News

RSS Feed
News
Mar
3
Network Maintenance: Distribution Power Supply Replacement
Posted by Kevin Stange on 03 March 2015 06:12 PM

We have scheduled a power supply replacement in one of our distribution switches at our 350 E Cermak Rd location in Chicago, IL to address a failure.

Date: Sunday, March 8th, 2015
Start Time: 12:00 AM CST (GMT -6)
End Time: 3:00 AM CDT (GMT -5)
Maintenance Scope: Power supply replacement in distribution switch in Chicago, IL

Customer Impact:

The affected switch is part of the Chicago public network for customers located at 350 E Cermak Rd in Chicago (facility codes chi01 and chi02).  Customers located at 725 S Wells St. in Chicago, IL and in Edison, NJ will not be affected by this work, except if accessing any services or customers hosted at the affected location.  Public cloud, backup, and SAN products are not affected.  The internal network is not affected.

During the maintenance, we will replace a failing power supply identified by our monitoring system.  We expect there to be no interruption to this switch as a result of the replacement, however a simultaneous fault in the redundant power supply could cause the device to reboot.  This switch is in a redundant pair and each unit has redundant connectivity to the rest of the network.  In case of a problem, we expect brief inaccessibility and sub-optimal routing to occur as traffic immediately fails over to the second switch.  Traffic will then return to the normal pattern once the rebooting device returns to operation.

While the work itself is expected to be completed quickly, we are reserving extra time in case of problems. This will give us the ability to resolve issues without having to extend the maintenance window.

If you need assistance during the maintenance, or if you have any questions about this planned work, please contact us via our helpdesk or by calling (312) 602-2689 or (888) 281-9449.


Read more »



Jan
30
Network Maintenance: Chicago Core Hardware Replacement
Posted by Kevin Stange on 30 January 2015 03:07 PM

We have scheduled a hardware replacement in one of our core routers in Chicago, IL to address a known issue.

Date: Sunday, February 8th, 2015
Start Time: 12:00 AM CST (GMT -6)
End Time: 3:00 AM CST (GMT -6)
Maintenance Scope: Line card replacement in core router in Chicago, IL

Customer Impact:

We expect the customer impact of this maintenance to be minimal, though some brief periods of localized inaccessibility and sub-optimal routing may occur.  If you are a BGP customer, please verify that you have dual sessions established to avoid an extended interruption in service during the work.

During the maintenance, we will replace a line card in one of our core routers due to recommendations from our hardware vendor. This router will be removed from production gracefully, have its hardware replaced, then be brought back into production.

While the work itself is expected to be completed quickly, we are reserving extra time to allow for extensive testing. This will give us the ability to ensure that all carriers are back online and traffic is flowing as expected within the maintenance window.

If you need assistance during the maintenance, or if you have any questions about this planned work, please contact us via our helpdesk or by calling (312) 602-2689 or (888) 281-9449.


Read more »



Jan
27
Security Advisory: Critical glibc Security Vulnerability
Posted by Kevin Stange on 27 January 2015 12:40 PM

A vulnerability has recently been disclosed in the GNU C Library (glibc) which affects all systems running CentOS 5 - 7, and Debian 7 "Wheezy."  This vulnerability is serious and may allow a remote user to trick your server into running code with the privilege level of a service like web or mail.

This vulnerability exists in all common versions of glibc through 2.17.  It was fixed in version 2.18 in mid-2013 but was not regarded as a security issue and so no security release was made for previous versions at the time.

This issue is known as the "GHOST" vulnerability.  It has been assigned the ID CVE-2015-0235 in the Common Vulnerabilities and Exposures database.  Qualys, the company that discovered the vulnerability, has published a useful article explaining what GHOST is.

Windows servers do not use glibc.  You may wish to check any third-party software you have installed for bulletins and updates, if applicable.  Some third-party applications include a separate copy of glibc instead of using the operating system version.

CentOS and Debian have patched this vulnerability as of January 27th, 2015.  To completely patch this vulnerability, you must update your glibc package and then restart all services that use glibc.  Because of the fact that glibc is used by nearly every application in Linux, it is strongly recommended that you reboot your server after installing the update to ensure nothing is missed.

