05.06.12 – Network Maintenance Window

START TIME: 05/06/2012 00:00 CDT (Sunday)
ESTIMATED END TIME: 05/06/2012 01:00 CDT (Sunday)

EQUIPMENT: Core Networking
TYPE OF WORK: Configuration Changes
EXPECTED IMPACT: None

During the maintenance window above, Codero network engineers will be making configuration changes to our core networking equipment. This will be done in a manner which should have no negative impact on customers.

There is no expected customer impact during this time.

If you have any questions regarding this maintenance, please contact us by opening a support ticket in ServerPortal.com.

The Codero Hosting Operations Team

Updates

  • There are currently no updates. Please subscribe for updates or check back soon.

04.13.2012-1 Investigating reports of service interruption

We are currently investigating reports of service interruption in the PHX datacenter. This does not appear to be related to yesterday’s issue. We will post more information as soon as it is available.

Updates

  • PatL says:

    The issue was resolved immediately and the failover in the networking systems functioned as designed and expected. The short traffic interruption is due to traffic in transit through the failed circuit dropping during the failover. Most customers may have not experienced any interruption. Only a few customers may have experienced a short instantaneous blip as the traffic was re-routed.

04.12.2012-1 Investigating network issues (Resolved)

We are currently investigating a network interruption for some customers in our PHX datacetenter over the last 15-30 minutes. We have switched off one of our redundant upstream providers that was having issues and are currently following up to ensure everything is stable.

Updates

  • PatL says:

    This issue is currently resolved and will be providing more information on the cause shortly.

Anonymous Group Threatens to Shut Down the Internet on March 31

Please note that the hacking group known as Anonymous has issued a threat to shut down the Internet on Saturday March 31, 2012, by attacking the 13 root DNS servers that enable the Internet. If the attack is successful, domain names will not be translated to IP addresses, effectively eliminating the ability for anyone to reach any website after DNS Time-to-Live (TTL) levels expire, except by IP address.

The root DNS servers are located throughout the world and are operated by different entities, including Verisign, NASA, ICANN, and the U.S. Army Research Lab. Note that each root server is actually a cluster of individual servers typically housed in multiple geographical locations to increase fault tolerances.

If the attack is successful, your server may be accessible (because routing to individual IP addresses will not be affected, and because DNS entries may be cached) but your web site may not be accessible (because the attack will impact web browsers and other systems that route traffic using domain names after caching expires). Because the attack will target servers outside of Codero’s control and part of the entities that host all DNS servers for the internet, in the case of a successful attack, there will be little that you or Codero will be able to do to restore access, till such a time that the attack subsides or is neutralized.

Though there is no action needed on your part, we wanted to inform of you of this in case the attack is successful and you are unable to browse the Internet as you are accustomed to.

Updates

  • There are currently no updates. Please subscribe for updates or check back soon.

Windows RDP Remote Code Execution Vulnerability

All currently supported versions of Microsoft Windows are vulnerable to remote code execution through the RDP protocol.  Patches were released today by Microsoft. If you have automatic updating enabled (the default setting),  the patch will be automatically installed on your server. It can also  be installed through Windows Update, or downloaded directly from Microsoft:

http://technet.microsoft.com/en-us/security/bulletin/ms12-020

Codero Windows Managed customers do not need to do anything, as this patch is already installed for you.

If you have any questions, please submit a ticket through Server Portal.

Updates

  • There are currently no updates. Please subscribe for updates or check back soon.

03.09.2012-1 Temporary network degradation

This afternoon some servers in our Phoenix datacenter saw a connectivity degradation related to a DDoS attack that affected traffic coming from one of our upstream providers at 1:10 – 1:15 PM CST. Codero network engineers temporarily shut down the upstream provider to work around the problem.

Between 1:55 and 2:00pm CST Codero engineers restarted our DDoS mitigation system and re-enabled the upstream provider which resolved all issues, but may have caused an additional short interruption of service during this window. Total impact time for affected customers was approximately ten minutes.

Updates

  • There are currently no updates. Please subscribe for updates or check back soon.

03.08.2012-2 : DG-1 Intermittent Issues

We are experiencing intermittent issues with DG-1 in PHX.  Network engineers are addressing the issue.  Update soon.

Updates

  • Codero NOC says:

    DG-1 performance has stabilized, though we continue to monitor it closely for any degradation in service.

  • Codero NOC says:

    DG-1 has been stable for over an hour now. Engineers continue to analyze the root-cause of the problem with the core routing equipment to ensure our fix is complete. We apologize for the intermittent issues this afternoon and assure you we are committed to providing the reliability our customers deserve and will address any more issue.

03.08.12 – DG1 Network Impact

At 12:19 pm Central, a network equipment issue caused latency to customers in PHX DG-1 distribution group.  Issue was immediately addressed by networking team with complete resolution by 12:24 pm.

Updates

  • There are currently no updates. Please subscribe for updates or check back soon.

How to Fix the Recent Plesk Security Vulnerability

All versions of Plesk released before September of 2011 are vulnerable to a security issue which can compromise your server. Codero has seen hundreds of Plesk servers compromised through this security vulnerability,  so we recommend that you take immediate action to resolve this.

Note:  If you are a managed server customer, Codero  has already patched your server(s) and no action is needed on your part.  If you are not a managed server customer, patching your server is your responsibility.  If you need assistance, Codero staff can patch your server(s) for you at our Advanced Support rate of $99/hour.  Please login to ServerPortal.com and submit a support ticket if you wish Codero to patch your server for you.

You can check if you are vulnerable by running this script from Parallels. If the script says “Plesk is up to date” or “The patch has been successfully applied” you do not need to do anything further.

If you receive the message “The patch has not been applied” you need to update Plesk to a newer, more secure version.

You need to know what major version of Plesk you are on to update. Instructions for finding your version of Plesk. An example version is “9.2.1 CentOS 5 92090422.13”. This server is on major version 9, minor version 2.1, with microupdate #13.

The official Parallels directions on how to run the autoinstaller to apply updates are here.

If you are on major version 8, you need to update to 8.6.0. If you are already on 8.6.0, you may need to run the autoinstaller twice to upgrade the autoinstaller itself to be able to receive microupdates. 8.6.0 with microupdate #2 is the first safe version.

If you are on major version 9.x, run the autoinstaller and select version 9.5.4. 9.5.4 with microupdate #11 is the first safe version.

If you are on major version 10.x, upgrade to at least 10.3.3 and install all microupdates through the autoinstaller.

Once you are done upgrading, please run the vulnerability checker again to verify you have fixed the issue. If you are not able to perform the update for any reason, please open a ticket through Server Portal.

Please note, if your server becomes compromised due to this vulnerability and you did not patch despite the multiple notices from Codero, the Server Protection Plan will not be in effect for the compromise. 

Updates

  • There are currently no updates. Please subscribe for updates or check back soon.

PHX Network Issue under investigation

We are currently investigating a network issue with one of our upstream providers which is affecting the ability of some clients in PHX from accessing their servers.  We have shut the provider down and are monitoring the situation.  Updates to follow.

Updates

  • Codero NOC says:

    We have shutdown our Highwinds circuit in PHX. Traffic issues are resolved.

  • Codero NOC says:

    Problem should be resolved. Engineering was on it ASAP. This was a network issue & we switched providers immediately.