Saturday, March 25, 2006

System Recovery > System Security ?

I seldom comment about commercial solution but I really have to mention about this.

CPanel
- The gui control panel for the web hosting environment, thus it provides user friendliness of managing servers, it totally has false sense of security. The apparoach taken by CPanel is utterly stupid and destroying the evidence of server compromised. When CPanel detects that the system binaries checksum is totally different than the one in their database, they will automatically report to the sysadmin and what killing might be removing the suspicious binaries and replace it with the standard binaries that should be in the system. I understand why CPanel is taking this approach as they don't want the system being malfunctioning, and they consider

System Recovery > System Security

However without much evidence, how can we trace what was happening and how system was compromised, that might causing the server to be intruded for second or maybe n times till the sysadmin going upside down.

Another thing I would like to critic is their patching system, the patching process is definitely killing, ineffective and slow. You can't patch the standard applications manually, CPanel will replace it with it's "clean" applicaitons automatically and reports your "patched" applications serving malicious purpose. If you - CPanel really want to make the server secure, please patch the system or proving updates as soon as you have tested the available patches or updates, what happenned in the pass about the perl integer overflow that taking so long to patch is what we don't like to see.

Who's fault is that when servers get compromised, may I bill you for my loss ?????

No cheers this time? CHEERS :)

No comments: