Slashdot Mirror
Linux Kernel Exploit Busily Rooting 64-Bit Machines
An anonymous reader writes "Running 64-bit Linux? Haven't updated yet? You're probably being rooted as I type this. CVE-2010-3081, this week's second high-profile local root exploit in the Linux kernel, is compromising machines left and right. Almost all 64-bit machines are affected, and 'Ac1db1tch3z' (classy) published code to let any local user get a root shell. Ac1db1tch3z's exploit is more malicious than usual because it leaves a backdoor behind for itself to exploit later even if the hole is patched. Luckily, there's a tool you can run to see if you've already been exploited, courtesy of security company Ksplice, which beat most of the Linux vendors with a 'rebootless' version of the patch."
I thought only windows got exploited this way.... oh thats right All OS's do.
Oh no, now I need a permanently running virus scanner... may as well switch back to M$ :-(
Why does the summary and articles read like a paid advertisement for Ksplice?
First root! Oh crap...
Microsoft and their associated Windows shills are loving this. Fortunately, I'm not rich enough to afford 64bit hardware, but still this is not good...
If you want news from today, you have to come back tomorrow.
Acidbitches..... In my day, naming your ubeR l3e7 h4xX0r 6r00p MEANT something.
Yes, there's an available rights escalation vulnerability in recent Linux Kernels that's best patched by updating your system with the latest updates. The breathless nature of the fine summary betrays an eagerness to get Linux admins to click the links before they've done so. I'd rather not. Social engineering is such a powerful exploit mechanism after all.
The Windows geeks obviously will want to paint this as a native Linux vulnerability that they don't have - and it is marginally true. That's fine - but it's an escalation bug, not a remote root, and they've several dozen remote root bugs to close before they point fingers.
Help stamp out iliturcy.
This is a local exploit so I'm not horribly concerned and here is why.
You should always treat your systems as if an exploit already exists for both remote and local connections.
The systems I maintain are part of a bit of an elaborate network. There is a huge investment in controlling incoming and outgoing traffic as well as managing who actually has access to systems. While a local exploit a big deal it's not like there are a great number of places for users to inject this code. If someone could compromise an input vector and piggyback the exploit that still wouldn't get them very far. In fact, without knowing key details regarding the network infrastructure they would simply nab a host that could not reach the outside world.
With that said we do have a bit of reliance on lbs, traffic inspection, firewalls and a good bit of monitoring equipment. However, there is a solid investment in specific purpose network and security protocols to accomplish these goals. In a bit of a cheaper shop I'm wondering what others do to maintain security and get some of the same tools. (I'm being very vague about our setup intentionally, but there have to be some decent foss network tools as well).
If hostile users have local access, you're pretty much boned anyway.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
just checked my kernel version against the ubuntu advisory, all good.
I guess the real story here is how quickly the holes are patched. No one should claim linux is perfect...but at least things like this should be fixed very quickly.
In this case...all is well - thank you ubuntu team (and those of other distros) !
Now Ksplice is really starting to piss me off. This is at least the fifth time we've get this kind of crap on slashdot.
Besides that, this is an escalation vuln ... it's local, ok? Not a remote exploit. And, regardless of all that, there's already a fix, which was promptly released before this got out of hand.
So, between the ksplice assholes that abuse each vulnerability that is published to blow it out of proportion and somehow imply that if you require ksplice to patch this without loosing your job (I mean, come on, If your service is critical enough that it can't accept 2 minutes of downtime for a reboot, then you have redundancy and can update machines one by one without any real downtime) ; and the winslow assholes that don't understand shit about security and somehow think that this means that GNU/Linux is insecure and as bad as their shitty system, I'm going nuts every time there is a new vuln in the kernel.
WTF am I doing replying to an AC at 5 A.M on a Friday night?
