25 Jan, 2008
Posted by: BSchwarz In: Quick Tips
Here is a quick tip showing you how to add mySQL and PHP to your Windows Server path. Many people ask how to do this and while it is included in the Installing mySQL and Installing PHP tutorials I thought I would make it easier for everyone to get the information.
Lets get to it.
Read the rest of this entry »
23 Jan, 2008
Posted by: BSchwarz In: Server Resources|Tutorials
If you have to first set up your DNS server on Windows check out Setting Up Windows Server 2003 DNS Server. If you already have your Windows DNS server setup and just want to add a few records this tutorial will explain how to add those DNS records.
22 Jan, 2008
Posted by: BSchwarz In: Tips and Tricks|Tutorials
If you read Backing up Your Data with cwRsync and snyc2nas you learned how to send your data to an off site server. Now I’ll show you a couple ways to make incremental and dated zipped backups that you can store on your server to transfer with sync2nas or FTP the backup to your home box.
I’ll attach the batch files at the end of the post for those that don’t want to copy and paste the code. Now lets get started.
20 Jan, 2008
Posted by: BSchwarz In: Securtiy
Found this at SecurityFocus. MySQL is vulnerable to a couple new exploits.
MySQL is prone to multiple vulnerabilities, including privilege-escalation and denial-of-service issues.
Exploiting the privilege-escalation vulnerability may allow attackers to perform certain actions with elevated privileges. Successful exploits of the denial-of-service issue will cause the database server to crash, denying service to legitimate users.
These issues affect versions prior to MySQL 5.0.52, MySQL 5.1.23, and MySQL 6.0.4.
To exploit these issues, attackers can use standard database client software in conjunction with standard operating system utilities.
Solution:
The vendor released updates to address these issues. Please see the references for more information.
Note that MySQL 6.0.4 and 5.1.23 have not been released yet.
I posted this on a couple forums I frequent and thought I would also post it here. While I run Windows servers I keep up with all web server security. As an admin I couldn’t afford not too.
I am sure most of you by now know there is a LKM (Loadable Kernel Module) exploit that is nasty and hard as heck to clean.
Read this thread at Webhosting Talk. Make sure you read it through as there is a users there that has investigated several boxes.
The original story first broke a week or so ago at TheRegister and then again a couple days ago at TheChannelRegister.
Recent Comments