Results 1 to 25 of 31
Thread: Hostrocket server got hacked?
-
06-14-2004, 07:19 PM #1Junior Guru Wannabe
- Join Date
- Apr 2003
- Location
- Garden City, SC
- Posts
- 39
Hostrocket server got hacked?
I get a call from a client saying their site had been hacked. I went there and yes it had been hacked. I of course contact Hostrockets tech support and get this response:
Question:
--------------------------------------------------------------------------------
Other
Our server has been hacked. What is going on?
--------------------------------------------------------------------------------
On 2004-06-14 at 17:52:39, Support wrote:
--------------------------------------------------------------------------------
There was a server issue the other night and it was hacked
into. There was/is no lack of
security. Maintenemce was being done on the servers and
someone slipped through. At
this time, our servers are running at 100%. I would advise
that you change any &
all passwords and restore your site from any personal
backups you have. Unfortunately,
we do backups only when it is requested by the customer and
they pay the $10 backup fee.
If you would like to take advantage of this in the future,
or if you have any other
questions/concerns, please let us know.
XXXXXXXXXXXX
HostRocket Support
Does anyone else see something wrong with that statement? If that is the attitude of their system administrators then my confidence level in HostRockets security just dropped. It was just a few years ago when their servers got hacked and thieves stole customers credit card numbers.
How does a hacker just slip through, as they stated, when maintenance is being done on the server?
The thing that ticks me off is since they allowed the security breach that wiped out my clients website they should be offering to restore the sites from backup for free but no they want to charge us for that.
Thoughts, opinions? Is it time to start looking for a more reliable and secure webhost to put my clients on?
-
06-14-2004, 07:31 PM #2Web Hosting Master
- Join Date
- Dec 2003
- Location
- Miami, FL
- Posts
- 3,262
HostRocket has been in business for years, they are a respected company in the hosting industry. When a server is compromised, it's never fun for the clients or the host.
It doesn't matter who your host is or how rich they are, servers can be compromised. The important thing is that they take care of the problem as soon as possible and prevent any further problems.
-
06-14-2004, 07:35 PM #3Web Hosting Master
- Join Date
- Mar 2003
- Location
- United States
- Posts
- 3,683
In their defense, if anyone with the knowledge wants to get into a server - they will. I'm sure that HR probably did follow typical procedures for protecting the server, but it goes to the above statement and it depends upon the situation.
It's also typical for a company to charge for backups unless otherwise stated. It's technically not their responsibility (see their TOS - usually) if the server is hacked to offer a backup.Denver Hunter | Webmaster | Library of Biz - Side Hustles, Small Business & Professional Growth
-
06-14-2004, 07:42 PM #4Junior Guru Wannabe
- Join Date
- Apr 2003
- Location
- Garden City, SC
- Posts
- 39
I've been with Hostrocket for 3 or 4 years now. I've been happy with them for the most part but it's mistakes like this that start putting doubts into my head.
From what I can gather from responses they gave to other customers they took down their firewall while they were doing maintenance on the server. Is it a typical procedure to lower the defenses on a server while you are conducting maintenance?
-
06-14-2004, 07:42 PM #5Aspiring Evangelist
- Join Date
- Jun 2004
- Location
- New York, NY
- Posts
- 376
Originally posted by CrazyTech
In their defense, if anyone with the knowledge wants to get into a server - they will. I'm sure that HR probably did follow typical procedures for protecting the server, but it goes to the above statement and it depends upon the situation.
It's also typical for a company to charge for backups unless otherwise stated. It's technically not their responsibility (see their TOS - usually) if the server is hacked to offer a backup.
-
06-14-2004, 07:54 PM #6Web Hosting Master
- Join Date
- Dec 2002
- Location
- Los Angeles
- Posts
- 559
interesting that they have their support admitting to a hack. you have to hand it to them for honesty (and crappy security measures).
but this struck me as odd; "we do backups only when it is requested by the customer..." --- are they saying that they don't have any backups of client data?
i can understand charging $10 to restore from a backup, but to run a hosting company without any backups is flat out insane.
"yeah, well, your server crashed last night, so you better upload your site again." ha ha ha. jesus.datapimp - You only get one soul, ya dig?
-
06-14-2004, 08:01 PM #7Junior Guru Wannabe
- Join Date
- Jun 2004
- Posts
- 35
Originally posted by datapimp.com
interesting that they have their support admitting to a hack. you have to hand it to them for honesty (and crappy security measures).
but this struck me as odd; "we do backups only when it is requested by the customer..." --- are they saying that they don't have any backups of client data?
i can understand charging $10 to restore from a backup, but to run a hosting company without any backups is flat out insane.
