A serious security hole known as Dirty COW was reported in the Linux kernel a few weeks ago.
In certain cases, this security hole allows attackers to gain root access to a server and therefore take over the system.
Our IT Operations team responded accordingly and updated thousands of servers with millions of customer websites in less than 12 hours.
All 1&1 web hosting servers are now protected against this security hole.
Kernel Patches without Downtime Thanks to Geo-Redundancy
For the past several years, we have ensured that all of our customers’ data is saved simultaneously in multiple data centers. If one data center fails, we can therefore switch to a different data center in only a few seconds.
This redundancy provides your website with maximum availability. It also allows us to install security updates (in this case, kernel patches) without any downtime.
The Dirty COW kernel patch, for instance, required us to restart all affected servers. This server restart generally takes several minutes and would result in a not insignificant downtime.
The redundant structure of our servers allowed our IT Operations team to carry out this restart for your websites without downtime in most cases.
First, we update the backup server (passive). Then we redirect traffic to this server and update the primary server (active).
- The backup server is updated. Visitors to your website (traffic) are directed to the primary server during this time. All websites remain available.
- Restart, sync and testing of the backup server.
The backup server is now secure.
- Traffic is redirected to the backup server.
No noticeable downtime.
- The primary server is updated. Traffic is redirected to the backup server during this time. All websites remain available
- Restart, sync and testing of the primary server.
The primary server is now secure.
All servers are now protected against the Dirty COW security hole.
Dirty COW: What Is the Problem?
The Dirty COW security hole (CVE-2016-5195) is a privilege escalation vulnerability that grants attackers root access to a system. You can find details about the Dirty COW security hole here:
Many popular Linux distributions are affected, such as:
– Red Hat Enterprise Linux 7.x
– Red Hat Enterprise Linux 6.x
– Red Hat Enterprise Linux 5.x
– CentOS Linux 7.x
– CentOS Linux 6.x
– CentOS Linux 5.x
– Debian Linux wheezy
– Debian Linux jessie
– Debian Linux stretch
– Debian Linux sid
– Ubuntu Linux precise (LTS 12.04)
– Ubuntu Linux trusty
– Ubuntu Linux xenial (LTS 16.04)
– Ubuntu Linux yakkety
– Ubuntu Linux vivid/ubuntu-core
– SUSE Linux Enterprise 11 and 12.
Update Your Private Linux Installation
If you are using Linux privately, you should take this security hole seriously and update your system as soon as possible.
Comment from the Author
When I read on Twitter about the Dirty COW security hole one afternoon last week, I said to my wife:
“Dirty COW vulnerability—sounds like our Linux admins are having a bit of fun!”
That was the end of the matter for me. We put the kids to bed and then watched the finale of the 6th season of The Walking Dead on Netflix. I didn’t give it a second thought.
A week later in a meeting, I learned about the security measures that our IT Operations team implemented in a very short time to protect our servers and our customers’ websites.
Like most people, I’m mostly inured to the topic of security. I pay attention to individual issues, but I subconsciously expect that *someone* will solve the problem for me. As a paying customer, that’s my right, of course. I expect secure web hosting.
To ensure this security, many security experts and admins regularly work through the night at 1&1 Web Hosting and other providers.
It might not earn them a medal, but they certainly deserve a small thank you for the next time a security hole is identified in the trade press and I can simply sit at home watching television.