ParagonHost.com “World Class Internet Services”

Are you in need to share large files?

From Free to Paid - you now are able to send or share large files in a pinch!

Here is some resources for you…

Pando, FREE - E-mail attachment initiates a BitTorrent-based P2P transfer up to 1GB backed by a server
http://www.Pando.com

YouSendIt, 100MB Free - Sends links to uploaded files good for 14 days; designed for business use.
http://www.YouSendIt.com

Zapr, FREE - Turns any file or folder on your PC into a shareable Web Link
http://www.zapr.com 

 AllPeers, Free - Transfers files to your buddies through a BitTorrent based Add-on to FireFox Browser
http://www.allpeers.com

Glide, 300mb Free - Stores and shares digital media via browser-based desktop or smartphone
http://www.glidedigital.com

MediaMax, 25GB Free - Stores digital photos, movies and other files on the web
http://www.mediamax.com

Myfabrik, 1GB Free - Sends links to shared files stored on the Web or a Maxtor Fusion hard drive
http://www.myfabrik.com

Content powered by: ParagonHost, LLC
http://www.paragonhost.com
“World Class Internet Services”

Interview With Douglas J. Erwin

Interview by Liam Eagle, theWHIR.com

October 20, 2006 — (WEB HOST INDUSTRY REVIEW) — In May of 2006, EV1 Servers and The Planet announced that they had merged, under the auspices of investor GI Partners. In June, the company’s new CEO Douglas J. Erwin told theWHIR he had a 90-day plan to develop the organization’s new direction. Three months later, we spoke again, with the company headed confidently in a new direction.

WHIR: We spoke when you were about a week into your tenure at the company, still getting your feet wet in the hosting business. I’m wondering where you are now with that.

Douglas Erwin: We’ve been moving fiercely fast since then. It’s hard to believe it was only July that we really started this. But we’ve made a lot of progress in trying to get these two companies integrated and positioned in the market as a very world class hosting business.

Let me just rattle for a while about some of the things we’ve done, and then you can stop me.

We’ve made a lot of progress in thinking about this dedicated hosting or IT infrastructure outsourcing. And I think that we’re fortunate that we’ve been able to take two very world class, innovative-thinking organizations that have built not only world class hosting business, but world class infrastructure facilities - our data centers.

The hosting business has a plethora of organizations that have a nice little business, good cash flow. But they’re businesses that deal a lot with what I’ll call less-than-mission-critical stuff, steering themselves to mom-and-pops in the customers that they deal with and shared business and $10 slices of servers.

What we’ve done - and give the credit to the founding people of these two businesses - but the organization and data centers we’ve built are far more than that. They’re capable of handling mission critical [hosting demands] 24-7. In open systems you can’t ever talk about 100 percent uptime, but you can sure talk about high availability into the triple-nines and in some cases into the four nines.

We’ve spent the last two or three months talking to anybody we could, inside our company and outside our company, and most importantly to our customers. We have taken the top 16 executives in our company, and I’ve given them seven names each of seven customers that represent our top 100 or 150 accounts. We called them and basically got a report card on things like: How does our service rate on a scale of 1 to 10? What do we do that you like? What do we do that you don’t like? Where are we screwing up? What more things would you like to see from us to help you and your business?

We got pushy and asked them about business, where else they outsource. Because what we’d like to do is find our customers and build a solution where we get our fair share of their outsourcing money.

In my terms our fair share is 100 percent.

So we have collected a lot of information, and taken action on a lot of these things. A lot of our customers are very complimentary of our world-class data centers. They don’t know that our facilities are built with N+1 redundancy and that the bandwidth and the networks that we’re building are being prepared for the future applications in hosting and infrastructure (which is video). They don’t know that we are building redundancy now between our two cities. We have a NOC in Houston and a NOC in Dallas now, both of them capable of handling fail-overs and running each other’s facilities. In a normal hosting business, people wouldn’t necessarily expect that, but where we’re taking our business, they will demand that.

And we will announce next week an unbundling of our pricing. Our customers have complained that we sell them a lot of things they don’t really need, but since we’re the [service provider] they want to use, they have to buy it. So we’ve unbundled it and we will be announcing a shopping cart that allows these guys to basically pick and choose, and customize what they need for their business.

I think the future of hosting is not about selling servers, but it’s about selling solutions to customer issues. And for some it’s more bandwidth, for some it’s more storage, for some it’s faster processor, less storage. And all these things are what we’re trying to build. So we’ve also expanded our product offering. Some of our customers have requested they need a lower entry box - we do a lot of business with resellers - so we’ve announced a lower-end box. A lot of our customers want more handholding. We’ve announced private racks in the Dallas location, which we already had in Houston. But it’s basically the ability for us to do colo on steroids, if you will, where we’re actually selling and maintaining the products in their facilities, with extended service capabilities. We’ve got the white glove series in trial form. It’s the top of our service line. It’s where we put dedicated people working on these customers’ boxes 24-7. The thing is, you can imagine you’ve got to be a pretty big company to want that, and pay for it.

