Debian + Apache 2 (CVE-2011-1176)

Debian pushed the apache update finally (get to disable the workaround)
apache2 (2.2.16-6+squeeze1) stable-security; urgency=high
* Fix CVE-2011-1176 in apache2-mpm-itk: If NiceValue was set, the default
with no AssignUserID was to run as root:root instead of the default
Apache
user and group. Closes: #618857

So that should close the issue…
Thanks Debian and Apache for the fix!

read more

Network Issue (He.net) Resolved

Hurricane Electric is back up and working and so is our DNS.

Our primary DNS provider for inexistence.org (Hurricane Electric) is having kittens,


DNS.he.net is experiencing an issue at the moment. For those that are missing zones, we are in the process of recovering them at this time.


This also includes tunnelbroker.net which is how our IPv6 works so yeah epic fail on their end.


As of right now all *.inexistence.org services will probably not work for you.
If you know how to edit your hosts file you can temporarily fix it by referring directly
to our IP: 216.196.207.102.


216.196.207.102 inexistence.org
216.196.207.102 mail.inexistence.org
216.196.207.102 www.inexistence.org
216.196.207.102 cubemail.inexistence.org


If their servers continue to be down for too much longer I might change DNS servers.
I am willing to give them a chance to fix it as their services rocks with it’s working…
All other hostnames will continue to work (we use cloudflare for everything else).

read more

HTML Validation (Google Analytics + Cloudflare Bug)

You may have noticed recently if you do a validation check on your sites code and it
comes back with four errors. This is Cloudflare’s injection of Google Analytics
on your site causing this issue.

I filled a bug report with them and once I get a reply
I will post here with either the final solution or a work around.

Apparently the issue has been fixed, cloudflare was “nice” enough
to not inform me and just deleted the bug report… *sighs*

read more

A little mistake big issue resolved…

Apparently while securing Inexistence (did an audit over the weekend) accounts,
I made an mistake of not adding false to the valid shells so pretty much all email was broken.

This issue has been addressed and all email accounts should work as expected.

If you were expecting an email and didn’t receive it I would email them and request them to resend it.
Thanks to George for the heads up about email being broken.

Sorry about this folks but hey you live and learn.

Once again we return to our normal scheduled program and enjoy!

read more