2014-pantek-logo-transparent-mark-only

CybrHost is changing our name to Pantek

We’re changing our name!

CybrHost will now be known as Pantek. Since 1995, Pantek has been providing global Consulting, Support, Hosting, and Software Development services. CybrHost has been an independent brand of Pantek since 2006, but will now be fully merged.  We’ve already leveraged our capabilities between the two companies, and it’s been a fantastic fit.

Read more

pantek-icon-shield-1

Ubuntu 10.04 End Of Life is Approaching

Ubuntu 10.04.4 (LTS) Desktop and Server editions were released on February 16, 2012. This very popular and stable release was installed on thousands of computers around the world. The Desktop edition reached End Of Life (EOL) on May 9, 2013, but the Server edition is supported until April 2015. See https://wiki.ubuntu.com/Releases. With the EOL date quickly approaching, Ubuntu 10.04.4 is still running on many servers across the Internet. Is yours one of them?

After reaching EOL, a release no longer receives security or bug fixes from Canonical. That leaves computers which continue to run the EOL release vulnerable to any new security flaws which are subsequently discovered. With the recent rash of problems like Heartbleed, Poodle, and Shellshock, the need to keep your server up to date is clear.

Canonical provides an upgrade path between LTS (long term support) releases. For a server running 10.04.4, the upgrade path would be to 12.04. Performing this upgrade can be a simple process:

sudo apt-get update                                       ;update available packages
sudo apt-get upgrade                                     ;run the update on the current release
sudo apt-get install update-manager-core     ;install the upgrade tool if needed
do-release-upgrade                                       ;perform the upgrade

This process does not always go smoothly however, and can result in a server that won’t boot. Before attempting the upgrade, be sure that you have a reliable backup of all your server’s important data such as website content, databases, email and configuration files. If the upgrade process fails, you’ll at least then be able to restore the data to a working machine.

A far less risky strategy is to install a more recent operating system such as Ubuntu 14.04 onto a separate server, and then copy over the content from your old server. There are usually bugs to work out such as incompatibilities between versions of Apache, PHP or MySQL for example. It’s much less stressful to solve these problems on a separate test server than it is to solve them on a production server which was broken by a failed release upgrade.

Take the time now to plan your upgrade strategy and to verify that your backups are working. Pantek has performed operating system upgrades for many happy clients and we’d like to schedule yours before the upcoming April 2015 EOL date arrives. Don’t wait until the last minute.. call us now!

pantek-icon-shield-1

Critical Linux Vulnerability Alert: Poodle

A new critical exploit has been announced in the form of a vulnerability of a legacy encyption implementation, SSLv3.  The POODLE bug exploits an older encryption protocol and may allow a hacker to gain access to a secure session between a client and server utilizing SSLv3.  More info on Poodle can be found here:

https://www.us-cert.gov/ncas/alerts/TA14-290A

This flaw in SSLv3 may allow hackers to gain access to encrypted information such as HTTP cookies used in the session via a man-in-the-middle attack.

This vulnerability is not as critical as Shellshock or Heartbleed as attackers cannot exploit this flaw remotely. However, it is important to fix this issue as it could put sensitive data at risk of being exposed. Resolving this issue is also required for PCI compliance.

This attack requires both the client and the server to be using SSLv3 in order to be exploited.  The easiest way to protect yourself is to upgrade one or both ends of the connection.  On the client side, the only browser that still does not support TLS is Internet Explorer 6.  Fixing this bug will effectively leave IE6 users out in the cold, security-wise.  Modern browsers have the capability to turn off SSLv3 connections.  See: http://www.tomsguide.com/us/poodle-fix-how-to,news-19775.html

You can test your site to see if it is vulnerable to the POODLE bug at: https://www.poodlescan.com/

All Pantek Support Engineers have been advised of this issue, and trained in the appropriate response procedure. If you would like our assistance in determining if your server has been affected, or to fix the vulnerability, please open a Support Ticket via the Pantek Portal: https://portal.pantek.com/clientarea.php

Pantek Clients who have purchased a Managed Service Plan will receive a separate notification, as management of these third-party security issues is included without incurring extra charges.

