Php upgrade 5.3.13

We have upgraded all Php versions to 5.3.13.

PHP 5.3.12/5.4.2 do not fix all variations of the CGI issues described in CVE-2012-1823. It has also come to our attention that some sites use an insecure cgiwrapper script to run PHP. These scripts will use $* instead of “$@” to pass parameters to php-cgi which causes a number of issues. Again, people using mod_php or php-fpm are not affected.

One way to address these CGI issues is to reject the request if the query string contains a ‘-‘ and no ‘=’. It can be done using Apache’s mod_rewrite like this:

    RewriteCond %{QUERY_STRING} ^[^=]*$
    RewriteCond %{QUERY_STRING} %2d|\- [NC]
    RewriteRule .? - [F,L]

Note that this will block otherwise safe requests like ?top-40 so if you have query parameters that look like that, adjust your regex accordingly.Another set of releases are planned for Tuesday, May, 8th. These releases will fix the CGI flaw and another CGI-related issue in apache_request_header (5.4 only).

 

TM Network Capacity (End 2011)

Last year Malaysia  Internet access  penetration was 61% percent of the population or equivalent to 17,723,000 users.
Telekom Malaysia Berhad is now expanding its network and peering to cater this huge growth of traffic.

General Network Information
—————————
Network Name         : Telekom Malaysia Berhad (TM)
Name Aliases         : TM Global IP Network
Primary ASN          : 4788
Website              : www.tm.com.my
IRR AS-SET           : TMNET-MY
Network Type         : Cable/DSL/ISP
Approx BGP Prefixes  : 3000
Traffic Levels       : 100+ Gbps
Traffic Read More

Who will acquire Jaring?

JARING (Jaring Communications Sdn Bhd)  was the first ISP in Malaysia. Jaring core business are  Wired Broadband, Wireless Broadband, Telephony and Internet Data Center.  After turning down acquisition from TM and Time dot com a while back, Jaring is now up for sale.
The bidders are ;

Optinet Technology Sdn Bhd
Melaka ICT Holdings,
Ersatech Sdn Bhd,  and
Dignity First Sdn Bhd

Jaring is operated by 350 staffs and MOF is estimated to gain RM 50 million from the sale.

 

Copper Server Migration 19th May 2012

Copper Server Migration 19th May 2012

Server Migration | Data Center Consolidation

 

 

We would like to inform our customers – that we will migrate this server 202.190.176.101 (copper) to our main network in Telekom Malaysia VADS – Brickfields, Kuala Lumpur.
In order to have better response time in *Level 1 support, dual power source, higher network bandwidth and better connectivity, we plan to consolidate our servers to be housed   in Brickfields mainly.

Details  :
Current Server IP :  202.190.176.101
Server  Hostname :  Copper

New Server IP :  210.48.154.104
Current Location : Technology Park  – Jaring IDC
New Location : TM VADS, Brickfields, Kuala Lumpur
Server  Shut down Time  : 19  May 2012 – 5.00PM
Estimated  Down Time  : 3 -5 hours

No action required on your part. No change of DNS required.
Please take note if you are using managed DNS service (No site detected in this server)
Cloudflare CDN service ( No Service detected in this server)
Please update the IP after or during server migration

Please contact support@datakl.com if you need more information.

*Level one Support – Server rebooting,  access  to server/data center  for troubleshooting  or maintenance

Who are in ROKSO list this year? The Register of Known Spam Operations

100 Known Spam Operations responsible for 80% of your spam.

80% of spam received by Internet users in North America and Europe can be traced via aliases, addresses, redirects, locations of servers, domains and dns setups, to a hard-core group of around 100 known spam operations, almost all of whom are listed in the ROKSO database.

Each spam operation, or “spam gang”, consists on average of between 1 to 5 spammers (giving an etimated total of 300-400 spammers).

The majority of the spammers on the ROKSO List operate illegally and move from network to network and country to country seeking out Internet Service Providers with poor security or known for not enforcing of anti-spam policies.

Many of these spam operations pretend to operate ‘offshore’. Those who don’t hide behind anonymity pretend to be small ‘ISPs’ themselves, claiming to their providers that the spam is being sent not by them but by non-existent ‘customers’. When caught, almost all use the age old tactic of lying to each ISP long enough to buy a few days or weeks more of spamming and when terminated simply move on to the next ISP already set up and wating.