I have an Ubuntu 10.04 cloud server and want to make sure everything is patched and not rooted. Does apt-get update/upgrade fix this particular exploit at this time? I also tried to run the Ksplice tool to see if I'm already rooted but it tells me this when I try to run it:
$ ./diagnose-2010-3081
Diagnostic tool for public CVE-2010-3081 exploit -- Ksplice, Inc.
(see http://www.ksplice.com/uptrack/cve-2010-3081)
$$$ Kernel release: 2.6.33.5-rscloud
!!! Error in setting cred shellcodes
Any advice?
First you need remote access to my home machine, which is behind a NAT'd router and doesn't expose any services outside. That means that drive-by scanning won't work, and even if it did you'd have to find your way in via the only open port - ssh.
My systems in the commercial space are properly firewalled. It's a bad thing if anyone has shell access to them at all, let alone root.
Am I the only person who says "hell no" to running that "diagnosis" program? After looking through the code real quick, I have no interest whatsoever in running a program that performs the very exploit I'm supposed to be scared of, cuz I don't have time to make sure ksplite neutralized it properly. Also, since it's only a local exploit, I'm not concerned enough about it to run a diagnosis tool that implements it.
And good lord god almighty, what 12 year old wrote this code, that they think having function names like put_your_hands_up_hooker() makes them cool?
Tell us how great OSS is.
Tell us how much better Linux is.
Tell us how badly Microsoft sucks.
I'm a PC, and using Windows instead of Linux was my idea.
Downloading the fix from Ubuntu as I read this article :-)
*** Korbinus ***
http://www.geotruc.net
C'mon now. As others have pointed out, and has been mentioned earlier on /., this is a local root exploit. It's bad, it affects a lot of users (in theory), but to write this is to simply spread fear for most of those using Linux.
Why? Because the systems that inexperienced users run also happen to be those with a few, generally trusted users. Think netbooks. Sure, all local root exploits are bad and should be patched asap. But that doesn't mean "you're probably being rooted as I type this". It means that a remote attacker needs user-level privileges (say, with a browser or plugin vulnerability) first. Since Ubuntu and probably other major distros have already patched this, and the default settings for updates on these systems is to check fairly frequently, most end users will have the patched kernel quickly.
That leaves multi-user systems. The admins of these servers certainly benefit from finding out about the vulnerability asap, and they did (including through previous stories here). By now, though, most admins should have something in place if they don't have full trust in their users. If they don't, they should definitely be looking at whether this was exploited.
The bottom line is that there are many local root exploits which come out every year. This is the latest one, with a patch already available. Responsible admins of multi-user systems are used to dealing with this, and home users are almost certainly going to be patched before it causes any issues. For them, the latest Flash vulnerability is more worrisome. Even the extremely rare remote exploit of a service isn't usually an issue, since most modern distros don't start much of anything by default (including ssh, IIRC).
"The universe seems neither benign nor hostile, merely indifferent." --Carl Sagan
Whats new in that? Tons of GNU + Linux webservers are rooted & defaced every single day. Yawn... most non-zealots already knew that.
I'm not the king of all C coders, and please for the love of all that is good and holy don't trust some random stranger on the internet, but I read the source and if it's doing anything bad, it's doing it quite sneakily -- more so than I'd expect the teenager who wrote the exploit source to be capable of, frankly.
Now, do I wish the ksplice guys would've cleaned up/de-obfuscated their 'borrowed' code to make it a little less alarming-looking? Yep. Do I wish they weren't doing their ridiculous Chicken-Little routine in a transparent attempt to move some product? Also yes. Could that binary be pretty much anything? Uh-huh.
Is anything bad going to happen to you if you compile and run that C code? As far as I can tell, no.
The obvious way to have the most fum with this is to run a W7 host with a Linux client in a VM so you can be rooted while you are being rooted. ;)
Point out a current remote root exploit in Windows. To the best of my knowledge, there are none. Which means that the original poster is just fluffing his feathers trying to divert attention from the Linux issue.