Really, we’re taking our business and splitting it into three businesses. If you think of the hosting business - and this has been one of the biggest debates I’ve had with inside and outside people and analysts and other hosting executives at conferences - I ask people to describe the hosting business to me. What is it?

And it really can be broken down into three main buckets: the shared or virtual side; the dedicated side, which really has two sides - unmanaged and managed; and then the area called complex hosting, which has your colo, and it has your “fanatical support,” if you will. We play, and have played, very strongly in the shared and virtualization and the low-end servers. That’s one business. It’s really the dedicated unmanaged server business. We’ve built a separate concept around that business because it has different parameters, different product requirements and different service requirements. And we’ve built a second business that we’re getting ready to launch, and that’s the one that’s going to deal with dedicated managed. And then the third one will be the complex, as we call it, or the colo on steroids - our private rack business.

We have also heard from our customers - and one of the things that came out loud and clear from all of our customer calls is - that we know very little about our customers and what they need. We are very much an inbound organization where customers call us and say “this is what I need, let’s buy it.”

We’re building a sales organization that basically overlays this business, where we’ve got key account reps that are assigned to our top 400, or I should say the top 5 percent of our customers. Because we have a colo business we have a separate sales organization now focused on the colo business. And we have a separate organization focused on what I will call the masses.

And we have another organization we’re building that we call the “enterprise guys,” and these are the ones that are dealing with none of our territories, none of our install base. But they’re going out and beginning to talk to enterprises that need special services, or they’re recruiting other people that are using other hosting companies, to try to bring them into our company.

And the last thing we’re focusing on is our customers have also complained about our billing procedures. And they think that we’re inflexible and some of them don’t want to pay monthly. They want to go to an annual base and they want a benefit for an annual contract. Well, that’s simple enough. We’re announcing next week both monthly and annual prices where the annual price will be an 8 percent lower cost, but it will be paid 12 months in advance.

So these are just a few things that we are starting to do to build on the strength, if you will, of what we’ve inherited.

Part of the plan for the 90 days between then and now was to assemble a new management team. Have you put the team that you want in place?

We put a new management team in place, and I say new in the sense that everybody’s new because there are new responsibilities, but we’ve got a number of people from the old EV1 and Planet organizations, and we’ve brought in some new talent from outside.

The CFO that I brought in is a gentleman by the name of Kevin Klausmeyer. Kevin and I have worked together in many accounts, and he is a proven CFO not only for a startup company, but for a large corporations. He was a controller at BMC when I first hired him away. He’s on the board of directors of Quest Software. He has been responsible for helping me raise well over $200 million of capital. We’ve sold companies together. He is, with BMC, a known commodity on Wall Street, very well connected with investment bankers, so that when we declare it’s time to take this company public, his proven track record in dealing with banks and Wall Street will make it very easy to make that transition again into that space.

Steve Kahan is a guy that I’ve recruited away. We’ve worked together in the past. His specialty is marketing. He’s probably the most marketing savvy guy I’ve met in my life. He was the CEO of a small startup in Houston and what I convinced him that he really needed to do was come help us build one large Web hosting company here in Dallas.

I should back up there. We’re located in Texas, but with worldwide benefits. Sixty percent of our customers are international. The fact that we’re in Texas doesn’t have anything to do with our customer base. We intend to expand our customer base both organically, and if it makes sense, inorganically.

We have also brought in a new sales leader, Chris Hampton. Chris will be our vice president of sales. He comes from a long track record of success in building sales organizations that have dealt with the customer base that we’re talking about: small and medium-sized businesses, as well as enterprise businesses.

We’ve brought in a counsel by the name of Joe Horzepa. We’ve brought in some HR personnel.

There’s a gentleman by the name of Jeff Lowenberg, who was responsible at EV1 for building all their data centers. He’s an operations expert. He built some of the best data centers that I’ve seen in my 32 years in the IT industry - N+1, tier 2, tier 3 type centers that make a lot of sense for the enterprise businesses that we want to go after.

We also have a guy by the name of Will Charnock, who was in the Planet organization. And Will has a networking background and a technology background. We’re using him to be what I’ll call our research organization, where we go out and we try to understand what’s going on in the marketplace in the hosting business, and look at technology that’s out there and available and try to be early adopters of some of the new technologies so that we can go to market before anyone else. He finds the technology, our product line organization under Kahan builds the business plan around it and makes sure it integrates into one of our business plans and then we implement a business case and implement against it.

We’ve hired in some PR talent. We’re in the process of filling out some of the technology and networking holes that we have. So we’ve done a lot of promotion, as well as bringing in new talent. We’re fortunate that we’ve got so much skill in our company that we’re able to promote from within. And when we don’t have the skill within the organization, we go outside. We’re not afraid to bring people in.

I think one of the things that people will see as they begin to feel the presence of our new company, is a tremendously strong management team, that if we all stood in front of you and took our shirts off, it’d be an ugly sight, but it’s a mature organization that’s got all the bullet holes and knife wounds and scrapes on our backs. We’ve probably got 175 years of management. We’re not just out of school, or your typical startup management team.

