• Announcements

    • MannDude

      Current state of vpsBoard   02/04/2017

      Dear vpsBoard members and guests:

      Over the last year or two vpsBoard activity and traffic has dwindled. I have had a change of career and interests, and as such am no longer an active member of the web hosting industry.

      Due to time constraints and new interests I no longer wish to continue to maintain vpsBoard. The web site will remain only as an archive to preserve and showcase some of the great material, guides, and industry news that has been generated by members, some of which I remain in contact to this very day and now regard as personal friends.

      I want to thank all of our members who helped make vpsBoard the fastest growing industry forum. In it's prime it was an active and ripe source of activity, news, guides and just general off-topic banter and fun.

      I wish all members and guests the very best, whether it be with your business or your personal projects.


Search the Community

Showing results for tags 'security'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • vpsBoard
    • Announcements & Contests
    • Industry News
  • Virtual Private Servers
    • General Talk
    • Operating a VPS Business
    • Tutorials and Guides
    • Questions and Answers
  • The Lounge
    • The Pub (Off topic discussion)
    • Coding, Scripting & Programming
    • SBC, ARM, Home Automation
  • Marketplace & Reviews
    • Reviews
    • VPS Offers
    • Other Offers
    • Service Requests

Found 35 results

  1. I have multiple web sites (and a few other processes) I want to run in an environment that is flexible and as low maintenance as possible. This includes my sites and customer sites, production and development. Most share a common platform (Python, Django, Postgres, Linux (mostly Debian)). I need to be able to give At the moment they are all running in separate VPSs, and some on shared hosting. The problem with multiple unmanaged VPSs is that it is a lot of stuff to manage. I have been experimenting with running the sites on a single VPS with multiple users. It is a "cloud" one so can be scaled up as needed, and there is only one OS and shared libraries to upgrade. The problem is relying on permissions to separate sites from each other, and to give users access to sites is quite fiddly, particularly as I am paranoid enough to run app servers as a different user from the code they exectute. I have not ruled it out as a solution, but it is not as straightforward as expected I thought of running my own VPSs on a dedi, which is cost effective, but adds one more component to manage. It gives me a lot of isolation. I think some sort of container or jail solution will give me the best of both worlds, but I am not familiar enough with it to pick suggestions? I am willing to consider using any *nix OS, although Debian Linux is what I am most familiar with. Resource isolation is not an issue: it will not be running anything I expect to cause problems. Easy admin and security are. Any suggestions?
  2. So maybe you live under a rock and avoid news sites, congrats on being a rare creature and happy day to enjoy that quiet by the stream. Rest of us have been snorting as the Panama Papers hack job matures and controlled media IV drips bits and pieces (even though they've had the data for a year or three). Terabytes of data on Panamian offshore / money laundering operations all formed by one incorporator Mossack Fonseca, a Panamanian law firm.Now one site has called out Mossack Fonseca's website security, namely really old versions of open source software. Most notably, drumroll: Wordpress. (But Wordpress is soooooooo secure) :) Drupal and Wordpress are implicated and both were way way old and insecure versions. ... found that the firm’s WordPress-powered site is currently running on version 4.1 (released in December 2014), based on its version of autosave.js, which is identical to the autosave.js file shipped in 4.1. Since that time WordPress has had numerous critical security updates. The main site is also loading a number of outdated scripts and plugins. Its active theme is a three-year-old version of Twenty Eleven (1.5), which oddly resides in a directory labeled for /twentyten/. source: http://wptavern.com/outdated-and-vulnerable-wordpress-and-drupal-versions-may-have-contributed-to-the-panama-papers-breach
  3. Do we have any resident cobblers / DIY types who are using Linux for CCTV / security related? I mean legit Linux DIY not premade embedded systems. I am fussing with some China dump wifi cameras (read cheap). Quite interesting little units for the price (bound to be more like them). ~ $15 a camera delivered. RTSP streaming from these and seems to be a really common software stack they are loading into lots of these China cams from many many brands. Do we have people using the Open Source Zoneminder DVR / CCTV software? Considering trying to get Zoneminder running on one of my unused ARM boards (yes it exists for ARM also).
  4. Hi all, I posted before about this tool,but i didn't have time for updates last few months and in last few weeks few nice people asked when tool will be updated. I took few evenings hours and i made first version to support Devuan and Debian 8. What this tool is about 1. Easy way to set secure web server 2. Save server setting time 3. Run on Pi 2 and BeagleBone board What this tool do for you Where to get your copy https://gist.github.com/ZEROF/10743343 How to -Save script as hiawatha.sh -Set permission chmod +x hiawatha.sh -Run it ./hiawatha.sh Use it If you can, use it on fresh installed servers. Have fun and send your ideas.
  5. Arbor Networks annual Worldwide Infrastructure Security Report: one of the highlights is a 500 Gbps DDoS attack sustained by one of its clients last year https://www.arbornetworks.com/images/documents/WISR2016_EN_Web.pdf (115 pages )
  6. Mystery Database Owner Exposes 191 Million US Voter Records Online A security researcher has discovered a database of 191 million American voters including personal information unprotected on the internet due to misconfiguration, according to media reports. On December 20 DataBreaches.net was contacted by Chris Vickery, who provided a screen shot of his own information from a database with over 191 million records, but despite the involvement of the FBI and the California Attorney General ’s Office, the database is still accessible and its owner a mystery. Full story: http://www.thewhir.com/web-hosting-news/mystery-database-owner-exposes-191-million-us-voter-records-online
  7. How do you secure your server(s)?