While this isn't something that means Linux is majorly insecure or anything, it is a Linux issue. However fanboys don't like that, they can't just say "Yep, there's a problem." Instead they want to try and deflect it, make it about something else. So he deflects the issue by claiming there are some nebulous "remote root bugs," without any specifics.
Our UNIX admin has the philosophy that anyone with local access can get root if they want it bad enough. Security isn't done by presuming you've made that impossible. Rather security is done by making sure you don't give access to just anyone, and to monitoring what people do. Local escalation exploits are things to be fixed, since they can always make a remote exploit worse (someone exploits something remotely, gets unprivileged access, exploits the local exploit to get root) they aren't a critical threat usually.
However I will say you don't make things much better when you start with name calling with regards to Windows and the people that run it. That smacks of being the sort of asshole that knows little about the other platform that you are painting them to be. That you have a preferred platform is great. One would hope it is based on good reasons. However name calling on another platform indicates it is more likely based on zealotry than anything else.
Linux exploit story sends the Slashdot crowd into a hissy fit lol.
Talk about a biased group. Mention a Linux exploit, a very serious one in this case, and look at them up in arms. More biased than Fox News and CNN combined.
Oh and you missed the "defective by design" tag on this article.
http://tinyurl.com/linuxbad. Reason for http://openbsd.org/ and http://freebsd.org./
As a long time user I get the option to disable advertising. I don't. I even whitelist Slashdot in Adblock because I support the site and the banner ads are rarely obnoxious.
These poorly disguised articles-as-ads are quite annoying though. Just make KSplice pay for a banner like everyone else.
What is annoying me about these issues is that they are described so poorly that I'm not certain if I have a problem. I run 64-bit Linux but no 32-bit code and there are no local users other than for the services I'm running (http and ssh). So do I need to take the time to do something or can I wait for a normal update?
At what price learning? At what cost wisdom? The price is a man's peace of mind, and the cost is his life.
Is anything bad going to happen to you if you compile and run that C code? As far as I can tell, no.
You are very likely correct in thinking that adding yet another anonymous recommendation on the internet will make more people run the code. However, this is Slashdot, where the users are slightly more security aware than on an average internet site.
You see, If I were to attack all those nifty linux boxen out there, what would be a better attack vector than advertising your exploit on slashdot, which is known to accept almost anything on the front page, and yet is very likely to contain the biggest active linux user community on the nets? By looking at the code it seems obvious that the tool contains enough binary code to contain an exploit or three. If it is never used in a malicious way, it is somewhat difficult to say. So, outside a security lab setting, it is hard to tell if the provided code is not the exploit itself. Definitely "You are probably getting hacked right now! Check for viruses for free!" has been one of the more common attack vector against Windows users.
Whatever the case, I would not recommend running code that looks like this:
static char dis4blens4sel1nuxhayettgdr64545[] and
static int wtfyourunhere_heee(char *out_release, char* out_version)
Does anybody know what this means? The system is already patched. I just wanted to know if someone left a backdoor before I could apply the patch and reboot. $ ./diagnose-security-issue-2010-3081
Diagnostic tool for public CVE-2010-3081 exploit -- Ksplice, Inc.
(see http://www.ksplice.com/uptrack/cve-2010-3081)
$$$ Kernel release: 2.6.35.4
!!! Error in setting cred shellcodes
We run Windows 7.
Y'know, sometimes there are posts that are poignant, interesting, on-topic, and yet are modded down as a troll for no better reason than people who have mod points are more interested in squelching challenging ideas. That's fine, and slashdot has a mechanism to deal with that, called Karma.
Because I have good /. Karma I can call your attention to the parent post even though I believe it's been badly moderated. Because I'm a Slashdot subscriber, I get an extra point to add to this post, which calls attention to the parent. I have enough good Karma that even if this post is moderated a troll I will have lost nothing.