CentOS

To check which version of glibc is installed, run the following command:

rpm -q glibc

The version number should be greater than or equal to the following, based on the version of CentOS you are using:

  • CentOS 5: 2.5-123.el5_11.1
  • CentOS 6: 2.12-1.149.el6_6.5
  • CentOS 7: 2.17-55.el7_0.5

When reading a version number from left to right, if you reach a number that is higher than the above version for your OS, you likely already have a patched version.  For example, 2.5-124 is newer than 2.5-123.el5_11.1. If you have any doubt, please contact support and we will be happy to review your system.  If your version number is lower, please run the following command and ensure an update to the openssl package is included:

yum -y update glibc

If no update is available, please try the following commands, then repeat the command above:

yum clean metadata

After the upgrade processes, you should restart your web server and all other services running on your system.  For example, to restart your web server, you can run the following command:

service httpd restart

If you have a control panel, you should step through each service listed in the "Services" area of the control panel and restart them one by one.  If you have any doubts about which services to restart, we recommend restarting your entire server.  You can do this by running the command:

reboot

Red Hat published the following advisories regarding this vulnerability:

  • https://access.redhat.com/security/cve/CVE-2015-0235
  • CentOS 5: https://rhn.redhat.com/errata/RHSA-2015-0090.html
  • CentOS 6 & 7: https://rhn.redhat.com/errata/RHSA-2015-0092.html

Debian 7

To check which version of glibc is installed, run the following command:

dpkg -s libc6 | grep Version

The version number should be greater than or equal to 2.13-38+deb7u7.

The notable part to look for is the "+deb7u7" at the end.  If the last number is not 7 or higher, or the part after "+" is missing, you will need to upgrade.  If your version number is lower, please run the following command and ensure an update to the libc6 packages are included:

apt-get update
apt-get install -y libc6

For example, to restart your web server, you can run the following command:

service apache2 restart

If you have a control panel, you should step through each service listed in the "Services" area of the control panel and restart them one by one.  If you have any doubts about which services to restart, we recommend restarting your entire server.  You can do this by running the command:

reboot

Debian published the following advisories regarding this vulnerability:

  • https://www.debian.org/security/2015/dsa-3142
  • https://security-tracker.debian.org/tracker/CVE-2015-0235

If you have any questions or need assistance performing these upgrades, please contact us and we'll be happy to help.


Read more »



Dec
4
Internal Email Server Upgrade
Posted by Kevin Stange on 04 December 2014 05:33 PM

We have scheduled an upgrade of our internal email system to improve performance and add new features.

Date: Sunday, January 4th, 2015
Start Time: 1:00 AM CST (GMT -6)
End Time: 3:00 AM CST (GMT -6)
Maintenance Scope: Steadfast Email System (all steadfast.net email accounts)

Customer Impact:

During the maintenance, steadfast.net email addresses may be unavailable for up to 2 hours.  Email support requests will not be received promptly, but they will be processed when they are received after the maintenance completes.  This may cause temporary error messages and delayed responses to emailed tickets and ticket replies.

This maintenance will not impact any customer services or customer email systems.

If you need assistance during the maintenance, or if you have any questions about this planned work, please contact us via our helpdesk or by calling (312) 602-2689 or (888) 281-9449.


Read more »



Dec
4
Cloud Hosting Control Panel Upgrade
Posted by Kevin Stange on 04 December 2014 04:27 PM

We have scheduled an upgrade of our cloud hosting control panel server (https://vm.steadfast.net).  This maintenance will upgrade the software to a new major version which fixes many bugs, adds new features, and improves performance.

Date: Saturday, December 13th, 2014
Start Time: 12:00 AM CST (GMT -6)
End Time: 8:00 AM CST (GMT -6)
Maintenance Scope: Cloud Hosting Control Panel at https://vm.steadfast.net
Customer Impact: Access to information about and control of VMs will be unavailable for part of this maintenance.

There are two phases to this maintenance work.  The first phase will involve applying updates to the control panel server and the second phase will upgrade the management components on the hypervisors.  We expect the first phase to be completed within 5 hours, after which we will immediately begin the second phase and complete it as soon as possible.

During the maintenance period, both customers and staff will be unable to provision, control, or view system details of VMs and related resources.  Neither phase is expected to impact running VMs and support and billing systems will remain available.

Notable user-visible changes include the following:

  • A new HTML5 VM console has replaced the Java console, improving browser compatibility
  • Virtual Machines have been renamed "Virtual Servers"
  • Performance improvements

If you have any questions or need assistance during the upgrade, please visit our help desk or email us.


Read more »



Nov
7
Cloud Hosting Control Panel Maintenance
Posted by Kevin Stange on 07 November 2014 05:38 PM

We have scheduled an upgrade of our cloud hosting control panel server (https://vm.steadfast.net).  This upgrade will make system changes in preparation for a major control panel upgrade that is planned to occur next month.

Date: Saturday, November 15th, 2014
Start Time: 12:00 AM CST (GMT -6)
End Time: 2:00 AM CST (GMT -6)
Maintenance Scope: Cloud Hosting Control Panel at https://vm.steadfast.net
Customer Impact: Access to information about and control of VMs will be unavailable.

During the maintenance period, both customers and staff will be unable to provision, control, or view system details of VMs and related resources. Running VMs will not be impacted by this maintenance and support and billing systems will remain online.  We expect the entire upgrade process will take 1 to 2 hours to complete.

There will be no user-visible changes to the system as part of this upgrade.

If you have any questions or need assistance during the upgrade, please visit our help desk or email us.


Read more »