So it brings a sense of maturity, but it also brings a sense of creativity, because they all come from different walks of life.

Do you have a firm idea of how you intend to approach the brand, or brands?

If you’re asking will the brand names that we’ve had in the past, like ServerMatrix and Monster Servers and all that stuff go forward, the answer is no. And the reason is it gets back to the concern the customers had that when we sold them ServerMatrix or Monster Servers, they were pretty much configured the way they were. What we want to do is brand our name, and we want to brand our name as an infrastructure and hosting company that allows the customer to customize what they actually need.

So you will see us focusing on ads that push our company name and our company logo. And all of that we will be announcing in the January timeframe when we have a new Web site that supports all of that.

When you say “the company name,” is that going to change?

We will tell you that at the beginning of the year.

But you know what it is?

Yes.

Are there significant technologies or practices that were adopted from one side and applied across the board?

Absolutely. The EV1 organization had a strategy called “private racks,” which was very successful at EV1. We’ve brought that to Dallas and are now selling that across the Dallas install base. We have some technology used in Dallas to provision our servers and manage our inventory.

There’s one other key manager I didn’t tell you about that is our secret sauce, and what will differentiate us from other managed hosting companies - and that is our intellectual property, which we will use to manage these data centers. We will be pushing as hard as we can to get to a lights-out data center concept. Now, lights-out in the open systems can never happen, because you will always need a few technicians to touch boxes. But there’s no reason why we couldn’t open a data center in the middle of a cornfield in Iowa if we chose to, if we had the right software and intellectual property back in Houston and Dallas that allows us to monitor, to do upgrades, to do upgrades, to do provisioning, to do fixes and makes it a very automated process.

As I said, to do hardware upgrades you’ll have to touch boxes, and you’ll need to have the technicians to do that. But the concept is to get to a position where we can be as responsive as possible with customers as they order new equipment or upgrade equipment or need checks and balances.

We will be offering monitoring services that we haven’t in the past. And these are things that we played with in Dallas, and we’re taking to Houston.

We have built NOC centers in Dallas in Houston that will operate under the same guidelines. We are building escalation practices that will now operate under one guideline. We’re building a single way of operating, if you will, taking the best of both worlds. And in some cases, we don’t have the best, and so we’ve gone out and borrowed from other people who we think are doing a pretty good job, and we’re implementing that inside our business.

We’re not so proud; if somebody else has a better mousetrap and it fits in our business, we’ll use it.

The gentleman running the research and development for us is a guy by the name of Brian Lynn, and he’s got organizations both in Houston and Dallas that are creating this software strategy - the glue that holds it all together.

So we will have not only a corporation strategy, but we will have sub-strategy. We’ll have an IP or a software strategy that goes from the minute the box enters the back door to the moment the box, 10 years later, is out. We’ll have a server lifecycle strategy. As far as customers are concerned, they want to be buying the newest hottest stuff. And that usually lasts anywhere from two to three years. But we will find ways to utilize those servers in another life, allowing customers to do scale-out and grid computing. So there’s a whole other technology jump that we’ll be making. We’re not ready to announce it today, but it’s something that you’ll see probably come around the first quarter.

We will have a sales strategy, we’ll have a marketing strategy, we’ll have an efficiency strategy, we’ll have an operations best-practices strategy. But this is just basic blocking and tackling that we’ve never done before in this company that we will be implementing with this new management team.

If the new year marks the launch of the new brand and the new identity, are there specific things you intend to accomplish between now and then?

Sure. A lot of what I just told you we will be announcing next week. But there are some things that just take a little bit more time - to build the Web site the way we want it. So we’ve got to do that right. I’d rather do it right and make a big splash. You will see us continue to build these best practices. We’re working on our network. We’re building a network that links together the Houston and Dallas operations so that we can provide the same kind of service and network quality to every customer, whether they’re a Houston or Dallas customer.

We’re starting now to sell customers the capability to have backup servers in a different town. So we have large customers in Houston that we’re backing up, but we’re backing it up in a data center down the road. Now we’re going to back it up in Dallas. And we’re going to take Dallas customers and back them up in Houston, so that we have the capability in case of any kind of a disaster that we can hopefully survive and get the customer back up and running as quick as possible.

I point this all out to you because it’s a lot more than the hosting company EV1 and The Planet was when we migrated them together.

You personally were not a Web hosting executive before you became involved with The Planet and EV1 Servers. Do you have any new ideas you intend to introduce to the Web hosting business?

Absolutely. The Web hosting business has been a business that has grown up twice - once, then the dot com bust, and now again. I think people are seeing this new breed of hosting, and then this consolidation and integration going on within the industry. They’re taking it the next level up. They’re taking it to the next level of service to the customer. They’re taking it from just being a Web site or email to mission critical applications that are running.

A lot of my background, in fact all of my background, has either been in the hardware or software side of enterprise customers - selling lights-out data center concepts, selling software that allows for as much uptime as possible, selling networks that give you redundancy that not only handles your stuff today but your next application for the future, which is media streaming.