You can find more details on our Managed Service Plans here:  http://www.pantek.com/managed

Slash Your Business Phone Bill With VOIP – Part 2

In the first blog we provided an introduction to VoIP, providing some basic information about using VoIP phone services. In Part 2, we’ll walk through opening an account with Pantek’s VOIP system and configuring a smartphone app for use with the account.

Opening a Pantek VOIP Account

To open an account, visit http://voip-signup.pantek.com. You’ll be asked for your name, email and other information, and how much money you’d like to add to your account. This can be as little as $35. There is no signup fee, and there’s a money-back guarantee on the initial deposit for new accounts.

Create a Sub Account

The first time you log in to your new account, you’ll be asked to create a sub account. Sub accounts are a convenient way to keep multiple users on the same account separated. Choose a name for the sub account. This will be the user name that gets entered into the smartphone app, IP phone, or analog adapter. Next choose a password, then set the ‘Caller ID Number’. This is what will appear on the caller ID display of the person you call. We’ll choose ‘Yes’ for ‘NAT’ which is the most common. Finally, click ‘Add Account’. The screen will refresh, then display the server settings appropriate for the new sub account, for example Register Server: inbound.sip-provider.net. We’re now ready to configure our smartphone app.

Configure your Smartphone App

Zoiper is one of many free VOIP apps and is available for most types of smartphones. Let’s use Zopier as an example:

– After installing Zoiper, tap ‘Config’ then ‘Accounts’ then ‘Add account’.
– Answer ‘Yes’ to the ‘Do you already have an acct ?’ question
– Then click ‘Manual configuration’. Choose ‘Sip’, then enter:

Account name:              Pantek VOIP     (or anything you wish)
Host:                             inbound.sip-provider.net:5060
                                     (this was displayed when the sub account was created)
Username:                   The name you chose for your sub account
Password:                    The password you chose for the sub account.

and that’s it. You should now be able to dial a phone number from the Zoiper app!

Configure a new Number for Inbound Calls

If you’d like to receive calls on your Zoiper app, simply purchase a phone number (sometimes called a DiD) from your Pantek VOIP account. You can also chose to move an existing phone number such as your business phone number to your Pantek VOIP account.

– Under ‘My Products & Services’, click ‘My Numbers’, then ‘All’.
   You’ll see the new number along with any others.
– From the dropdown in the ‘Action’ column, select ‘Routing Method’.
   We’ll choose ‘SIP’ for the protocol and ‘ATA Device…’ for ‘Type’.

This choice is for end-user devices such as soft/hard phones or analog adapters
(ATAs) or smartphone apps.  If instead the number will be used on an Asterisk or FreePBX server we’d choose ‘PBX Server…’.

– Again we click ‘Next’ and see a list of sub accounts.
   We’ll check the box next to the sub account that we created earlier and click ‘Next’.
– You’ll see a final confirmation page. Click ‘Submit’.

The number is now ready to use. If you call the number from any phone, your smartphone app will ring.

Summary

Taking advantage of the cost savings made possible by VoIP is easy and takes just a few minutes. In this Blog, we discussed setting up a simple smartphone app for use with your Pantek VOIP account, but there are many more possibilities. Using our services you can also allow SMS messages to be sent and received over VOIP so that your customers can contact you by sending a text to your VOIP phone number. Faxing over VOIP is another available feature.

We can also help you set up a complete VOIP-based PBX phone system for your business which includes extensions, voicemail and many other features. Contact the experts at Pantek to discuss the many ways that your business can benefit from VOIP technology by either calling us at: 877-546-8934 (international: 216-344-1614) or sending us an information request (http://www.pantek.com/contact.php?subsect=more).

