DAIR – October 2017 Newsletter
Welcome to the October edition of the DAIR Cloud Community Newsletter. This month we will focus on patching your Linux environment.
Please take five minutes to learn about the best practices for patching Linux environments on DAIR.
1. Linux Patching
2. Program Update: OpenStack – Mitaka
We have updated to OpenStack – Mitaka, giving us increased stability and functionality for DAIR. We are working towards updating to the latest OpenStack version Ocata for the coming new year.
3. Security Announcements
- Canadian Cyber Incident Response Centre (CCIRC) has listed several of our tenants as having vulnerable ports open.Our assessment shows it is all due to lax firewall rules in the tenant environments.Please take some time and review your firewall rules. Any rule with a CIDR of 0.0.0.0/0 should be replaced with one locked down to a specific source IP. Check out our video on DAIR Firewall Rules and learn more about these vulnerabilities on the CCIRC website.
- There is a new backdoor vulnerability in the Display Widgets WordPress plugin. Learn more about the vulnerability here. (Bleepingcomputer.com)If you have this plugin installed in your WordPress environment we recommend removing it.
4. Advance your Knowledge
Recommended articles about patching Linux environments:
Ubuntu Auto patching Instructions (help.ubuntu.com)
Centos Auto Patching Instructions (techmint.com)
5. Upcoming Events: CANARIE National Summit
The CANARIE National Summit (November 14-15) is close at hand. Please check out the Summit website for information on our program and speaker line-up. We hope to see you in Ottawa. https://old.canarie.ca/canarie-national-summit/