Skip to content
Oct 26 16

Dirty cow vulnerability resolved and Ubuntu 16.04 available

by Adrian Andreias

We’ve updated all our OpenVZ nodes to fix the dirty cow vulnerability that was (re)discovered recently.

With this update another kernel  issue was fixed and Ubuntu 16.04 is now available in all our locations.

 

Jan 4 16

Fleio: OpenStack billing and control panel

by Adrian Andreias

A sister company is developing Fleio: OpenStack billing software and control panel for service providers.

A public release of the software has not been made yet, but an alpha version is planned to be released in a few months. You can see some early screenshots on their Facebook account.

You can sign up for their newsletter if you want to be notified about releases.

 

Mar 11 15

Monthly traffic increased

by Adrian Andreias

After doubling the amount of guaranteed memory last November, we’re now increasing the monthly traffic with up to 100%:

  • Starter package: increased monthly traffic from 1 TB to 2 TB
  • Small package: from 2 TB to 3 TB
  • Medium package: kept the 4 TB (sorry)
  • Large: from 6 TB to 8 TB

The change applies for the current month as well.

Nov 12 14

Double memory

by Adrian Andreias

We’ve doubled the amount of guaranteed memory for all virtual machines. This is already active for existing machines and no restart is required. We have also removed the “burst memory”, which is now guaranteed.

All other package characteristics have remained the same, including price.

If you happen to encounter any issue caused by the upgrade open a support ticket.

 

Apr 10 14

Heartbleed OpenSSL Vulnerability

by Adrian Andreias

On April 7, 2014  CVE-2014-0160 vulnerability, also known as “Heartbleed”, was released that could allow attackers to view sensitive information in a server’s memory such as secret keys and passwords. Given the severity of this problem, IntoVPS has taken the necessary steps to secure our web sites and keep our customers’ information safe from potential attacks.

A tool has been published that allows administrators to test the vulnerability of their system. If your site has an SSL certificate, go to the Heartbleed test page, enter your website URL, and run the vulnerability test.

If you are vulnerable please update openssl as soon as possible and restart your web server.

On Ubuntu/Debian:
sudo apt-get update
sudo apt-get upgrade
sudo /etc/init.d/apache2 restart

On Centos:
yum -y install openssl
/etc/init.d/httpd restart

Also Ars is reporting that a bot has been exploiting heartbleed in the wild since at least nov 2013. Therefore, we strongly suggest to reissue all the affected SSL certificates.

 

Jan 28 14

Kloxo zero-day exploit

by Adrian Andreias

Today we started to see our packet counter monitors triggering all over the place. At a closer look we’ve noticed a common pattern: scripts flooding from customers’ virtual machines running Kloxo.

A zero-day exploit has been identified in Kloxo control panel today. Here’s a discussion related to this.

We decided a few hours ago to proactively fix this inside ALL machines running Kloxo:

  • identify offending script that was uploaded and chmod 0 the directory
  • stop the kloxo daemon
  • email each and every (!) customer about this exploit and explaining the actions we took

Ionut and Ovidiu have just completed these steps and we managed to stop this pest, for now.

We don’t normally run commands inside customers’ virtual machines, but we decided that it’s the best action we can take in the interest of everyone involved. And by everyone, I mean everyone: compromised machine’s owner, other IntoVPS customers, IntoVPS employees and stakeholders, internet community.

Here’s the email we’ve sent:

Subject: IntoVPS – Kloxo installation compromised for server

Hello,

You are receiving this notification because you are running Kloxo panel management on your VPS named XXXXXXX.

It seems that Kloxo installations are compromised with a randomly-named PHP file placed into /home/kloxo/httpd/default/, which is the ‘default’ site accessible by IP address and that kloxo appear to be spawning a large number of httpd processes. Further investigation shows they’re all sending out volumes of traffic as part of a ddos.

Here is an example of a compromised file uploaded in /home/kloxo/httpd/default: http://disclosed.info/?7c12a1a4560b7664#5fpnfdknf4EfBcGqLjeV9/vAY1RXEKkLC3+fqm16c6E=

At this moment there isn’t any fix published for Kloxo and as a workaround for this particular issue, we are going to change the permission of that folder to 0 with the following command:

chmod 0 /home/kloxo/httpd/default/
chmod 0 /home/admin/*/cgi-bin

Also is it better for now to stop kloxo daemon until a proper fix is released.

/etc/init.d/kloxo stop

We also noticed the same particular file being uploaded in the cgi-bin folders of the website managed by admin users. I strongly advice to check this as well and remove or change permission of those files that contains the same patern as soon as possible.

If you have any questions, please let us know.

Best regards,
IntoVPS Support

 

Sep 10 12

Ubuntu 12.04 and Arch Linux 2012.09 available

by Adrian Andreias

We’ve added Ubuntu 12.04 and Arch Linux 2012.09 to our OS templates list.

  • Arch Linux 2012.09 32-bit
  • Arch Linux 2012.09 64-bit
  • Ubuntu 12.04 32-bit
  • Ubuntu 12.04 64-bit

The Arch Linux template has the most recent system updates installed, which includes the changing of ‘/lib’ to a symlink as well as initializing pacman keyring at first boot.

As always, existing customers can reinstall from Hypanel, new customers can choose them in the order form.

May 1 12

Arch Linux 2012.05 update released

by Adrian Andreias

Arch Linux 2012.05 is now available to install on your VPS. It contains needed fixes to run properly on OpenVZ. As usual, you can reinstall your VSP from Hypanel or order a new one and choose this template.

 

Apr 4 12

Removing live chat

by Adrian Andreias

On April 5th 2012 we will remove the live chat support. We feel that your questions are much better answered in email and this is a much well suited support channel for our VPS hosting service.

Our support staff will continue to be available 24/7 and our target is to answer any ticket in a few minutes, our current response time being under 10 minutes. You can also reach us by phone at +40 364 566 777.

I want to remind you about our community support channels where you’ll find other customers and also our staff:

 

Feb 24 12

Launching Amsterdam 2: Evoswitch data center

by Adrian Andreias

We’re launching our second Amsterdam location: the Evoswitch data center. We’ll continue to use the Leaseweb network and services here too, just the physical location is changing.

All new orders for Amsterdam are now deployed in Evoswitch.

Here’s the data center presentation:

Amsterdam 1 (Easynet data center) is full and we’re no longer deploying VPS systems there. But if for some reason you really want a VPS in Amsterdam 1, we might still find some room for 1 or 10 VPS’es.

Looking forward to see you in Evoswitch! 🙂