Slash Your Business Phone Bill With VOIP

If your business is using traditional phones lines, your monthly bill can get quite high… especially if you have multiple lines, provide a toll-free number for customers to call in on, or if you place international calls. Substantial savings are possible by switching to VOIP for some or all of these services, and now-a-days you can be up and running in just a few minutes.

Types of Phones

Because VOIP is a digital technology while traditional phone service (called POTS) is analog, different types of phones are required for VOIP. Adapters are available which allow analog phones to work with VOIP;they cost as little as $30. Another option is a no-cost software phone which is a program or app which runs on a smartphone or computer. Digital phones (called IP phones) are another good choice and are commonly used in offices.

Advantages and Limitations of VOIP

Using VOIP, calls can be made anywhere in the world over the Internet at no cost. For example, a business may have one office in the U.S. and another office in different country. Unlimited free calls can be made between these offices as long as each has an internet connection. To make calls to regular phone numbers using VOIP however, you’ll need an account with an ITSP (Internet Telephone Service Provider). Many such providers exist and most offer rates which are substantially lower than those from traditional phone services.

One potential disadvantage of VOIP is that call quality can be negatively affected if used over a slow or overloaded internet connection. In such cases there are measure which can help, but having a good internet connection is the best way to achieve good voice quality.

Getting Started

Once you’ve opened an account with an ITSP, you’ll be provided with a set of credentials which are then used to configure your VOIP device (sometimes called ‘SIP client’), for example a smartphone app, digital phone, or analog phone adapter. You’re then ready to use the new service and enjoy the cost savings!

 

Please Note: Pantek offers a wide range of VOIP services, and also supports popular open-source VOIP applications such as Asterisk and FreePBX. We can also assist with the configuration of many VOIP devices at our standard consulting rates. Part 2 of this blog will discuss opening a Pantek VoIP account.

pantek-icon-shield-1

Critical Linux Security Vulnerability Alert: Shellshock

A major security exploit has recently been identified and announced by security experts, nicknamed Shellshock. It is especially severe because it potentially allows remote users to gain complete root control over Unix, Linux, and OSX servers through an exploit in the Bash shell.

Due to the extreme severity rating of this vulnerability (10), we are informing all Pantek clients, and encourage you to check your server status immediately.

You can find out more details of this vulnerability here:

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271

This vulnerability affects versions 1.14 through 4.3 of GNU Bash.

Patches have been issued by many of the major Linux distribution vendors:

  • Red Hat Enterprise Linux (versions 4 through 7) and the Fedora distribution
  • CentOS (versions 5 through 7)
  • Ubuntu 10.04 LTS, 12.04 LTS, and 14.04 LTS
  • Debian

All Pantek Support Engineers have been advised of this issue, and trained in the appropriate response procedure. If you would like our assistance in determining if your GNU Bash has been affected, or to fix the vulnerability, please open a Support Ticket via the Pantek Portal: https://portal.pantek.com/clientarea.php

Pantek Clients who have purchased a Managed Service Plan will receive a separate notification, as management of these third-party security issues is included without incurring extra charges.

You can find more details on our Managed Service Plans here: 

http://www.pantek.com/managed

PHP Software Developer

Position Summary

In response to enhanced interest in PHP development from our clients, Pantek has recently created a new Software Development department and is now recruiting for talented, passionate PHP developers. Pantek is a fast-paced, growing company focused to providing industry-leading Linux and Open Source Software and Services.

Position Responsibilities

  • Develop PHP and LAMP-based applications and modules for Clients
  • Develop PHP and LAMP-based applications and modules for internal projects
  • Implement improvements to existing Client and Pantek applications
  • Provide consulting and support for software architecture and design
  • Stay current with Open Source development software and methods

Position Qualifications

This challenging position requires excellent problem solving skills and the ability to design and develop unique, innovative applications. Also:

  • Strong PHP and LAMP-based development experience is required.
  • Strong MySQL and/or PostgreSQL experience is required.
  • Perl experience is a major plus.
  • Magento experience is a major plus.
  • Working knowledge of several of these technologies is required: CSS, Drupal, Git, HTML, JavaScript, JQuery, Joomla, or Python.
  • Experience with Ruby, Java, C++, or other modern languages is a plus.
  • Understanding of agile software development frameworks incl. Scrum & Kanban is a plus.