I'm making this amplifying post because the parent post was moderated down in one second. It was born silenced. Obviously there were moderators prepared to prevent you from hearing my response to the question asked. Some of you might for this reason alone find my words above meaningful or intriguing.
Help stamp out iliturcy.
Wow, I don't think "pretty much all" windows machines were ever infected with the same thing. Good thing Linux is sooooo much more secure. I mean other than the fact that no it isn't, people just don't target them. I think people got way too comfy and caused this dire situation.
Google's Super Secret Search Algorithm: SELECT @search_results FROM internet WHERE @search_results = 'good'
How badly can the /. moderation system be abused? I'm not sure. Please read the cousin post and the parent and decide for yourself whether the moderation system has been abused by me or somebody else.
If it's me, I can bear it.
Help stamp out iliturcy.
I run ubuntu 10.04, but I use a 2.6.35 kernel from the maverick kernel ppa. I need it because I have an WPC300N linksys 802.11n wireless card. The broadcom sta driver wouldn't work when I was running 2.6.32. It would be cool if ksplice supported more kernel configurations, particularly maverick kernels.
because this is a local exploit and I don't have any public ports. wtf is this FUD?
--
Stay tuned for some shock and awe coming right up after this messages!
If you're wondering if I'm willing to burn up all my established good reputation to buy the reader the chance to read my parent comment, the answer is yes.
Now the question is how many mod points have you got?
Help stamp out iliturcy.
Just to clarify I understand that there are two zero day root-providing bugs. (Everyone talks about THE bug.)
CVE-2010-3301 patched by http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=36d001c70d8a0144ac1d038f6876c484849a74de and http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=eefdca043e8391dcd719711716492063030b55ac
CVE-2010-3081 patched by http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=c41d68a513c71e35a14f66d71782d27a79a81ea6
Sometimes I wish /. moderation was trackable.
Help stamp out iliturcy.
hahahahahahaha....wait...I'm running 3 servers with it. Crap.....
The situation appears to be exactly as described by Ksplice.
CVE-2010-3081 has been discussed on RedHat forums and elsewhere.
The Ac1db1tch3z exploit published on the full disclosure list http://seclists.org/fulldisclosure/2010/Sep/268
does indeed appear to contain a backdoor (0p3n1ng th3 m4giq p0rt4l).
From the comments, the vulnerability was found in 2008 and the exploit has been used by the author for some time, and may have been circulating in the underground. When the vulnerability was found and disclosed by Ben Hawkes, the exploit was published to a wider audience.
A number of sysadmins may well have run the exploit on their systems to prove to themselves that this was a real threat. In doing so they may unknowingly have left a backdoor.
More commonly, proof-of-concept exploits posted on full-disclosure lists are crafted by security researchers, do not contain backdoors, and are relatively easy to read. In this case, the disclosed exploit is crafted by a hacker, may well contain a backdoor, and is written with leetspeak runtime messages and obfuscated code.
I admit I do not fully understand the code in the exploit or in the detection tool, or indeed the nature of the backdoor. However, on a Fedora 9 system, running the detector says there is no backdoor. After the exploit is run, the detector says there is a backdoor, so
the exploit must have changed the state of the system in some way. The detector looks for 3 separate backdoors; the one on my
test system disappears after reboot. As I thought the fix was to update the kernel to a patched version, which requires a reboot, I'm not sure how the backdoor could survive. I do not see how having the backdoor is riskier than having an unpatched system.
I can say, though, that the vulnerability exists in stock kernels 2.6.25 - 2.6.36, and was back-ported by RedHat into 2.6.18 used /proc.
in RHEL 5 (hence CENTOS 5). As stated by others, an unprivileged user account is required in order to exploit the vulnerability, which exists only on 64-bit x86 systems which also can run 32-bit code. One published mitigation step, which does not require a reboot, is to disable 32-bit compatibility mode by writing into
"You're probably being rooted as I type this. " .. Oh no a privledge escalation exploit...the world is doomed..ksplice save us.
