RSS Feed
Latest Updates
Apr
16
CNS: SECURITY ADVISORY - All Windows OS : Multiple Vulnerabilities
Posted by Barry Bahrami on 16 April 2017 12:44 PM
[CNS Logon]

Multiple vulnerabilities affecting Microsoft Windows were published on Friday.  If your OS is not up to date, you are at risk.

Exploit Details:

On Friday, a group calling themselves “Shadow Brokers” published hacking tools on the internet that they claim were stolen from the NSA. The software contains tools to easily compromise unpatched Windows machines and so we are sending you this alert in order to make sure you are secure.


If you are running Windows 2008 or Windows 2012 then please make sure your VM is up to date with Windows Updates as of the March update cycle. This is extremely important.


If your Windows OS is not up to date as of last month then you are at high risk of compromise or denial of service – please install windows updates immediately.


If you are still running Windows 2003 and have IIS running then upgrade your operating system (OS) immediately. Your OS is insecure and we do not believe Microsoft intends to publish a security update. CNS techs will help you get your OS upgrade – please do not hesitate to ask. If you are running Windows 2003 without IIS then your OS is still believed to be secure at this time, but we strongly recommend an upgrade is completed as soon as possible. It is likely to become insecure at some point in the future.


The code to execute these exploits is now in the wild and it is only a matter of time before attacks begin, if they have not already.


If you are unable to install updates and reboot your 2008 or 2012 OS, open a powershell window and enter the following command to disable SMB v1: (No way to patch 2003)

Windows 2008:  Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" SMB1 -Type DWORD -Value 0 –Force
Windows 2012:  Set-SmbServerConfiguration -EnableSMB1Protocol $false

What CNS is doing to protect you:

CNS is currently blocking the TCP ports required to trigger these attacks at the network edge. However, it is unlikely that we will be able to maintain this block into the work week because it will impact subscribers who use these same ports for legitimate means. Please use this window of opportunity to update your Windows server as soon as possible.

We are also sending you this alert so that you can make sure you are protected before attacks begin.  Please do not hesitate to contact CNS Support for assistance.  We can not install this update for you automatically becuase a reboot is required.  However, please feel free to request we install updates via support ticket and don't forget to acknowledge a reboot is ok.

Keeping your VM up to date is the best way to keep it safe from exploits.

More information:

Ars Technica

Microsoft

Getting Help

Thank you for choosing Commercial Network Services. Please let us know if you have any questions or concerns. We are always here to help you. We maintain a ticketing system in order to effectively address and track your support issues. Please login to your Client Area and click "Help Desk" near the top, then click "Submit a Ticket" to send a new support request to our technicians.

You can also reach our helpdesk by telephone.  Call any number.

San Diego, CA: +1 (619) 225-7882 Los Angeles, CA: +1 (213) 769-1787 / New York, NY: +1 (646) 930-7435 / London, UK: +44 (2037) 460080


Read more »



Apr
14

Information about Shadow Browsers 0-day Windows Exploit Release & How it Affects CNS Subscribers

We have reviewed the Shadow Brokers 0-day Windows exploit release, published just a few hours ago.  We have determined that our existing security will protect subscribers against most all of the exploits released today.  We have also added new measures to protect against others.  We will of course monitor the network specifically for any of these exploits and will respond immediately if they are detected.

Please make sure your server is kept up to date as new updates are released.

 

 

 

 


Read more »



Jun
5
Paypal to Stop Operations in Turkey
Posted by Barry Bahrami on 05 June 2016 12:25 PM

CNS has learned that Paypal will be ceasing all operations in Turkey on June 6, 2016 after the country rejected their license application.

We recommend affected subscribers switch to Bitcoin payments.  Bitcoin is a decentralized currency which regulators will find difficult to shut down.  CNS accepts Bitcoin payments.

There are numerous exchangers available online to acquire Bitcoin.   We recommend everyone does their due diligence and finds a reputable exchanger.