The software that we’re going to be implementing, the strategy of having something that goes across the entities from provisioning to upgrade to lights-out management, that’s where I’ve spent the last 10 years of my life - at BMC with systems management, PentaSafe with the concept of a single console handling multiple servers in a security base, and then last but not least the RLX experience where we were building not only great computing software but provisioning and mass deployment of servers.

So a lot of what I’ve been playing in plays right into the future of this business. And I’m blessed with the fact that I’m surrounded with people like Jeff and Will and Brian, and people who’ve been in the hosting company since its early years.

PRM: Process Resource Monitor from RFxNetworks is a nifty monitor to take care of runaway proc’s and auto kill them if they rise above the predefined setting.

Be sure to take a look at the rules directory, one value of note is for Exim - on a busy server you may need to ReOption the value for max proc’s from 10 to 20 … be sure the reason for added proc’s is due to how busy the server is with mail and not that you have a client that is spamming…

Fine the custom service config files here:

/usr/local/prm/rules

(Please note: This example is for a cPanel server)

And here is the result of the exim rule file:

# seconds to wait before rechecking a flaged pid (pid’s noted resource
# intensive but not yet killed).
WAIT=”12″

# counter limit that a process must reach prior to kill. the counter value
# increases for a process flaged resource intensive on rechecks.
KILL_TRIG=”3″

# argument to pass onto kill commands
KARG=”9″

# Max CPU usage readout for a process - % of all cpu resources (decimal values unsupported)
MAXCPU=”85″

# Max MEM usage readout for a process - % of system total memory (decimal values unsupported)
MAXMEM=”15″

# Max processes for a given command - this is not max processes for user but rather the executable
MAXPS=”20″

**** The last option of Max processes for a given command was bumped from 10 to 20

Cheers,

Dave Safley

http://www.ParagonHost.com

ModernBill Newsletter: 5.1 Released!
Dear ModernBill Client,

As a ModernBill Client we think you will benefit from reading the following announcements. The information provided in this newsletter is to ensure you get the most out of your ModernBill experience, learn about new products and services, and take advantage of discounts available only to you.

Inside This Issue:

01 Version 5.1 Released
02 New 5.1 Manuals Available
03 5.1 Upgrade Instructions
04 Free FraudGuardian Lookups
05 Migration Services Available

Version 5.1 Released!

Version 5.1 is now available and is loaded with dozens of new features! The 5.1 version is the most stable version to date and is packed with options and features you need in order to run a successful business. Take a look at some of the exciting and easy-to-use features of the new ModernBill 5.1 version below:

Features:

New Nominet Module Support
Distributed IT Module Support
Interworx Module Support
LinkPoint Module Support
Improved credit card authorization for ProtX module and transaction references.
Updated Migration Tool (Now you can migrate products!)
eNom EPP support for .com/.net transfers
Streamlined and optimized interface for faster page loading.
Significant usability enhacements.
Client management including one-touch cancel, suspend, and enable customer packages.
Upgrading to 5.1 is highly recommended! With the new streamlined, optimized, and increased performance of the MBAPI, ModernBill 5.1 is geared to help you increase productivity and efficiency with your day-to-day operations.

New 5.1 Manuals Available!

We now have two updated manuals specific to the 5.1 release. For 5.1 we developed two manuals, one for configuring your system (Configurations Manual) and one for using your system (Operations Manual).

To learn how to configure your system, view the Configurations Manual at:

http://manual.modernbill.com/v5co/

To learn how to use your system, view the Operations Manual at:

http://manual.modernbill.com/v5op/

We encourage your feedback on any of the available 5.1 documentation. If you have questions or comments regarding documentation, use the “comments” feature available on every page of both manuals.

5.1 Upgrade Instructions

A step-by-step document on how to upgrade to 5.1 is now available. These instructions make it easy for you to upgrade today! Simply follow the link below to learn how to upgrade your system to the latest ModernBill Version 5.1.

http://manual.modernbill.com/v5co/index.php?article=118

Free FraudGuardian Lookups

All ModernBill customers get 10 lookups a month FREE. No coupon needed to get started. Remember, FraudGuardian significantly reduces chargebacks saving your company a minimum of $75 each time a fraudster attempts to order from your website.

Do not delay any longer, signup today at:

http://www.modernsupport.com/fgbilling/order/orderwiz.php?style=&submit_domain=sk
ip&submit_package=package&type3_package=&type3_package=2

*Credit card required, but you will not be charged unless you need to upgrade your FraudGuardian lookups.

Migration Services Available

ModernBill now provides migration services to help you upgrade and migrate your data from a previous version of ModernBill 4.x. Save time, money, and resources by letting the ModernBill Migration Team take care of all your migration needs.

Speak with a qualified sales representative now by calling 502-566-7754.

——————————————————————————–

This periodic email newsletter is delivered to all current ModernBill customers, and contains information about new software versions and moderngigabyte.com web site features and content. If you have any questions or comments about this mailing, please contact sales@modernbill.com.