    I'm simply curious, how do you folks secure your servers? I'm currently using a mix of logwatch, psad, and CSF for instance yet I can't help but still feel vulnerable. Any tips are greatly welcomed and I'm sure they'll be useful for the inexperienced such as myself!
  8. http://www.extremetech.com/computing/212038-oracle-tells-its-customers-to-stop-analyzing-its-code-for-security-flaws#disqus_thread Source ^ : Whats your take on this?
  9. If you want to force SSL everyone on your website just add these rules to a .htaccess file the htdocs (www) root of your webserver. Hint: This also works on subdomains, just put it in the root of the folder at which the subdomain is pointed to.
  10. More: http://www.securityweek.com/amazon-releases-new-open-source-implementation-tls-protocol Just a server implementation, as far as I can tell, not a client implementation. Still, good news.
  11. Securing OpenVZ VPS

    Since many of us are on OpenVZ still these days and seems like endless problems with attacks... What do you run to secure your OpenVZ VPS? Emphasis on firewalls, software to manage blocks/ban, traffic filtering, etc. Interested in recommendations and tutorials that work. What are you doing / using?
  12. Secured Data Storage

    After the GVH "hack" where Gov IDs were leaked I started working on this tutorial. It details a similar system to what we use to store client SSL certificates for the interface and deployment system. The system described is complex to setup, but does not compromise in security. If you store sensitive information on your clients, you should be doing so in a responsible manner (don't just store it in an attachments directory on the web server) Overview This tutorial details how to set up a service for the storage of sensitive files (i.e personal IDs, client SSL certificates, etc) where you need certain machines (i.e web workers) to have certain access (i.e privileges to upload) while maintaining overall security (i.e web nodes can't view / download the data). This restriction of access ensures that a compromised web node does not result in the dumping of all sensitive files, etc. To achieve this the following technologies will be used: Nginx, OpenSSL and Lua (or LuaJIT) used to host the serviceIPSec (via Strongswan or optionally Openswan) used to encrypt data transferred and provide a level of protection to the serviceIPTables used to restrict access to the service only to IPSec connectionsSome would consider this is quite an advanced tutorial. I have tried to reduce the steps as much as possible to keep this from becoming a small book. The System Design Description: Authorization to specific service functionality is provided through client SSL keys.Encryption is performed by both SSL (HTTPS) and IPSecPhysical (bare metal) Separation is recommended between servers to prevent compromise at the physical node level.Of course you access needs may vary, this is primarily an example. Modify as needed. Data Processing could even be an non automated action, such as access for an administrator to retrieve files etc. This tutorial is based off Debian, commands may / will differ for CentOS and others (however the concept remains the same). Instructions Step 1 - Compile and Install Nginx Nginx needs to be compiled with support for LUA, WebDav and SSL. To compile nginx I will share the build environment and script we use. You can of course do this manually. You can download the build environment here: https://dl.dropboxus...nginx_build.rar Then just download, build and install nginx with: bash build.sh installStep 2 - Create Certificates for Server & Client Authentication For this tutorial certificates should be placed in /etc/nginx/ssl/. Create the CA Key and Certificate for signing Certificates openssl genrsa -des3 -out ca.key 4096 openssl req -new -x509 -days 3650 -key ca.key -out ca.crt Create the Server Key, CSR, and Certificate. Common Name for this certicate should be your servers domain name. openssl genrsa -des3 -out server.key 1024 openssl req -new -key server.key -out server.csr openssl x509 -req -days 3650 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crtFor each client generate a unique client certification. Our authentication method relies apon certain strings existing in the Common