About Nanook

55 male married with 4 adult children, founder, owner, operator of Eskimo North. If you need web design, building, maintenance, computer cleaning, updating, optimizing, Linux tuning, securing, applications, just about anything computer related, e-mail me.

Isomedia Maintenance Outage

Because our equipment is located at an Isomedia co-location facility, our services will be impacted by these two maintenance outages:

Schedule:
February 18, 2015 12:30am to 4:00am PST

Description:
ISOMEDIA will be performing network maintenance on our core network.
During this maintenance event customers can expect multiple brief outages.
We apologize in advance for any inconvenience caused during this
maintenance.

Schedule:
February 19, 2015 12:30am to 4:00am PST

Description:
ISOMEDIA will be performing network maintenance on our core network.
During this maintenance event customers can expect multiple brief outages.
We apologize in advance for any inconvenience caused during this
maintenance.

Referrals Appreciated

January, and to a somewhat lesser extend February, are typically lean months for Eskimo North, and by extension myself personally, owing to a combination of people recovering from Christmas, having to spend more for heating, etc.

At the same time I have higher than normal expenses, a $200 “maintenance” fee from one of our DSL providers, a $500 extortion fee to maintain our entries in the RADB routing database so our IP space is visible on networks that filter BGP4 routes against RADB (I say extortion fee because charging $500 to maintain a simple database entry is ridiculous and they only get away with it because they’re a monopoly in this critical area), etc.

I really appreciate it when you refer new customers to Eskimo North.  I also appreciate it your business.  If you’re finding yourself constantly running out of quota, please consider upgrading your account.  If there is a website you’ve been thinking about creating, now is an excellent time.

I apologize that I’ve been a little slow to respond to some of your requests.  I’ve been ill, first a flu at the beginning of January, then a month long head cold that is finally abating, so I’ve also been a bit low on personal energy but I’m largely on the mend now.

Apache Upgraded

Apache web server has been upgraded from 2.4.10 to 2.4.12.  This is primarily a bug fix release, per the following Apache release notes:

Apache HTTP Server 2.4.12 Released

The Apache Software Foundation and the Apache HTTP Server Project
are pleased to announce the release of version 2.4.12 of the Apache
HTTP Server (“Apache”). This version of Apache is our latest GA
release of the new generation 2.4.x branch of Apache HTTPD and
represents fifteen years of innovation by the project, and is
recommended over all previous releases. This release of Apache is
principally a security, feature and bug fix release. NOTE: there
was no release of 2.4.11.

CVE-2014-3583 (cve.mitre.org)
mod_proxy_fcgi: Fix a potential crash due to buffer over-read, with
response headers’ size above 8K.

CVE-2014-3581 (cve.mitre.org)
mod_cache: Avoid a crash when Content-Type has an empty value.
PR 56924.

CVE-2014-8109 (cve.mitre.org)
mod_lua: Fix handling of the Require line when a LuaAuthzProvider is
used in multiple Require directives with different arguments.
PR57204.

CVE-2013-5704 (cve.mitre.org)
core: HTTP trailers could be used to replace HTTP headers
late during request processing, potentially undoing or
otherwise confusing modules that examined or modified
request headers earlier. Adds “MergeTrailers” directive to restore
legacy behavior.

Also in this release are some exciting new features including:

*) Proxy FGI and websockets improvements
*) Proxy capability via handler
*) Finer control over scoping of RewriteRules
*) Unix Domain Socket (UDS) support for mod_proxy backends.
*) Support for larger shared memory sizes for mod_socache_shmcb
*) mod_lua and mod_ssl enhancements
*) Support named groups and backreferences within the LocationMatch,
DirectoryMatch, FilesMatch and ProxyMatch directives.

We consider this release to be the best version of Apache available, and
encourage users of all prior versions to upgrade.

Facebook / Twitter

I have added a Facebook Like / Follow button and a Twitter Follow button to our home page. Those of you who like eskimo, I would really appreciate it if you’d go hit the Like button and help let the world know about us.

I have news posts automatically tied into Twitter, those of you who don’t frequently check news here can keep tabs on what’s happening by following us on Twitter.

BotNet Activity Still High

Still seeing more than the “normal” amount of brute force password guessing attempts by botnets.  We’re banning around 500 addresses per day which is about 50% higher than average.

If you run Windows, please be sure your anti-virus software is current, the databases it uses are current, and scan your machines.

I’ve also read that some home routers have recently been compromised and being used as part of these BotNets but I do not have details at present.

BotNet Activity Up

We’ve banned over 900 different IP addresses today for password guessing. A typical day would see about 350. When this number rises like this the usual cause is new Windows malware circulating.

Please be sure your anti-virus and anti-malware software is up to date. If you’re running Windows and NOT running MalwareBytes, I highly recommend doing so. It catches much malware that traditional anti-virus programs don’t find and when a customer brings an infected computer to me, nine times out of ten MalwareBytes will find an infection after Norton, Kaspersky, and others have failed.

I have no affiliation with MalwareBytes other than using it on my own computers and customers computers successfully, that is to say I get no financial incentive from them, but if your machine is clean then it’s less stress on our network and I appreciate that.