Copyright © 2006, ModernGigabyte, LLC

Thank you,
The MGB Team

Source: http://www.Whir.com

News Aggregation: http://www.ParagonHost.com  

October Issue of WHIR Mag:

http://whirmagazine.texterity.com/whirmagazine/

In this Issue:

• Interview: Doug Erwin
  
• Classroom Hosting
  
• Online Learning
  
• On-The-Job Training
  
• Tutorials
  
• Legal Q& A

1. Reset the Add-on usage statistics in Internet Explorer - Windows XP SP2
    

2. How to disable third-party download managers?
    

3. Change the default favorites export location of Internet Explorer Import-Export Wizard
    

4. Information bar appears when you open PDF files locally in Internet Explorer (Windows XP SP2)?
    

5. Default browser still points to MYIE2 while you have uninstalled it
    

6. Reset the Add-on usage statistics in Internet Explorer - Windows XP SP2
    

7. Internet Explorer should check to see whether it is the default browser - option does not work
    

8. Error “This version of QuickBooks requires Internet Explorer 6.0″
    

9. Unable to open local files in new Internet Explorer window? IE6 SP1 and later
    

10. Unable to resize Internet Explorer window by using javascript: code in the Homepage section, after upgrading to Windows XP Service Pack 2 ?
     

11. Security Warning appears when you try to navigate to a Trusted site from a webpage
     

12. Internet Explorer runs in Compatibility Mode or Side-by-Side Mode ?
     

13. Preserve the favicons using AM-Deadlink
     

14. Organize Favorites dialog in Internet Explorer displays a “Red X” mark
     

15. Internet Explorer Address bar search opens the file present in Desktop?
     

16. “Sites” button and “Custom Level” slider are grayed out in Internet Options - Security tab?
     

17. Convert Favorites to Txt file; View Internet Explorer Favorites information in a readable form.
     

18. Internet Explorer “Manage Add-ons” dialog does not retain your column preferences?

19. Source for above tips: http://windowsxp.mvps.org/ie/

Content: WebHostGear.com http://www.webhostgear.com/369.html

Aggregation: ParagonHost.com http://www.paragonhost.com

0 Day cPanel Exploit in Wild

UGRENT THE /scripts/upcp fix that cPanel has claimed to fix your server DOES NOT. Read below!

A new 0 day cPanel exploit for root access is in the wild affecting hosts. News of this is spreading very quickly around the web and cPanel has released a band aid patch fix. You can patch your server by simply running /scripts/upcp from shell. The update will not change your release or build number either.

Notes on the cPanel Exploit:

- This is a 0 day issue, and a patch from cPanel for it was just relased on Sept. 23, 2006
- This exploit gives the attacker root access
- You will not detect this with rkhunter/chkrootkit
- You will not know you have been rooted
- It has been confirmed to be affecting more than just one hosting provider in different datacenters.

This was first seen targeting HostGator.com one of the largest shared and reseller cPanel hosts out there.
NetCraft Reports of cPanel exploit
Slashdot picks up the story
Post 1 on WHT about the alert
Post 2 on WHT about the issue

How to Fix:From Dave of cPanel, Inc.
“Upcp will fix the problem on all builds. It is seperate from cPanel Auto Heal. The cPanel Auto Heal system was used to distribute the patch though.”
Login as root and run /scripts/upcp this will patch your server. cPanel has NOT increased the build # after you’ve been patched, I have no idea why since this is a major hole.UPDATE: This is NOT true. See my testing results of how to REALLY fix your serverNice work cpanel, you tell us we’re patched when your patch isn’t working.
I HOPE this is a bug in your cpanel checker only but somehow I really really doubt it.Guys /scripts/upcp doesn’t fix your server, you HAVE to force it.

See http://forums.cpanel.net/showthread….d=1#post272856

Here’s the post if you don’t have access:

You MUST run /scripts/upcp –force

I just confirmed this on about 3 servers. Here are the findings.

I did a /scripts/upcp on this box last night right after the fix was announced and to DO a /scripts/upcp

So let me test their patcher… I should be safe right, WRONG.

root@ocean [~]# wget http://layer2.cpanel.net/installer/sec092306.pl
–13:57:23– http://layer2.cpanel.net/installer/sec092306.pl
=> `sec092306.pl’
Resolving layer2.cpanel.net… 69.90.250.34, 69.90.250.35, 69.90.250.36, …
Connecting to layer2.cpanel.net[69.90.250.34]:80… connected.
HTTP request sent, awaiting response… 200 OK
Length: 5,479 [text/plain]