Name, i.e a common name containing the string "Upload" (and signed by the CA) has upload privileges. openssl genrsa -des3 -out client.key 1024 openssl req -new -key client.key -out client.csr openssl x509 -req -days 3650 -in client.csr -CA ca.crt -CAkey ca.key -set_serial 02 -out client.crt You may also wish to remove the pass-phrases on the keys (less secure, more practical). openssl rsa -in certificate.key -out certificate.key Step 3 - Nginx / Service Configuration To /etc/nginx.conf add worker_processes 1; error_log /var/log/nginx/error.log info; #pid logs/nginx.pid; user www-data; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; gzip off; # HTTPS server # server { listen 443 ssl; server_name ssl-store.x4b.org; ssl_certificate /etc/nginx/ssl/server.crt; ssl_certificate_key /etc/nginx/ssl/server.key; ssl_client_certificate /etc/nginx/ssl/ca.crt; ssl_verify_client on; ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; location ~ ^/api/upload(?.+) { if ($ssl_client_s_dn !~* "Upload") { return 403; } alias /var/ssl-store$file_path; create_full_put_path on; dav_access user:rw; dav_methods PUT; limit_except PUT { deny all; } } location ~ ^/api/delete(?.+) { if ($ssl_client_s_dn !~* "Delete") { return 403; } alias /var/ssl-store$file_path; create_full_put_path on; dav_access user:rw; dav_methods DELETE; limit_except DELETE { deny all; } } location = /api/md5 { if ($ssl_client_s_dn !~* "MD5|Upload") { return 403; } content_by_lua ' local lfs = require "lfs" function readAll(file) local f = io.open(file, "rb") local content = f:read("*all") f:close() return content end function explode(div,str) -- credit: http://richard.warburton.it if (div=="") then return false end local pos,arr = 0,{} -- for each divider found for st,sp in function() return string.find(str,div,pos,true) end do table.insert(arr,string.sub(str,pos,st-1)) -- Attach chars left of current divider pos = sp + 1 -- Jump past current divider end table.insert(arr,string.sub(str,pos)) -- Attach chars right of last divider return arr end local files if ngx.var.request_method == "GET" then files = explode(",",ngx.var.arg_files) else ngx.req.read_body() local args, err = ngx.req.get_post_args() files = explode(",",args.files) end for i=1,#files do local fn = "/var/ssl-store/" .. files[i] ngx.print(files[i], ":", ngx.md5(readAll(fn)), "\\n") end '; } location ~ ^/api/md5(?.+) { if ($ssl_client_s_dn !~* "MD5|Upload") { return 403; } content_by_lua ' local lfs = require "lfs" function readAll(file) local f = io.open(file, "rb") local content = f:read("*all") f:close() return content end local fn = "/var/ssl-store" .. ngx.var.file_path local dir; local status, error = pcall(function() dir = lfs.dir(fn) end); local not_a_directory = false if not status then not_a_directory = string.match(error, "Not a directory") end if not_a_directory then ngx.print(ngx.md5(readAll(fn))) else for i in lfs.dir(fn) do if i ~= "." and i ~= ".." then ngx.print(i, ":", ngx.md5(readAll(fn.."/"..i)), "\\n") end end end '; } location ~ ^/api/download(?.+) { alias /var/ssl-store$file_path; if ($ssl_client_s_dn !~* "Download") { return 403; } limit_except GET { deny all; } } } } These APIs exposed are examples, MD5 for example is what we use internally to ensure integrity you may wish to use a different algorithm or not use it all. You may also wish to further extend this with more complex processing, LUA is a very powerful language. Step 4 - Setup IPSec Install strongswan. Openswan will also work, however is not recommended. apt-get install strongswan To /etc/ipsec.conf on the Secured Storage Server add conn ssl-ipsec authby=secret left=**SERVER-IP** right=%any keyexchange=ikev2 auto=start type=transport To /etc/ipsec.conf on the Web Server add. %defaultroute ensures compatibility if you have multiple interfaces. conn ssl-ipsec authby=secret left=%defaultroute right=**SECURED-SERVER-IP** keyexchange=ikev2 auto=start type=transport To /etc/ipsec.secrets on both the Web Server and the Secured Storage Server add : PSK "a super secret string!!!" Restart both servers (or load the kernel modules, and restart ipsec) to activate IPSec. To verify IPsec is running correctly at one end execute: tcpdump -n esp At the other end, ping the end running tcpdump. If you see packets flowing, then its