs) seen by the Remediation Group (RG). This report will build on the data from the previous quarters, including updated data for 2017.

    The one constant you’ll find in this report is the issues pertaining to poorly trained website administrators (i.e., webmasters) and their effect on websites.

    This report will provide trends based on the CMS applications most affected by website compromises, the type of malware families being employed, and updates on the state of website blacklisting. It does not consider data related to WordPress plugin configurations.

    This report is based on a representative sample of the total number of websites the Sucuri RG performed incident response services. A total of 34,371 infected websites were analyzed in this report. This sample provided a representation of the infected websites worked on by the remediation group in the Calendar Year 2017.

    Download Report

    Παράθεση

    The 2017 telemetry indicates a shift in CMS infections:

    • WordPress infections rose from 74% in 2016 Q3 to 83% in 2017.
    • Joomla infection rates have dropped from 17% in 2016 Q3 to 13.1% in 2017.
    • Magento infection rates rose marginally from 6% in Q3 2016 to 6.5% in 2017.
    • Drupal infections dropped slightly from 2% in Q3 2016 to 1.6% in 2017.

    Magento sites can be most out of date

    Παράθεση

    Over the course of the previous year, 71% of all compromises had a PHP-based backdoor hidden within the site. These backdoors allow an attacker to retain access to the environment long after they have successfully infected the website and performed their nefarious acts. This gives attackers the opportunity to bypass any existing access controls into the web server environment. The effectiveness of these backdoors comes from their elusiveness to most website scanning technologies.

    Backdoors often function as the point of entry into the environment, post-successful compromise (i.e., the ability to continue to compromise). Backdoors themselves are not often the intent of the attacker. The intent is in the attack itself, found in the form of conditional SEO spam, malicious redirects, or drive-by-download infections.

    We also saw a marginal decline in malware distribution – from 50% in Q3 2016 to 47% in 2017. Mailer script infections held steady at 19% from the previous report.

     

  7. Posted · Report reply

    Αναφορά του συμβάντος από την ομάδα του VestaCP:

    Παράθεση

    First of all, there was no reports about hacks on 0.9.8-20. 
    Please update your servers as soon as possible.


    For those who are interested in technical details here is how authentication model looked like in previous releases:
    - PHP script /api/index.php receives user password via POST request
    - then this script writes user password to a tmp file (for example /tmp/tmp.cWdkwNbBrR)
    This operation was needed to protect password from being hijacked via "ps auxf" command.

    - Path to the file was then passed to the shell script v-check-user-password:
    (v-check-user-password admin /tmp/tmp.cWdkwNbBrR)

    - The script reads the content of /tmp/tmp.cWdkwNbBrR and calls sub process in order to generate hash based on the file content
    hash=$($BIN/v-generate-password-hash $method $salt <<< $password)

    We think that this part could allow for arbitrary code execution. Theoretically you could send something like
    "password; cat /etc/passwd" to get the content of /etc/passwd. However we weren't able to bypass auth protection ourselves.


    Here is what we did in the new release.
    - The PHP process still receives unescaped password via POST
    - Then instead of transmitting this password to the script it is now creates hash
    - Then this hash is written into the tmp
    This way code injected string like "password; cat /etc/passwd" converts to a harmless "7v8FlZefN7aQ9OoxGkR8lFHKejCxH9g64TQVVoRUuAObszO2hJy.CAs8ZG3JUtDKYQZNIZS61" sequence of characters which makes it impossible to inject anything.

     

  8. Posted · Report reply

    Μακάρι να μην δημιουργήσει νέα θέματα. Το exploit φαίνεται να βρέθηκε στον παρακάτω κώδικα:

    Παράθεση

    $v_password = tempnam("/tmp","vst");
    $fp = fopen($v_password, "w");
    fwrite($fp, $_POST['password']."\n");
    fclose($fp);
    $v_ip_addr = escapeshellarg($_SERVER["REMOTE_ADDR"]);
    exec(VESTA_CMD ."v-check-user-password ".$v_user." ".$v_password." '".$v_ip_addr."'", $output, $auth_code);
    unlink($v_password)

    όπου το διόρθωσαν εδώ: https://github.com/serghey-rodin/vesta/commit/3fdee2975db0c80419a0dfefff3c10a2c4de6410