If there is not going to even be the appearance of editorial integrity then what is the point?
The /. editors fall hook, line, and sinker for these advertisements for Ksplice submitted by an 'anonymous reader' every 6-8 weeks. Get used to them.
"What kind of music do pirates listen to?" -Paul Maud'dib
"Yeeeaaarrrrr n' Bee!!" -Stilgar, Leader of Sietch Tabr
In recent years, any mention of Linux reminded me of how religious leaders in some quarters address their Prophet - you know, "Mohammed, praise be on his name" or "Jesus Christ, blessed be thy name".
Maybe this will end the "Linux, it has no malware" illusion that many seems to have.
Entia non sunt multiplicanda praeter necessitatem.
Their diagnostic tool doesn't even work properly. Tried it on up-to-date Sabayon system and it failed.
Story sucks. Alarmist advertisement poop.
Dude! - I am SO going to root my very own computer!
..........FULL STOP.
Damn these kids and their acid. *squints his eyes*
Uh, windows admins DO lash out at linux. The CEO calls Linux unamerican, GPL a cancer and insists that 237 patents (he's not going to tell you) are being infringed by linux.
And the fanbois lash out at linux when an exploit turns up just like linux fanbois do. There's more windows fanbois, though, so even that is not even handed.
Then there's the windows fanboi who ignores the fact of windows existence as a negative force, like you.
did anyone check the source code for that diagnose command?
static void put_your_hands_up_hooker(int argc, char *argv[])
WTF?
What exactly is the point of supplying a checksum by the same route/download method as the file in question? Surely if the file can be modified, so can the checksum. Maybe it would be useful if people got the checksum and verified it was the same checksum everyone else saw, then verified the file with it, but that just doesn't happen.
"I'm not sure how the backdoor could survive"
Compromised GCC ?
"I do not see how having the backdoor is riskier than having an unpatched system."
Everyone on the planet accessing your machine vs local users ?
Damn man.. well written, reasoned- no raving-- that was a BEAUTIFUL POST until you ruined it by asserting something I knew flawed....
See, when I read an opinion piece, I can really get behind the authors point of view unless I see GLARING OBVIOUS MISTAKES... which ruin the emphasis of the entire rest of your post. I think, "if he's wrong about this basic FACT, how much can I trust his premise?"
What's my problem?
"OS-X is fine for general use, especially now that you can get Photoshop"
Photoshop-- is and has been the penultimate MAC app
Photoshop arguably MADE Macintosh what it is today....
in the 80's- financial sector used IBM PC compatibles,
and EVERY design shop/art whatever used macs and photoshop
every day http://en.wikipedia.org/wiki/Special:Random
While you do make a valid point (be careful about what you run) and I personally can't actually understand the code provided I have to say that sometimes you have to put a little trust in others. Do you inspect and thoroughly understand every update that your distro suggests? Considering the fact the tool is distributed through Ksplice's website, you have to be seriously paranoid to think Ksplice would even dare to do anything like that.
Perfect is the enemy of done.
While I certainly appreciate the effort, in the future please don't semi-obfuscate your publicly-released source code. That really doesn't give me the confidence that I need to run it on my machine.
I think if you're in a position where you apparently own Ksplice's servers, it'd be easy enough and far more damaging to quietly add a security hole to lots of systems using their patch infrastructure. Seems like a better attack vector than spreading an odd source file via a site full of distrustful/inquisitive geeks...
Switch back to Slashdot's D1 system.
This certainly has to a highly unlikely series of typos. Let me fix that for you...
An anonymous reader writes
"Running 64-bit Windows? Haven't updated yet? You're probably being rooted (or pummeled with UAC requests) as I type this. WhosYourDaddyTrojan, this week's second high-profile local root exploit in the Windows kernel, is compromising machines left and right. Almost all 64-bit machines are affected, and 'Ac1db1tch3z' (classy) published code to let any local user get a root security wizard. Ac1db1tch3z's exploit is more malicious than usual because it leaves a backdoor behind for itself to exploit later even if the hole is patched. Unfortunately, there's isn't a tool you can run to see if you've already been exploited. Don't you wish you were running Linux, which has never had a single bug or exploit?"
