Need help or advice?
Call us FREE 0800 298 2375

Monthly Archives: February 2016

INFORMATION: Telecity at HEX — work on facility UPS

This is a notification of a possible low “at risk” issue but we believe this is minimal as we also have our own UPS units covering the services & systems located at HEX.

This is the most recent update from HEX:

“UPS works planned have been unsuccessful. Temporary UPS units are available should we need it. Further replacement parts are being sourced and a more detailed action plan is being drafted in order to resolve the issue as soon as possible.

Resiliency level remains at N and there is no anticipated interruption to your services.

We will provide a further update once resolved or if there is any change to the current situation”

SECURITY PATCHES: Vulnerability Summary for CVE-2015-7547 – glibc

Since the 18th February, we have been working to ensure that all in-house systems affected by this advisory are being patched accordingly. We have been advised and judge that this work needs to be completed as quickly as possible. This may therefore require brief windows of downtime affecting both single and multiple services & circuits.

Wherever possible we will post an early notification of such customer affecting works.

If you have any concerns or require further information, contact support in the normal meaner.

Vulnerability Summary for CVE-2015-7547

Original release date: 02/18/2016
Last revised: 02/19/2016
Source: US-CERT/NIST

Overview

Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing “dual A/AAAA DNS queries” and the libnss_dns.so.2 NSS module.

Impact

CVSS Severity (version 3.0):
CVSS v3 Base Score: 8.1 High
Impact Score: 5.9
Exploitability Score: 2.2
CVSS Version 3 Metrics:
Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope (S): Unchanged
Confidentiality (C): High
Integrity (I): High
Availability (A): High

INFORMATION: route flaps via Juniper Networks

A number of ISPs have noted some route flapping issues affecting peering arrangements in THN with Juniper. LINX have been requested to investigate. No obvious issues have been seen here yet but we will keep monitoring and report any traffic concerns via the usual channels.

COMPLETE: Supplier interconnect work planned 9th Feb 2016

No issues.

Planned Duration:

Start: 09/02/2016 00:01 GMT
Finish: 09/02/2016 05:00 GMT

Task:

One of our interconnect suppliers will be upgrading their capacity with BTW for DSL services in Telehouse North. This will involve migrating traffic on a pair of interconnects to new, higher capacity ones.

Customer Impact:

We do not anticipate any impact to Merula customer traffic, however all BT DSL services delivered from our Telehouse North node should be considered as AT RISK during this maintenance window.
If you have any queries about this work please raise a support ticket with our helpdesk.

We will issue an ALL CLEAR once this work has been completed.

Network Instability 02/02/2016

There was a period of network instability between 1am and 2am this morning. This appears to have been due to a network storm within our network. We have now stabalised the network and you should see full service from all servers.

We are monitoring the network to ensure this does not re-occur and are investigating the root cause of this issue to ensure it does not re-occur

We apologise for any issues this may have caused

EMERGENCY CONTACTS

The main support number is 0845 330 0666 (geographical 01480 355566)

There’s a second, fallback (geographical) number: 01480 411616. All numbers ring directly at our support centre, manned 24hrs x 365 days a year.

We'd also suggest that all customers subscribe to our mailing list (link above); status messages and updates will be delivered by email.

Subscribe