If you are affected and need additional time to settle CNS subscription fees or require other assistance, please reach out to CNS support.  We will be happy to assist you.

 


Read more »



Jun
3
RoboForex Latency Increase
Posted by Barry Bahrami on 03 June 2016 09:57 AM

Please be advised RoboForex has moved their trading servers away from the financial center.  As a result, latency to RoboForex from our UK datacenter has increased from 8ms to 31ms.

The broker is advising their servers are now located in Germany.  However, CNS has a POP in Germany and 31ms is quite high.  The traceroute to RoboForex suggests the servers are now in the Czech Republic.  This is unlikely to benefit traders requiring very low latency because even if a trader moves their VPS close to the RoboForex server, the RoboForex server still must connect to liquidity providers 31ms away in the financial center.  The latency on the back end can not be detected by a simple traceroute.

Traders negatively impacted by this change are invited to review our Free VPS for Traders page.  The page has a listing of brokers who not only are willing to pay for your CNS VPS subscription, but also their latency too.  There is no need to destroy your VPS and setup a new one.  Simply reach out to CNS Support and provide the brokers coupon code listed on the page.

 

Traceroute from our UK datacenter follows:

traceroute to 176.74.216.217 (176.74.216.217), 30 hops max, 60 byte packets
1  uk2-2-10gb-x (192.168.252.2)  0.065 ms  0.044 ms  0.037 ms
2  84.45.48.164 (84.45.48.164)  1.433 ms  1.490 ms  1.546 ms
3  kraken-wolverine.blue.net.c4l.co.uk (84.45.23.23)  1.414 ms  1.470 ms  1.527 ms
4  wolverine-swanzo.blue.net.c4l.co.uk (84.45.23.25)  1.546 ms  1.602 ms  1.656 ms
5  swanzo-ringo.blue.net.c4l.co.uk (84.45.23.26)  1.524 ms  1.568 ms  1.622 ms
6  v3882.ae3.beorn.hex89.ipv4.net.c4l.co.uk (84.45.21.186)  1.378 ms  1.386 ms  1.404 ms
7  v3722.et-1-2-0.lucia.sov.ipv4.net.c4l.co.uk (84.45.27.157)  1.496 ms  1.466 ms  1.467 ms
8  v3721.et-1-2-0.vansen.the.ipv4.net.c4l.co.uk (84.45.27.154)  2.503 ms  2.491 ms  2.479 ms
9  linx-224.retn.net (195.66.224.193)  1.834 ms  1.828 ms  1.816 ms
10  et110-6.rt.stl.prg.cz.retn.net (87.245.234.50)  26.513 ms  26.500 ms  26.488 ms
11  gw-hosttelecom.retn.net (87.245.246.98)  29.892 ms  29.957 ms  29.949 ms
12  cz-cb-rp.host-telecom.com (193.161.84.16)  31.093 ms  31.172 ms  31.132 ms
13  * * *
14  * *

 

 


Read more »



Nov
3
Fraudulent Notice of Domain Suspension
Posted by Barry Bahrami on 03 November 2015 06:37 AM

It has come to our attention that some subscribers with domain registrations are receiving fraudulent "Notice of Domain Suspension", with a link to download "a copy of complaints".

Please be advised this notice is completely bogus and clicking on the link will likely result in your machine being infected.  This notice appears to be sent by scammers using publicly available domain databases.

Remember - ALL email from CNS will always be digitally signed. 

If you receive such an email you are advised to delete it immediately, without clicking on anything.

 

 


Read more »




© 2016 Commercial Network Services. All rights reserved.
No content may be reproduced or redistributed without express written permission on CNS letterhead.
Only Commercial Network Services subscribers are authorized to use our content during their subscription period.
Permission to use our content may be revoked at any time, and at the sole discretion of Commercial Network Services.
Some content on this site is © by their respective owners.