I'm glad that I switched back to 32 bits two weeks ago, after 3 years of using 64 bits. I got tired of the Flash issues and a few other incompatibilities.
Worth noticing: .br web domains was showing that Ataturk protraits.
http://info.abril.com.br/noticias/internet/locaweb-sofre-ataque-cracker-17092010-33.shl
They just defaced every page in many compromised hosts.
Some said this exploit meant 30% of
Fairly badly written and mostly full of comments designed to blow smoke up his own arse.
This isn't a group of leet haxors, it's an undergrad trying to big up a RHEL kernel whole that I'm not sure will reliably work.
Worried? Moi? Bring it on kiddies.
Do you inspect and thoroughly understand every update that your distro suggests
Of course not. This is because it is considerably more difficult to compromise a distro's packet distribution system than it is to compromise or spoof a website. Tricking my browser should be even easier.
Things might have been different had I spotted any kind of digital signature (or even a checksum) anywhere near the download page, or if the download had even originated on a SSL verified server. This is very likely to be because of incompetence of the guys running the site, but on my list of reasons for adding things to the kernel, incompetence is not exactly on the top.
I think if you're in a position where you apparently own Ksplice's servers, it'd be easy enough and far more damaging to quietly add a security hole to lots of systems using their patch infrastructure. Seems like a better attack vector than spreading an odd source file via a site full of distrustful/inquisitive geeks...
Unless they realized you think of that, and pulled a double-reverse psychological maneuver?
What is this... bullshit?
Those sort so shitty 'optimization' progs are for windoze fools..
Here's a semi-deobfuscated version. My assembly skills aren't really up to snuff, so I doubt I'll go much further. http://gist.github.com/588199
Mod parent up
"You're probably being rooted as I type this"
don't you know what a LOCAL-root exploit is or are you by any chance trying to scare us into executing malware with root privileges?
The MAFIAA is a bunch of mindless jerks who will be the first up against the wall when the revolution comes
OMG, fucking is a myth?!
The tool isn't good for non-Redhat kernels. It checks for CVE-2010-3081 only, but not for CVE-2010-3080.
The latter wasn't "backported" to RHEL5, but is still wide open elsewhere:
$ ./diagnose-2010-3081
Diagnostic tool for public CVE-2010-3081 exploit -- Ksplice, Inc.
(see http://www.ksplice.com/uptrack/cve-2010-3081)
$$$ Kernel release: 2.6.33.3
!!! Could not find symbol: per_cpu__current_task
A symbol required by the published exploit for CVE-2010-3081 is not
provided by your kernel. The exploit would not work on your system.
$ ./robert_you_suck
resolved symbol commit_creds to 0xffffffff81071b90
resolved symbol prepare_kernel_cred to 0xffffffff81071840
mapping at 3f80000000
UID 0, EUID:0 GID:0, EGID:0
sh-3.2#
Yes, the initial problem was a real issue. But this one ONLY affects Ksplice users, because "th3 m4giq p0rt4l" left by Ac1db1tch3z's code resided in memory only. If, after updating, the one reboots like one is meant to, there is no problem. However, if the kernel is updated in memory while running (not a good idea in any case) as is done by Ksplice, the vulnerability remains. If one uses the "rebootless" patch after running Ac1db1tch3z's code, then you'll still have to reboot to fix the problem.
tl;dr Ksplice created a problem which only affects its own users and now slashdot is trying to convince us that it affects everyone. Story is moot.
Well, for one both the exploit and the detector are broken by default - it's looking for per_cpu__current_task for >=2.6.30 kernels and not every kernel has that - it's just 'current_task' on 2.6.36-rc4. Turn off that check and both the detector and exploit work. Ignoring the l33+, the important bits are the shellcode and any remnants of the exploit when run.