working :) e.g: 09:49:37.837908 IP 178.62.xxx.xxx > 95.85.xxx.xxx: ESP(spi=0xc3d1xxxx,seq=0x10), l Step 5 - IPTables traffic restriction Install an IPTables rule that will restrict access to the HTTPS server (port 443) for any traffic that was not received via IPSec. iptables -A INPUT -p tcp -m tcp --dport 443 -m policy --pol none --dir in -j REJECT To ensure this rule is loaded on system start up it can be placed into /etc/rc.local Protections Afforded Web facing server has no access to data uploaded. This server is both the most likely to be compromised (exploit PHP, Apache, nginx etc) and the most exposed (internet)Access to functionality is restricted via the use of authorized certificates, not passwords (far more secure). Provides both authorization and authentication.Data between Secured storage server is encrypted with SSL, the SSL data is then encrypted with IPSec. This protects against any vulnerabilities in OpenSSL / nginx resulting in data breach.Access to service is restricted to those who first secure an ipsec tunnel using the Pre-Shared secret (out of band). This hardens the service against vulnerabilities in technologies used (OpenSSL, nginx, etc) and provides an additional layer of security.Sensitive Data can be stored in a physically separate location, possibly on a private network behind extensive firewalling and in a secured area of the datacenter if appropriate (and required).This solution explained does not for example consider disk theft as a large enough risk to warrant additional security (i.e disk encryption). Steps for additional security, and recommendations Of course you should consider your risks and plan accordingly. If you need more security: Implement CRL to allow for the revocation of certificates (i.e compromised machines)Rate limiting and quotas for data retrieval and deletionEnsure software is kept up to dateEnsure no other services which are not required are installed on the secured storage serverEncrypt disk / storageIf client IP addresses change infrequently additional security can be gained through whitelisting IP addresses.More complex method of verifying access permissions using client certificates (i.e database of authorization)Policies and Procedures for disaster handlingNotes When I have time I can also post a PHP class for interfacing with the example API shown if anyone wants it, its not too difficult (just curl). Please note differences exist between the tutorial steps and the steps we use, the setup also differs a bit too. I don't think I have made any mistakes in the simplification, but yeah.
  13. I have a VPS out there which over time has become a repetitive problem with hack / something getting into container / misuse thereafter. Big picture unsure why. Previously isolated post-event to PHP compromise. Scrapped PHP and went different direction and months later, a second compromise. Container is literally empty and no fun for anyone. Contemplating turning it into a honeypot to draw out the activity on said network and see if I can learn more (may go that route). Big question though, because this must happen quite a bit to VPS providers here - What do you recommend to VPS customers to monitor activity of their VPS instances? What tools should customers be running in containers to try to get ahead of problems like this before your network level monitors or other reporting externally label the IP for external abuse? Nature of this now twice was exploit used in common software stack with all current updates and then perps used such to send email spam.
  14. In late November 2014 Dragana Damjanovic notified OpenVPN developers of a critical denial of service security vulnerability (CVE-2014-8104). The vulnerability allows a tls-authenticated client to crash the server by sending a too-short control channel packet to the server. In other words this vulnerability is denial of service only. A fixed version of OpenVPN (2.3.6) was released 1st Dec 2014 at around 18:00 UTC. The fix was also backported to the OpenVPN 2.2 branch and released in OpenVPN 2.2.3, a source-only release. An OpenVPN server can be easily exploited (crashed) using this vulnerability by an authenticated client How to fix? https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-97597e732b
  15. SSHuttle