100%[====================================>] 5,479 –.–K/s

13:57:23 (75.73 MB/s) - `sec092306.pl’ saved [5,479/5,479]

root@ocean [~]# perl sec092306.pl
cPanel Security Patch (sec092306) v2
Patching Mysql (1)
Patching Mysql (2)
Patching Mysql (3)
Patching Mysql (4)
Patching Mysql (1)
Patching Mysql (2)
Patching Mysql (3)
Patching Mysql (4)
Patch Complete
Checking for safety…

not safe

Done

root@ocean [~]# /usr/local/cpanel/cpanel -V
10.8.2-RELEASE_119

/scripts/upcp

All packages are currently up to date
Done
BIND 9.2.4
Succeeded
Fetching http://httpupdate.cpanel.net/cpanels…cpanel/version (0)….@198.66.78.12……connected……receiving …100%……Done
Using mail permissions style: NEW
Patching Mysql (1)
Patching Mysql (2)
Patching Mysql (3)
Patching Mysql (4)
Patching Mysql (1)
Patching Mysql (2)
Patching Mysql (3)
Patching Mysql (4)
Versions Match! (10.8.2-RELEASE_119). You are running the latest RELEASE.
Updating addon typecripts addonhpBB version:2.0.19-1.0…….Done
Updating addon typecripts addon:AdvancedGuestBook version:latest…….Done
Updating addon type:modules addon:clamavconnector version:0.88.4-1.8…….Done
Updating addon type:modules addonro version:1.0rc36…….Done
Updating addon type:modules addonpamdconf version:0.5…….Done
Rebuilding Process List…Done
Scanning for new mail senders…..Done
Scanning suexec_log.Done

root@ocean [~]# perl sec092306.pl
cPanel Security Patch (sec092306) v2
Patching Mysql (1)
Patching Mysql (2)
Patching Mysql (3)
Patching Mysql (4)
Patching Mysql (1)
Patching Mysql (2)
Patching Mysql (3)
Patching Mysql (4)
Patch Complete
Checking for safety…

not safe

Done
root@ocean [~]#

WTF

/scripts/upcp –force

All packages are currently up to date
Done
BIND 9.2.4
Succeeded
Fetching http://httpupdate.cpanel.net/cpanels…cpanel/version (0)….@ 100%……Done
Using mail permissions style: NEW
Patching Mysql (1)
Patching Mysql (2)
Patching Mysql (3)
Patching Mysql (4)
Patching Mysql (1)
Patching Mysql (2)
Patching Mysql (3)
Patching Mysql (4)
Installed Version: forced install
Newest Version: 10.8.2-RELEASE_119

….lots of lines later….

aiting for cppop to shutdown……Done
Waiting for cppop-ssl to shutdown……Done
==> Starting SSL tunnel…
Waiting for cpsrvd to shutdown……Done
Waiting for cpsrvd-ssl to shutdown……Done
==> Start Melange Chat Services…
==> Post Install Complete

Broadcast message from root (Sun Sep 24 14:08:17 2006):

cPanel Layer 2 Install Complete
Patching Mysql (1)
Patching Mysql (2)
Patching Mysql (3)
Patching Mysql (4)
Patching Mysql (1)
Patching Mysql (2)
Patching Mysql (3)
Patching Mysql (4)
Patching Mysql (1)
Patching Mysql (2)
Patching Mysql (3)
Patching Mysql (4)
Updating addon typecripts addonhpBB version:2.0.19-1.0…….Done
Updating addon typecripts addon:AdvancedGuestBook version:latest……Done
Updating addon type:modules addon:clamavconnector version:0.88.4-1.8…….Done
Updating addon type:modules addonro version:1.0rc36…….Done
Updating addon type:modules addonpamdconf version:0.5…….Done
Rebuilding Process List…Done
Rebuilding Process List…Done
Scanning for new mail senders…..Done
Scanning suexec_log.Done

Lets check now
root@ocean [~]# perl sec092306.pl
cPanel Security Patch (sec092306) v2
Patching Mysql (1)
Patching Mysql (2)
Patching Mysql (3)
Patching Mysql (4)
Patching Mysql (1)
Patching Mysql (2)
Patching Mysql (3)
Patching Mysql (4)
Patch Complete
Checking for safety…

safe

Done
root@ocean [

Nice work guys… lol

How to tell if you’re already infected?
We can review your server and provide a detailed report and see if the exploit has infected your servers.

But I have a Firewall and run things like Mod_security, would I still be infected?
Yes! You were still 100% open to the exploit and may be infected.

Content Aggregation: ParagonHost.com http://www.paragonhost.com

Source: WebHostingGear.com http://www.webhostgear.com/35.html

We’ve put together some of the more frequently used SSH commands or linux shell commands, and organized them by name so you can easily find a command, their description and how to use it. This guide will continue to be updated and should not be considered a complete list of SSH commands or linux shell commands, but commands, we found, often used. If you would like to add to this guide, please email us and let us know.

Common SSH Commands or Linux Shell Commands,
ls : list files/directories in a directory, comparable to dir in windows/dos.
ls -al : shows all files (including ones that start with a period), directories, and details attributes for each file.

cd : change directory · · cd /usr/local/apache : go to /usr/local/apache/ directory
cd ~ : go to your home directory
cd - : go to the last directory you were in
cd .. : go up a directory cat : print file contents to the screen

cat filename.txt : cat the contents of filename.txt to your screen

tail : like cat, but only reads the end of the file
tail /var/log/messages : see the last 20 (by default) lines of /var/log/messages
tail -f /var/log/messages : watch the file continuously, while it’s being updated
tail -200 /var/log/messages : print the last 200 lines of the file to the screen

more : like cat, but opens the file one screen at a time rather than all at once
more /etc/userdomains : browse through the userdomains file. hit Spaceto go to the next page, q to quit

pico : friendly, easy to use file editor
pico /home/burst/public_html/index.html : edit the index page for the user’s website.