Without further ado  jump over to Spamhaus

SMS Notification For Invoices / Domain Expiry

We are excited to announce that we have added new feature – SMS notification (one way) to inform our customers for pending invoices and domain renewal notification . Even though this feature still in beta phase, customers can opt in by logging in client area and add a mobile number including country code format and choose option”Yes” to receive this notification.  If you select “NO” the system will not send you automated reminder SMS.

sms icon
Email notification will still be functional or active. This service is free to help customer renew their account before domain reached expiry date. Expired domain will undergo DNS propagation and your web site will be online again after 6/8 hours.

Php Upgrade Rollout

We would like to inform our shared hosting customers we are currently pushing upgrade across all servers.We currently run PHP 5.2.17, but with PHP 5.4 and then PHP 6 on the horizon, we feel the time has come to upgrade. PHP 5.3 offers many useful new features, such as the new namespace language construct, as well as performance and security updates.

There have been a number of changes and new features in PHP 5.3, and it is possible that some older PHP scripts may break or encounter problems with the new version of PHP. Most major scripts should have been updated over the past couple of years to handle the differences in PHP 5.3. We would strongly recommend that users ensure their scripts are up-to-date.

If you’ve used Fantastico  to install scripts in the past, you should be able to use Fantastico application in cPanel to seamlessly upgrade your scripts to the latest version. We do recommend taking a backup first, though, in the unlikely event anything goes wrong. If you have any queries, concerns or problems regarding upgrading old scripts, please submit a support ticket.

Hopefully the upgrade should result in few problems, but we would encourage you to check your scripts are up-to-date before we proceed with the upgrade, to ensure minimal disruption in the event you are running older software.

Security Vulnerabilities Php 5.2.17

More Caching Servers in Malaysia

Bandwidth is a commodity. High price of international bandwidth traffic surely will cut ISPs’ revenue. Consumers are switching from DSL to fiber-optic and now want to view rich media content like Youtube and live streaming.

Youtube
Youtube

To cope with bandwidth demand , TM already placed many Youtube caching server in Malaysia.  No matter how many times you press the play button and choose high definition streaming –  the caching server will supply you the cache.  During AAG cable downtime recently, popular Youtube videos streaming fast like always. This is because of local caching servers are placed locally in  Malaysia.

Read More

TimThumb Vulnerability Fix

The recent Timthumb.php vulnerability has left scores of unsuspecting bloggers hacked. It’s the perfect combination of not so easy to fix for the technically disinclined, and easy to find and exploit for the malicious – resulting in a disastrous number of compromised sites.

About TimThumb:
TimThumb is a simple, flexible, PHP script that resizes images. You give it a bunch of parameters, and it spits out a thumbnail image that you can display on your site
1. Download the latest version of TimThumb.php ( TimThumb.php )
Read More

TM 40G Traffic loss to North America since Monday

Currently TM experiencing a total of 40G loss to US  which is suspected due to cable fault occurred on Philippines and Hong Kong. TM REs are in the midst of troubleshooting (fine-tune) the affected path.

Links Down US:

1.            IGW01.JRC-IGW01.SJ – Backhaul (10G)

2.            IGW02.CBJ-IGW01.PA – Backhaul (10G)

3.            IGW01.JRC-SAVVIS – Transit (10G)

4.            IGW02.JRC-IGW01.LA – Backhaul (10G)

Total Loss: 40G/75G(53.33%)

Available Link : 35G(46.66%)

•             Observed high congestion at available links.

o             KLJ – PA 2.5G util (in/out) : (92/60)%

o             CBJ –SJ 2.5 G util (in/out) : (92/60)%

o             CBJ –SJ 2.5 G util (in/out) : (92/60)%

o             CBJ- LA 10G util (in/out) : (94/13)%

o             BRF- LA 2.5G util (in/out) : (84/54)%

Traffic shaping and prioritization now in effect , although users would not feel the slowdown when browsing but other protocols like video streaming, downloading, proxy browsing, SSH using non standard port experience high latency and delay.

 

Ref : Announcement by TM