  10. Posted · Report reply

    This is just a heads up that alot of VestaCP users' servers have been reportedly hacked and compromised and sending out spam and DDOS attacking other sites from the compromised servers. Web hosts are suspending VestaCP servers. Full details and ongoing discussion at:

    From VestaCP forums, seem a command IP related to the hacker is 119.82.29.17

    Looks like it might be a Linux/Xor.DDoS (also known as DDoS.XOR or Xorddos) malware. Very old 2015 blog article on this at: https://bartblaze.blogspot.com.au/2015/09/notes-on-linuxxorddos.html

  13. Posted · Report reply 

    Changes with nginx 1.13.11                                       03 Apr 2018

    *) Feature: the "proxy_protocol" parameter of the "listen" directive now
       supports the PROXY protocol version 2.

    *) Bugfix: nginx could not be built with OpenSSL 1.1.1 statically on
       Linux.

    *) Bugfix: in the "http_404", "http_500", etc. parameters of the
       "proxy_next_upstream" directive.

  15. Posted · Report reply

    The MariaDB project is pleased to announce the availability of MariaDB 10.2.14 and MariaDB 10.1.32, both stable releases, as well as MariaDB Connector/J 2.2.3, the latest stable release in the MariaDB Connector/J 2.2 series, and MariaDB Connector/J 1.7.3, the latest stable release in the MariaDB Connector/J 1.7 series.

    https://mariadb.org/mariadb-10-2-14-mariadb-10-1-32-and-mariadb-connector-j-2-2-3-and-1-7-3-now-available/

  16. Posted · Report reply 

    Changes with nginx 1.13.10                                       20 Mar 2018

    *) Feature: the "set" parameter of the "include" SSI directive now
       allows writing arbitrary responses to a variable; the
       "subrequest_output_buffer_size" directive defines maximum response
       size.

    *) Feature: now nginx uses clock_gettime(CLOCK_MONOTONIC) if available,
       to avoid timeouts being incorrectly triggered on system time changes.

    *) Feature: the "escape=none" parameter of the "log_format" directive.
       Thanks to Johannes Baiter and Calin Don.

    *) Feature: the $ssl_preread_alpn_protocols variable in the
       ngx_stream_ssl_preread_module.

    *) Feature: the ngx_http_grpc_module.

    *) Bugfix: in memory allocation error handling in the "geo" directive.

    *) Bugfix: when using variables in the "auth_basic_user_file" directive
       a null character might appear in logs.
       Thanks to Vadim Filimonov.

  22. Posted · Report reply

    Το μόνο που πρόσθεσα (από ότι κατάλαβα από το άρθρο της Google) είναι 2 PTR records (IPv4 & IPv6) στα DNS settings του domain στο Plesk. 

    εδώ η IPv4/24 PTR example.com
εδώ η IPv6/24 PTR example.com

     

  23. Posted · Report reply

    Σε Plesk control panel έχει ορισθεί ένα email "info@example.com" και έχει ορισθεί να γίνετε forward σε gmail, η αποστολή email μέσο του info@ γίνεται reject με το παρακάτω μήνυμα: 

    This is the mail system at host server.expamle.com. 

I'm sorry to have to inform you that your message could not 
be delivered to one or more recipients. It's attached below. 

For further assistance, please send mail to postmaster. 

If you do so, please include this problem report. You can 
delete your own text from the attached returned message. 

                   The mail system 

<my@gmail.com>: host 
    gmail-smtp-in.l.google.com[2a00:1450:4013:c02::1a] said: 550-5.7.1 
    [IPv6 here] Our system has detected that this message 
    550-5.7.1 does not meet IPv6 sending guidelines regarding PTR records and 
    550-5.7.1 authentication. Please review 550-5.7.1 
    https://support.google.com/mail/?p=IPv6AuthError for more information 550 
    5.7.1 . 1si11207325edy.183 - gsmtp (in reply to end of DATA command) 

Greetings

     Έχω προσθέσει 2 PTR records για την IPv4 & IPv6 ως: 

    IPv6/24 PTR example.com
IPv4/24 PTR example.com

    και συνεχίζει να υπάρχει το πρόβλημα.

     

    Μήπως ξέρετε πως μπορώ να το διορθώσω;

×