The exploit itself is trivial to understand - compat_alloc_user_space() didn't check the bounds, and one user didn't properly handle the checking first.
Here's the actual exploit:
getsockopt(7, SOL_IP, MCAST_MSFILTER, 0x804b4a0, 0x804b8a8) = -1 EFAULT (Bad address)
and a quick glance at net/compat.c shows that no check is made on optlen. The rest is just stack-trashing and shellcode,
your basic exploit.
The patched was announced by Canonical (Ubuntu) the same day that Ben Hawkes announced the exploit and published a proof of concept code.
The required kernel update is "2.6.32-24.43" or higher. That kernel was automatically updated on my 64bit Kubuntu 10.04 system with: /var/cache/apt/archives/linux-headers-2.6.32-24-generic_2.6.32-24.43_amd64.deb /var/cache/apt/archives/linux-headers-2.6.32-25-generic_2.6.32-25.44_amd64.deb
-rw-r--r-- 1 root root 757586 2010-09-17 10:04
and, 11 hour later, again:
-rw-r--r-- 1 root root 770132 2010-09-17 21:05
the same day that Hawkes announced it. Most 64bit Linux desktops are single user, and not susceptible if the owner did not hand out local accounts to his or her kids (and even then?), and most corporate Linux users would not advertize that their servers or workstations were exploited, so claims that Linux systems are being "compromised left and right" are spacious, to say the least, or FUD or outright lying at worst.
Running with Linux for over 20 years!
CentOS 5 fixes are available - see http://bugs.centos.org/view.php?id=4518 Redhat 5 also has new kernel - see https://rhn.redhat.com/errata/RHSA-2010-0704.html GO GO GO !!!
Does anyone know if SELinux prevents this. I thought this was one of those things that falls on to SELinux will protect you unless you are using oracle or some other dumb program that makes it impossible to run SELinux correctly.
Comparing to linux, windows are most vulnerable is the experience of the most of the administrators. But from knowledge point of view it also depends on who is administrating your system. The post is very well written and alarming for those who aren't up to date with administrating their systems. If you are looking for secured servers get it from unichost. For me they are most reliable so for !
Regards, Sam I Love My Reliable Service Provider Do you?
It is really a very very good article, GHD Hair Straighteners and CHI Flat Irons onlinestore - ghdhairsiron.com. Discount GHD Straighteners, CHI Hair Straighteners, CHI Nano Ceramic Flat Iron hot sale. Include CHI Original Flat Iron, CHI Earth Flat Iron, CHI Pink Dazzle Flat Iron, CHI Camo Flat Iron, CHI Classic Flat Iron, CHI Digital Flat Iron, CHI Guitar Flat Iron, CHI Turbo Flat Iron, CHI Wee Flat Iron, GHD Kiss Hair Straighteners, GHD Mini Hair Straighteners, GHD MK4 Hair Straighteners, GHD MK5 Hair Straighteners, GHD Precious Hair Straighteners, GHD Radiance Hair Straighteners, GHD Salon Hair Straighteners and GHD New Hair Straighteners - Choose Your Destiny - GHD Green Envy Hair Straighteners, GHD Blue Serenity Hair Straighteners, GHD Red Lust Hair Straighteners, GHD Purple Indulgence Hair Straighteners. We provide good service, our GHD IV Hair Straighteners, CHI Nano Flat Iron, CHI Ceramic Flat Iron free shipping and fast. Buy CHI Ceramic Flat Iron Original, CHI Ceramic Flat Iron Pink, CHI Ceramic Flat Iron Thermostat Blue, CHI Flat Iron Dazzle, CHI Flat Iron Pink Dazzle, CHI Digital Ceramic Flat Iron, CHI Ceramic Flat Iron Guitar, CHI Turbo Flat Iron 1", CHI Turbo Flat Iron 2",