vi : another editor, tons of features, harder to use at first than pico
vi /home/burst/public_html/index.html : edit the index page for the user’s website.

grep : looks for patterns in files
grep root /etc/passwd : shows all matches of root in /etc/passwd
grep -v root /etc/passwd : shows all lines that do not match root

touch : create an empty file
touch /home/burst/public_html/404.html : create an empty file called 404.html in the directory /home/burst/public_html/

ln : create’s “links” between files and directories
ln -s /usr/local/apache/conf/httpd.conf /etc/httpd.conf : Now you can edit /etc/httpd.conf rather than the original. changes will affect the orginal, however you can delete the link and it will not delete the original.

rm : delete a file
rm filename.txt : deletes filename.txt, will more than likely ask if you really want to delete it
rm -f filename.txt : deletes filename.txt, will not ask for confirmation before deleting.
rm -rf tmp/ : recursively deletes the directory tmp, and all files in it, including subdirectories. BE VERY CAREFULL WITH THIS COMMAND!!!

last : shows who logged in and when
last -20 : shows only the last 20 logins
last -20 -a : shows last 20 logins, with the hostname in the last field

w : shows who is currently logged in and where they are logged in from.

netstat : shows all current network connections.
netstat -an : shows all connections to the server, the source and destination ips and ports.
netstat -rn : shows routing table for all ips bound to the server.

top : shows live system processes in a nice table, memory information, uptime and other useful info. This is excellent for managing your system processes, resources and ensure everything is working fine and your server isn’t bogged down.
top then type Shift + M to sort by memory usage or Shift + P to sort by CPU usage

ps: ps is short for process status, which is similar to the top command. It’s used to show currently running processes and their PID.
A process ID is a unique number that identifies a process, with that you can kill or terminate a running program on your server (see kill command).
ps U username : shows processes for a certain user
ps aux : shows all system processes
ps aux –forest : shows all system processes like the above but organizes in a hierarchy that’s very useful!

file : attempts to guess what type of file a file is by looking at it’s content.
file * : prints out a list of all files/directories in a directory

du : shows disk usage.
du -sh : shows a summary, in human-readble form, of total disk space used in the current directory, including subdirectories.
du -sh * : same thing, but for each file and directory. helpful when finding large files taking up space.

wc : word count
wc -l filename.txt : tells how many lines are in filename.txt

cp : copy a file
cp filename filename.backup : copies filename to filename.backup
cp -a /home/burst/new_design/* /home/burst/public_html/ : copies all files, retaining permissions form one directory to another.

kill: terminate a system process
kill -9 PID EG: kill -9 431
kill PID EG: kill 10550
Use top or ps ux to get system PIDs (Process IDs)

EG:

Each line represents one process, with a process being loosely defined as a running instance of a program. The column headed PID (process ID) shows the assigned process numbers of the processes. The heading COMMAND shows the location of the executed process.

Putting commands together
Often you will find you need to use different commands on the same line. Here are some examples. Note that the | character is called a pipe, it takes date from one program and pipes it to another.
> means create a new file, overwriting any content already there.
>> means tp append data to a file, creating a newone if it doesn not already exist.
< send input from a file back into a command.

grep User /usr/local/apache/conf/httpd.conf |more
This will dump all lines that match User from the httpd.conf, then print the results to your screen one page at a time.

last -a > /root/lastlogins.tmp
This will print all the current login history to a file called lastlogins.tmp in /root/

tail -10000 /var/log/exim_mainlog |grep domain.com |more
This will grab the last 10,000 lines from /var/log/exim_mainlog, find all occurances of domain.com (the period represents ‘anything’,
– comment it out with a so it will be interpretted literally), then send it to your screen page by page.

netstat -an |grep :80 |wc -l
Show how many active connections there are to apache (httpd runs on port 80)

mysqladmin processlist |wc -l
Show how many current open connections there are to mysql

“Phishing” on the “Pharm”: How Thieves Combine Two Techniques to Steal Your Identity
 by: John Young

Bob squinted at the email and began to read:

“Dear eBay User, as part of our security measures, eBay Inc. has developed a security program against fraudulent attempts and account thefts. Therefore, our system requires further account verification…”

Security Measures. A threat to suspend his account to prevent “fraudulent activity”. The email went on to say that there were “procedural safeguards with federal regulations to protect the information you provide for us.”

Bob clicked the link and was confronted with an authentic looking logon page, just waiting for him to input his user name and password and confirm what ebay supposedly didn’t know.

He almost did it. The page looked absolutely authentic, and he had already been “set up” by the email message. His fingers were poised over the keyboard when he happened to glance at the URL.

There was something very, very wrong with it.

“PHARMING” TO FLEECE SHEEP

The art of “pharming” involves setting up an illegitimate website that is identical with its legitimate prototype, for example the ebay page Bob was almost suckered into using, and redirecting traffic to it.

