ServerBuddies Support Blog

The host bus adapter (HBA)

The server connects to the SAN through a host bus adapter (HBA) — an I/O adapter card that fits inside your server and connects it to the fabric layer.

The Gigabit Interface Connector (GBIC)

The Gigabit Interface Converter (GBIC) is where the cable plugs into the HBA card. Every HBA has a GBIC that snaps into an opening in the card or is soldered to the card. The openings in the GBIC extend out the back of the server so you can plug in the cable. The GBIC houses the laser and electronics that convert the data inside your server into light pulses that travel over the cables. GBICs are used not only in the HBA, but in every device in the SAN. Anywhere an optical cable has to be plugged in, you find a GBIC.

There is a new SSHD rookit rolling around since few days ago, it looks it’s affecting mostly RHEL/CentOS servers.

Servers with cPanel, Plesk, VirtualMin and DirectAdmin are affected well.
 
According to a Security Audition in one of the hacked servers we found the Rootkit deposits files in /lib64 and /lib, main file name is libkeyutils.so.1.9.
 
It changes symlinks of /lib64/libkeyutils.so.1 to point to the mentioned lib.
 
We believe this lib is capable of stealing passwords, SSH keys and /etc/shadow files from the server. It’s also used as a backdoor to
gain access to the server through a different port, the rootkit will also modify all the authentication mechanisms of the server preventing any login or command history to be logged through this backdoor.

The intruder has full root access which means there is a exploit among with this rootkit capable of root privilege escalation.

You can see if your server is infected by running the following script:

# wget -qq -O - http://www.serverbuddies.com/files/libkeyutilscheck.sh | sh

We highly encourage our customers to submit a 1x Hour of Support if you see the script is showing your server as compromised.

Don’t hesitate to contact our Support Team for any inquiry you may have!

Running The Apache Tomcat 7.0 Servlet/JSP Container

Requirements:

(1) Download and Install a Java SE Runtime Environment (JRE)

(1.1) Download a Java SE Runtime Environment (JRE),release version 6 or later, from
http://www.oracle.com/technetwork/java/javase/downloads/index.html

(1.2) Install the JRE according to the instructions included with the release.
You may also use a full Java Development Kit (JDK) rather than just a JRE.

(2) Download and Install Apache Tomcat
(2.1) Download a binary distribution of Tomcat from: http://tomcat.apache.org/

MIME Types

MIME types tell browsers how to handle specific extensions. For example, the text/html MIME type equates to .htm, .html, and .shtml extensions on most servers, and this tells your browser to interpret all files with those extensions as HTML files. You can alter or add new MIME types specifically for your site (note that you can not alter the system defined MIME type values). MIME types are often used to handle new technologies as they appear. When WAP technology first appeared no one had these extensions set up on their server. With MIME types, however, you could have set it up yourself and begun serving WAP pages immediately.

Examples: MIME Type & Extension(s)

32 bit Architecture and the hugemem Kernel

In Red Hat Enterprise Linux 3, 4 or 5 the smp kernel can be used on systems with up to 16 GB of RAM. The hugemem kernel is required in order to use all the memory on systems that have more than 16GB of RAM up to 64GB. However, it is recommend to use the hugemem kernel even on systems that have 8GB of RAM or more due to the potential issue of “low memory” starvation (see next section) that can happen on database systems with 8 GB of RAM. The stability you get with the hugemem kernel on larger systems outperforms the performance overhead of address space switching.