Early in 2015, the Qualys security research team discovered an extremely critical vulnerability in the Linux GNU C Library (glibc for short). The vulnerability, dubbed “GHOST,” would allow hackers to take control of a system remotely without requiring them to provide any security credentials. By accessing the glibc, a hacker would be able to take full control over the system. The glibc itself is a core component of any Linux system. In fact, no Linux system can function without it.
Understanding the Vulnerability Itself
The GHOST vulnerability itself deals directly with network names and numbers. To be more specific, a buffer overflow was discovered in the ___nss_hostname_digits_dots( ) function that is used by the gethostbyname( ) function. The buffer overflow allowed arbitrary code execution from remote users, in spite of the fact that these users never had to provide security credentials. Once these users accessed the system, they were able to take it over. Fortunately, all major Linux distributors uploaded patches and created advisories in late January.
Impact On Your Server?
At URPad.net, we proudly run all of our servers on Linux systems. We are also proud to say that we were able to implement the appropriate patching to our systems before any damage was done. This did require a system reboot, which created a few minutes of downtime, but that was it. Our servers are subjected to regular security updates and rigorous ongoing maintenance to keep them performing at an optimal level.
We also offer DDoS protection up to 10Gbps in our Orlando and Los Angeles datacenters. Any additional traffic is null routed to ensure that clients are not actually impacted by such attacks. We take server performance seriously, and security is a huge part of this! If you’ve been on the wrong end of a server security breakdown, you understand our dedication to protecting our clients.