Abuse Prevention

Stay safe: how to install the patch for Linux bug CVE-2016-0728

200px-Tux.svgA security bug affecting Linux versions 3.8 and higher was recently identified. Although this bug (CVE-2016-0728) was first introduced into the Linux Kernel in 2012, it was only discovered and made public a few days ago. When we learned of the bug’s existence, we immediately patched all internal LeaseWeb servers. We advise everyone to patch their servers as well.

The vulnerability in the Linux kernel could potentially be used by attackers in order to obtain higher privileges from a regular account. It uses a technique called “use-after-free” to control the way memory is freed on kernel objects which is then replaced with user supplied data, while keeping the privileges of that memory object.

Read the rest of this entry »

A closer look at abuse handling at LeaseWeb

StartUps_02_ConsultationIt should come as no surprise that the LeaseWeb services companies receive abuse notifications on a daily basis. That’s why last July, a new LeaseWeb Abuse Handler was launched which increases efficiency for those who submit notifications, for our customers and for the LeaseWeb companies.

We receive abuse notifications from a variety of companies and NGOs including banks, brand owners and blacklists. Most of these notifications are generated in an automated matter and are directly forwarded to us when an IP address of one of the LeaseWeb companies has been detected. We also receive notifications from individuals through several channels such as email, the web form at leaseweb.com and social media. All notifications are taken seriously and immediately forwarded to our customers to ensure fast processing and a quick solution of the abuse issue.

Submitting a notification to one of the LeaseWeb companies
LeaseWeb companies have no access to the servers of our customers. Our customersare free to configure their server(s) to their own needs, as long as they are compliant with local law and the LeaseWeb terms and conditions that apply in the country where the server resides. But all LeaseWeb companies have a dedicated abuse email address which can be found at our Abuse Prevention webpage. The requirements for submitting a notification with one of the LeaseWeb companies can also be found on our website.

The most important requirements to submit a notification are:

  • Include the URL (if applicable) to the abusive material
  • Include a valid LeaseWeb IP address and/ or domain
  • Include a short description of the issue (is it about copyright infringement, phishing, etc.?)
  • Include evidence (if applicable)

Be sure to submit your notification to the right LeaseWeb company
When submitting a notification, make sure you are filing your notification with the right LeaseWeb company: LeaseWeb Netherlands B.V., LeaseWeb USA, Inc., LeaseWeb Deutschland GmbH, LeaseWeb Pacific Pte. Ltd., LeaseWeb CDN B.V., or LeaseWeb Network B.V. If you are not 100% sure whether you have selected the right company, verify the IP-address using RIPE.net (EU) or ARIN.net (US). By doing this you will be sure to have submitted your notification to the correct company.

When submitting a notification regarding copyright infringement, also be sure to read our page about the Legal Framework, where you will find all necessary information on how each company handles copyright infringement notifications and what is required.

LeaseWeb Application Security introduction

DDoS attacks and other forms of cybercrime are becoming more and more frequent. That’s why we recently launched a new service called LeaseWeb Application Security. Here’s a quick video-tour of the easy-to-use dashboard from which you can adjusts your security situations, monitor suspicious traffic, respond to threats and more.

LeaseWeb Application Security is further augmented by a 24/7 Security Operation Center that reacts to every incoming attack. With the help of the Security Operation Center, you can constantly analyze your vulnerability and mitigate threats with a high degree of customization. For real-time mitigation of spammers, data breaches and DDoS attacks, application security experts are available 24/7.

Want to learn more about how you can protect your data? Visit http://lsw.to/lyA

The importance of the voluntary code “Notice and Takedown”

This is a guest blog by Michiel Steltman, Director of DINL (Dutch Digital Infrastructure Association).

The enormous growth of the online economy in the last two decades has made the Netherlands a strong player in the online world. The AMS-IX, world’s largest Internet exchange, has attracted many carrier neutral datacenters and enabled a substantial hosting industry. Which in turn has attracted major Internet brands. Next to the Rotterdam Harbor and Schiphol Airport our Digital Infrastructure is now Holland’s third main port which made the Netherlands also the digital gateway to Europe. It fuels Cloud as the new style of IT, it enables innovations and startups and it provides a strong base for Holland’s future knowledge- and services based economy.

Read the rest of this entry »

Tips from the LeaseWeb Abuse Prevention department

StartUps_02_ConsultationMany customers will come across the Abuse Prevention department, sooner or later. A compromised server or a fraudulent sign-up by a new customer are things that commonly happen.

Such events will most likely end up with you receiving an abuse notification which may range from a simple notification regarding a port scan to a notification that you have ended up on a blacklist. Either way, abuse issues need to be solved in a timely matter to not only avoid further disruption of your own services but also to avoid harming other people.

In other words, it is not only important for the Abuse Prevention team but also for you that abuse notifications are resolved quickly. Not responding to notifications is the worst thing you can do in this situation and could potentially result in a block or suspension of services.

We don’t want to scare you though. The Abuse Prevention team is here to help. Besides informing our customers of the received notifications for their account(s), we also assist them with issues such as ending up on a blacklist or being compromised in some way and we give general advice on how to improve abuse handling in general.

Read the rest of this entry »