Tag: security

Upgrade Dir-850L router firmware to v1.13

It is time to upgrade router firmware. There is a alert notice on the support.dlink.ca Security Advisory: New firmware has been released that fixes the latest HNAP Privilege Escalation Vulnerability. Please ensure to upgrade your router to the latest firmware version. Click on on the Downloads tab below. What kind of vulnerability this time? Here

Linode has a security updates

Received an email from Linode about the security updates. It happened on yesterday. The Email said: Linode recently received several Xen Security Advisories (XSAs) that require us to perform updates to our host servers. In order to apply the updates, hosts and the Linodes running on them must be rebooted. The XSAs will be publicly

Disable SSLv2 and SSLv3 in Apache

As we always disable SSLv2 in Apache. Now it is SSLv3 turn. The recent news about the SSL 3 vulnerability is so important that I have to disable it as well. So just modify the ssl.conf of Apache [ssh]SSLProtocol All -SSLv2 -SSLv3[/ssh] The web site still has TLS 1.0, TLS 1.1 and TLS 1.2. For

How to config PHP to secure Web Server

There are certain PHP configuration tat affect security features.  The following recommended security configuration options is for production servers. register_globals set to off safe_mode set to off error_reporting set to off disable these functions: system(), exec(), passthru(), shell_exec(), proc_open(), and popen() open_basedir set for both the /tmp directory and the web root so that scripts

Windows Update 2013-08

Windows Update in August 2013 on my Windows 7 64bit. Threr are three critical updates. All must-see. Cumulative Security Update for Internet Explorer (2862772) Vulnerability in Unicode Scripts Processor Could Allow Remote Code Execution (2850869) Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution (2876063)

Windows Update 2013-07

It is time to update Windows. Here is the list of Windows Update 2013 July on my Windows 7 64bit. There are  six security updates Vulnerabilities in .NET Framework and Silverlight Could Allow Remote Code Execution (2861561)  Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2850851) Vulnerability in GDI+ Could Allow Remote Code