We inform you that due to planned maintenance on the network, you can experience service interruption.

The maintenance is scheduled for the following date

Date: 2015-04-99
Start: 00:00 AM (GMT+01)
End: 04:00 AM (GMT+01)

The expected duration of the interruption: max 15 minutes

We apologize for the possible difficulties that have these works may cause and appreciate your patience and understanding.

Earlier last week, a security vulnerability codenamed "Shellshock" which affects many Unix-based computer systems was discovered. This is a critical security vulnerability and could allow an attacker to take control over a vulnerable system.

Shellshock can be used to remotely take control over any system that uses Bash.
Bash (Bourne Again Shell) is a command line on many Unix servers.

NiNet customers are safe and secure

• There is no need to panic: you are and have always been secure.
• As soon as this vulnerability was discovered we patched all of our servers and systems.
• We do understand that new attack vectors and repercussions are being reported on web and Shellshock’s lifecycle can be long. Our security team is dedicatedly keeping track of various security lists, and applying the latest available patches. Every patch is thoroughly tested before we patch our production systems.
• We are increasing our system and accessing monitoring to be proactive against any new attack vectors.
• We will continue to conduct our regular security audits and penetration tests of all our systems.

NiNet customers who are managing their own servers

It is strongly recommended for our users to update the Bash components on their servers.

Here is a really good technical article detailing Shellshock and the issues.

Example for CentOS

yum update bash

Example Debian/Ubuntu

apt-get update
apt-get install --only-upgrade bash

NiNet Company
Support Team

We inform you that the RNIDS, at its conference held on 2014-05-31. adopted a new General Terms and Conditions for Registration of National Internet Domain Names (.RS and .СРБ), which will come into effect on July 1st 2014.
 
In particular we inform you of the amendments relating to the period for renewing domain names, now is 30 instead of 45 days after the expiry date (Article 16, paragraph 5). Under the new General Conditions, after the expiration of the period for which it is registered, the domain name stops to be active. Registrant has additional period of 30 days which can renew the domain name.

General Terms and Conditions for Registration of National Internet Domain Names

Earlier this week, a critical security vulnerability (nicknamed the Heartbleed bug) was found in a piece of software called OpenSSL. OpenSSL is a very widely used piece of software used on web servers to secure Internet connections, among other things. Here is a BBC news article describing the vulnerability.

This vulnerability could be exploited to reveal sensitive information stored in the memory of a server that would otherwise be protected.

What this means for our customers

You're safe.

We have no reason to believe that any of your private information has been compromised.

Only some editions of OpenSSL suffer from the vulnerability. Our systems did not use a vulnerable edition of OpenSSL.

Precautionary measure we have taken: Even though we have no reason to believe that information in our system has been compromised, as a precautionary measure, we have regenerated all of the encryption keys involved in securing the connection to our customers.

Precautionary measure we suggest customers take: If you use use SSL on your VPS, Dedicated or Housing servers, the chances are high that you are using OpenSSL and that your version of OpenSSL suffers from this vulnerability (more than 66% of the world wide web is or was vulnerable, according to heartbleed.com).

We strongly recommend patching your systems immediately, and then regenerating the SSL keys used on your web server and any passwords linked to your web server. See this Stackexchange discussion for some useful 'what to do' information. In events like these, it is always best to assume to worse has already happened and to secure all of your systems.

Questions

If you have any questions, our team is always on hand to help.

NiNet Company
Support Team