“Pharmers” can do it in two ways:

1. By altering the “Hosts” file on your computer. The Hosts file stores the IP address of websites you have been accessing. By inserting a new IP address into the database field corresponding to a website, your own computer can be redirected to the pharmer’s website. Any information you give the bogus site is immediately hijacked by the pharmer.

2. Hijacking the DNS (Dynamic Name Server) itself. A DNS matches the names of address with their IP addresses. If this server can be coerced into assigning new IP addresses to traditional names, all computers using the name resolution provided by the DNS server will be redirected to the hijacker’s web site.

Once that happens, it’s time to be fleeced.

DOWN ON THE PHARM

“Pharmers” hijack your “hosts” file or DNS servers using Spyware, Adware, Viruses or Trojans. One of the most dangerous things you can do is to run your computer without some form of Internet Security installed on it.

Your security software should be continually updating its virus definitions, and be capable of warning you if something has been downloaded from a web site or through email. It should be able to remove it, “quarantine it”, or tell you where it is so that you can remove it by hand.

You should also have Spyware and Adware programs installed, and be aware of any change in Internet browsing patterns. If your home page suddenly changes, or you experience advertising pop ups (which may pop up even when you are not hooked up to the Internet), you should run a Virus, Spyware or Adware scan.

Thanks to the efficacy of these protection programs, pharming is a lot more difficult than it used to be. It isn’t as easy to hijack a computer as it once was.

So, the “pharmers” have teamed up with the “phishermen” to get you to visit the bogus web page yourself, and enter all the information they need.

PHISHING TO CATCH YOU ON THE PHARM

As Bob discovered, the page he had been taken to by the bogus email message was identical to the ebay logon page. Identical in every way except for the URL.

Out of curiosity, he checked the URL for the ebay logon by accessing ebay directly and clicking on the logon link. The two URL’s were nothing alike, except the bogus one did have the word “ebay” in it twice – just enough to make it look authentic.

By combining the two techniques, the phishermen/pharmers had avoided the high tech problems associated with downloading a Virus that could get past his protection software. They had gone straight for the throat.

Bob’s throat.

YOUR ONLY REAL IDENTITY THEFT PREVENTION AND PROTECTION

The bottom line is that the only real protection against the pharmers and phishermen is YOU. There are three things you must consider when you read any email demanding information:

• Why do they want it? Be extremely skeptical when they say they have to “update their records”, “comply with federal regulations”, or prevent fraud. They are the ones initiating the fraud.

• Why can’t this be done at the website? Why not invite you to access the website directly and provide this information? The answer is because the bonafide company doesn’t need an update.

• What does the URL look like? Is it a series of subdomains some of which have the name of the bonafide company? Most likely the subdomain is set up with a free hosting company.

• Have they provided partial information about you as a guarantee that the email authentically comes from the legitimate source? Be very careful of this one. This technique is effective for “pretexting”, impersonating a person or company, and was used in the Hewlett Packard scandal to collect information. Just because they know your first and last name (and any other information – known only to the legitimate source) doesn’t mean the email is legitimate. They probably hijacked the information off the server.

THE BOTTOM LINE

The bottom line is: don’t provide any information at the behest of an email, no matter how authentic it looks, or how authentic the page it directs you to looks. If you must log in, do so at the parent site itself.

Your Identity Theft prevention and protection is, in the final analysis, up to you.

Don’t be the next sheep fleeced by the pharmers who caught you with the phisherman’s hook. Being dropped naked into their frying pan is NOT a fate you want.

Copyright 2006 John Young

 Instructions: Run the MySpeed Internet speed test below to see a VoIP (Voice over IP) analysis of your current Internet connection.

When the bandwidth test completes, an analysis that a VoIP provider might use will be dynamically added into this area.

http://voipreview.org/voipspeedtester.aspx

About Us

VoipReview.org is a one stop shopping and information place for consumer VoIP providers and small business VoIP providers. You can search our site for dozens of VoIP providers and compare different VoIP plans to find out which is best for you. You can also learn about how VoIP works and how it can be beneficial to you.

VoipReview.org is the market leader in the VoIP search business. We pioneered the concept of comparing VoIP service providers and were the first to bring that concept to the Internet. We are constantly innovating our site and establishing new relationships with broadband phone company providers (VoIP providers), bringing even more options to the consumer. We are continuously adding information on VoIP and more efficient search tools to make our site easier to understand and use.

VoipReview.org is also the market leader in consumer and small business VoIP services with our Commerce Partners program. Our Commerce Partners program is a way in which other websites (usually VoIP-related websites) can utilize our search tools and content by embedding them into their own sites. This allows them to leverage our investment in our search technology and relationships with VoIP providers without losing their customer base or loyalty. The embedded search tools are tightly integrated into their sites and allow them to generate revenue from consumers searching VoIP providers.

The TeamThe Voip Review team continues to grow and we are now up to 3 developers, 1 project manager, 1 data entry person, 1 VP of Business Development, 1 VP of Marketing, a CEO, and 8 highly respected individuals serving on our board of advisors.