    Anyone here using SSHuttle? Consider it the poor mans VPN, in fact, I've never had a 'proper' VPN. Used to just tunnel traffic via SSH through a VPS, but that got messy and there had to be a better way... SSHuttle! https://github.com/apenwarr/sshuttle Installing on your Linux desktop at home is as simple as: sudo apt-get install sshuttle -y Followed by: sshuttle --dns -vvr [USER]@[IP-ADDRESS]:[SSH Port] 0/0 Here is the readme if you need help: https://github.com/apenwarr/sshuttle/blob/master/README.md Happy browsing!
  16. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3566 Overview The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
  17. Travelling Security

    So... I'm doing a bit of travelling again! I'm reporting live from an open WiFi access point in a hotel room! Woo hoo! I'm currently using a VPN and all that jazz at the moment to encrypt my traffic and hopefully not have anyone sniffing my packets, but what else is there to protecting your important credentials?
  18. Hello all, I have taken the time to compile a list that summarizes recent malware caught in my Kippo SSH Honeypot. The honeypot was deployed on servers at multiple locations. Attackers downloaded these files after breaking into the honeypot, and tried to run them immediately. Therefore, they are most likely used to launch DDoS attacks, or do all kinds of malicious or illegal stuff. Included are the MD5SUMs of those files as well as possible filenames used by the attackers. I compiled this list in the hopes that it could benefit you as a server owner, or VPS provider. Possible uses include searching for infected files or processes on your server for removal. However, please note that this list is by no means complete or accurate. USE AT YOUR OWN RISK! The list is hosted on GitHub Gist. I plan to update it periodically as needed. Link: https://gist.github.com/hwdsl2/9737420 Example steps to check files in a folder (correct me if any command is wrong): 1. Browse to my list above, copy and paste all lines without beginning hash and save to a file, e.g. "/root/malwarelist.txt" 2. Cut out and sort the md5sums of the list and save to new file: cut -f 1 -d ' ' /root/malwarelist.txt | sort > /root/malwarelist-md5only.txt 3. Generate md5sums of a folder (e.g. /etc, or change to any folder) and sort it by using: find /etc -type f -print0 | xargs -0 md5sum | cut -f 1 -d ' ' | sort > /root/md5sums-etc.txt 4. Use "comm" to find common lines between the above two generated files: comm -12 /root/malwarelist-md5only.txt /root/md5sums-etc.txt 5. If you see any output from "comm", that means there is at least one match between the md5sums in my list and one or more files in your "/etc" folder. Then you can investigate further.
  19. As a dedicated server or Virtual Private Server (VPS) owner, one of the important tasks is to defend against online attacks. In this tutorial I will discuss how to use IPset with dynamic blocklists to better secure your server. IP sets are a framework inside the Linux kernel, administered by the IPset utility. It makes the task of managing large lists of IP addresses in IPTables much easier and more efficient, and can be used on most servers EXCEPT on an OpenVZ VPS. How can we better secure our servers using IPSet? The answer is to take advantage of various IP blocklists maintained by security research companies or groups on the Internet, and deny access to these "bad" IPs and/or subnets. Continue reading at the original post on my blog: https://blog.ls20.com/securing-your-server-using-ipset-and-dynamic-blocklists/ Any questions or comments are welcome.
  20. Ebury Root Kit