This position is in our Independence, Ohio office, with phone and video discussions directly with clients and other staff members around the world. As such, confidence and excellence telephone skills are essential. Also, the selected candidate must be team oriented, with time tracking, documentation, planning, and strong communication skills.

A bachelor’s degree is preferred, but not required if equivalent experience is demonstrated. A minimum of four years of relevant experience is required.

Benefits & Compensation

  • Salary commensurate with experience & qualifications
  • Benefits include health/dental/vision insurance, 401K, paid vacation, sick and personal days

If interested, please submit your resume and cover letter to resumes@pantek.com

pantek-icon-shield-1

IMPORTANT UPDATE: Major New SSL Vulnerability

A major new SSL vulnerability has been recently identified by security experts, nicknamed the “CCS Injection Vulnerability” or “MITM CCS Injection Attack”. It is especially severe because it allows anyone on the Internet to decrypt your encrypted data sent using SSL/TLS and HTTPS technologies, at any point between your server and the client accessing your encrypted data. Attackers can eavesdrop and modify your encrypted communications if your both your server and the client is vulnerable; and can completely hijack the authenticated session, even if only the server is vulnerable.

You can find out more details of this vulnerability here:
http://ccsinjection.lepidum.co.jp/

To determine if your server(s) are vulnerable, check what version of OpenSSL is installed. All OpenSSL versions ARE vulnerable EXCEPT these listed below:

OpenSSL 1.0.1h is NOT vulnerable
OpenSSL 1.0.0m is NOT vulnerable
OpenSSL 0.9.8za is NOT vulnerable

If your server(s) are vulnerable, in order to fix this vulnerability, you will need to upgrade your version of OpenSSL; and ideally completely re-issue and re-install all your SSL certificate(s).

All Pantek Support Engineers have been advised of this issue, and trained in the appropriate response procedure. If you would like our assistance to determine if your server(s) are indeed vulnerable, or to fix the vulnerability, please contact our support team using any of the normal methods. For fastest response, we recommend opening a Support Ticket via the Pantek Portal: https://portal.pantek.com

Typically, our team can determine if your server is vulnerable with a time expenditure of 15 minutes. Vulnerable servers can typically be patched and SSL certificates replaced with an additional 30-45 minute time expenditure, but this may vary with certain configurations.

Pantek Clients who have purchased a Managed Service Plan will receive a separate notification, as management of these third-party security issues without incurring extra charges. You can find more details on our Managed Service Plans here:

https://www.pantek.com/managed

Pantek-team

New Pantek Service Offerings

As part of our continuing mission to offer the best Linux and Open Source Services on the planet, Pantek is pleased to announce three new professional service offerings:

Recurring Technical Support Services –  you can now order our Expert Technical Support Services on an automatic recurring term – monthly, quarterly, or annually — for a reduced rate. This new, optional feature is helpful for clients who require an active support contract at all times.

While Pantek has offered a range of Expert Linux Security Services since 1999 as part of our Hourly Tech Support Services, we are now offering two Fixed Price security products:

  • Server Security Audits: a comprehensive Linux Server Security Audit performed by our Expert Engineers for a fixed price of $1599. Includes a detailed report & recommendations.
  •  

  • Server Security Hardening: recommended for all Linux Servers, our Expert Engineers harden your server against a wide variety of potential security vulnerabilities for $499.

More information on these new offerings can be found at the links above, and you can be order through either the Pantek Store or the Pantek Client Portal.

   
  Our passion, focus, and experience has always been providing consulting, support, and security services for Linux and Open Source Software. These new offerings expand the range of options for our clients. Please don’t hesitate to contact us at any time.