And oldie but a goodie:  we run a number of honeypots as part of our ongoing efforts to learn what attackers are doing and how to best protect customers and users of our products.  An interesting trend we have seen lately is the use of a very old xmlrpc vulnerability from 2005 being widely used in attacks.    What's really interesting is that there appears to be a new variant to this old vulnerability.  Could there be holes in new applications using this old vulnerability?  And what should you do about it?

We got an interesting question from a potential customer recently that I'd like to answer here.  Our customer asked:

"I recently purchased a new dedicated server. I was told the server is managed so not to worry about security, and they will patch the system and also provide a complementary firewall.  Is this enough security for my server?  Thank you in advance, I just want to make sure I'm doing the right things to protect my server and data."

The short answer is no.

Note: This article is not about ASL, it is about all modern Linux based systems. This characteristic of modern Linux based systems is universal to all modern Linux systems, not just systems running ASL.

We often get asked by Linux seems to be using so much memory.  Even on huge systems with tons of memory over time a Linux seems seems to use up all the memory available.  People get worried that something is wrong, or maybe that there is a bug in something.  Most of the time, it turns out that a Linux system isn't really using as much memory as it may appear, and this article is targeted at explaining how memory works in Linux and what tools you can use to find out how much memory is actually being used.