    Just wanted to make a post as I didn't see anything yet for this in the forum. Any and all hosts are recommend to check the shared servers as well as warn all clients about the root kit. Ebury uses shared memory segments (SHMs) for interprocess communication. A list of currently existing SHMs can be obtained by running 'ipcs -m' as root. If the output shows one or more large segments (at least 3 MB) with full permissions (666), the system is most likely infected with Ebury. ------ Shared Memory Segments -------- key shmid owner perms bytes nattch 0x000006e0 32763 user 666 3018428 0 0x00000469 65538 root 666 4313584 0 0x0000047a 131072 smmsp 666 3966496 0 clean systems would give a better response ------ Shared Memory Segments -------- key shmid owner perms bytes nattch status 0x6c6c6536 0 root 600 4096 0 0x0052e2c1 425985 postgres 600 37879808 4 Again please warn all clients that have vps or dedicated servers and check your shared linux servers for the root kit. Only fix at this time is to create backups of the client data and reload the system. More information can be found here https://www.cert-bund.de/ebury-faq If someone has another fix please post it so we can test it. They are now doing it with 'signed' rpms these days so watch out. Be very careful about logging into other servers from a compromised box, thats one way how it spreads
  21. It's probably worth checking your routers again for firmware updates. A couple older router vulnerabilities like the d-link and newer ones that affect zynos, tplink, and trendnet routers. https://www.team-cymru.com/ReadingRoom/Whitepapers/2013/TeamCymruSOHOPharming.pdf Usual mitigation by restricting external access, although I know some routers won't fully close off their http ports :(
  22. Hello All, I have been working on some scripts to help assist new Linux and VPS users in setting up DenyHosts on their server. Below I am including these scripts for you all to use: Some info on DenyHosts for those of you who don't know what it is: What is DenyHosts? DenyHosts is a script intended to be run by Linux system administrators to help thwart SSH server attacks (also known as dictionary based attacks and brute force attacks). If you've ever looked at your ssh log (/var/log/secure on Redhat, /var/log/auth.log on Mandrake, etc...) you may be alarmed to see how many hackers attempted to gain access to your server. Hopefully, none of them were successful (but then again, how would you know?). Wouldn't it be better to automatically prevent that attacker from continuing to gain entry into your system? DenyHosts attempts to address the above... and more. DenyHosts was the Unix Review: Tool of the Month for August 2005 It is a free project and you can get the package directly from their Sourceforge repo if you like: http://denyhosts.sourceforge.net/ I have written two scripts, one for Debian and one for CentOS to assist with setting up DenyHosts. The script provides the following assistance: 1. It installs all packages required by the Linux Distribution to run DenyHosts. 2. It sets DenyHosts up to start at boot of your server. 3. It provides for novice users interactive configuration of the config file with suggested settings. 4. Assists with adding a host to your /etc/hosts.allow that you do not want to become blocked. 5. Prompts you with the ability to modify the the config file and control file your self . 6. Can be re-ran at any time to be used to reconfigure DenyHosts Note: these scripts were written in my spare time and come with no guarantee/warranty or otherwise. The scripts are free to be used and modified as you like. Let me know of any bugs you see and I would be happy to update the script and fix any issues. DenyHosts installer by TheLinuxBug version 0.1i - CentOS Installer DenyHosts installer by TheLinuxBug version 0.1j - Debian Installer For quick install on your server: Debian: wget http://phoenix.phix-it.com/denyhosts/denyhost-debian.sh ; chmod +x denyhost-debian.sh ; ./denyhost-debian.sh CentOS: wget http://phoenix.phix-it.com/denyhosts/denyhost-centos.sh ; chmod +x denyhost-centos.sh ; ./denyhost-centos.sh Please feel free to leave any feedback or bug requests below. ;)
  23. [US ONLY] ESET Licenses

    I do believe that this fits the hosting industry as it offers security for all businesses and their networks :) SolidShellSecurity, LLC is now a proud partner with ESET.com and because of that, we can resell licenses at discounted prices. ESET is backed fully by SolidShellSecurity, LLC and is used by all our businesses that we manage which includes some INC 5000 businesses. In order to provide you with the best quote possible, please e-mail us or send me a PM with your needs/desires and what you want to secure, and we will work out a custom quote which will be cheaper then going to ESET directly. BONUS: Because SolidShellSecurity, LLC stands behind ESET fully, we also provide support for the product and all services relating to it. For more information: http://solidshellsecurity.com/_forms/ESET_ENDPOINT_SECURITY_INFORMATION.pdf -- This will explain the protection and security from one of our most popular selling licenses.
  24. DO not scrubbing disks?

    https://github.com/fog/fog/issues/2525 How can something like this get overlooked? One would think if they made a design choice to reuse block-level media instead of use some sort of virtual disk, the idea of sharing the drive between two users might've come up at some point? What do you guys think? Is this going to be a recurring problem with new panels showing up on the market?