"yeah, well, your server crashed last night, so you better upload your site again." ha ha ha. jesus.
My current host's server died last summer and they lost all sites and updates to sites 3 months old - they did nothing about this and insisted that it is not their responsibility to make backups.
Whilst this may be partially true, it doesn't do much for business!
Brad.
-
06-14-2004, 08:09 PM #8Junior Guru Wannabe
- Join Date
- Apr 2003
- Location
- Garden City, SC
- Posts
- 39
Here is the rest of the conversation but the latest response is from a different tech support member. They at least now apologized. The previous tech support person could probably take a lesson from this person about customer relations.
On 2004-06-14 at 18:40:23, you wrote:
--------------------------------------------------------------------------------
Please explain to me if there was no lack of security then
how did someone slip through? If the hacker got in
because of sometbing that Hostrocket staff did or did not
do then the least that Hostrocket can do is restore our
sites from backup without charge.
--------------------------------------------------------------------------------
On 2004-06-14 at 19:24:23, Support wrote:
--------------------------------------------------------------------------------
Hi,
I'm truly sorry for the inconvenience you have experienced.
I've gone ahead and credited your account 1 month free for
web hosting. Necessary firewall and security steps are
being implemented so this does not happen again.
We provide our customers with daily backups of their site
at the control panel by clicking on the daily backup icon.
Unfortunately we do not have backups of the material that
was lost. Please let me know if there's anything else I
could assist you with.
Kindest Regards,
XXXXXXXXXXXXXX
HostRocket Support
-
06-14-2004, 08:15 PM #9Web Hosting Master
- Join Date
- May 2002
- Posts
- 3,416
How do you figure that? They are using an automatic backup solution that gives you daily backups with their hosting prices. Where in the ticket are they charging you? Just out the door, but curious why you're saying that, not defending them either =)
dotGig
<:<: [Fruit eating linux administrator]
-
06-14-2004, 08:16 PM #10Junior Guru Wannabe
- Join Date
- Jun 2004
- Posts
- 35
1 month free though - at least they know they were in the wrong .
Perhaps you couldoffer your client a free month - to compensate for their loss?
Just a sugestion.
Brad.
-
06-14-2004, 08:20 PM #11Junior Guru Wannabe
- Join Date
- Apr 2003
- Location
- Garden City, SC
- Posts
- 39
Originally posted by Samuel
How do you figure that? They are using an automatic backup solution that gives you daily backups with their hosting prices. Where in the ticket are they charging you? Just out the door, but curious why you're saying that, not defending them either =)
Unfortunately,
we do backups only when it is requested by the customer and
they pay the $10 backup fee.
-
06-14-2004, 08:23 PM #12Junior Guru Wannabe
- Join Date
- Apr 2003
- Location
- Garden City, SC
- Posts
- 39
Originally posted by SNGUK
1 month free though - at least they know they were in the wrong .
Perhaps you couldoffer your client a free month - to compensate for their loss?
Just a sugestion.
Brad.
-
06-14-2004, 08:25 PM #13Junior Guru Wannabe
- Join Date
- Jun 2004
- Posts
- 35
Good aproach
One i like to share - It's always better to put yourself out a bit to ensure customers receive the service they deserver (if not more ).
Good luck with HR.
Brad.
-
06-14-2004, 09:40 PM #14Aspiring Evangelist
- Join Date
- Jun 2004
- Location
- New York, NY
- Posts
- 376
My freinds gallery software was just hacked on host rocket http://www.brettevan.com/cpg/ :-(
-
06-14-2004, 11:36 PM #15Web Hosting Master
- Join Date
- Nov 2000
- Location
- Newport Beach CA
- Posts
- 609
As always, HostRocket is committed to providing a high-quality service coupled with superb technical support and customer service. As part of our commitment to help our customers achieve online success, various security mechanisms are in place on our servers, on our network, and throughout our company. While these security measures do encompass every aspect of our company and its offerings, nothing can ever be 100% secure. Even with the most comprehensive and stringent security measures, all systems are always vulnerable somewhere at some point.
In this case, a customer was running an insecure and exploitable script which allowed the individual(s) responsible for this incident access to take advantage of the situation. Once this was determined, the script was immediately disabled and removed from the server; the customer associated with that account was notified. The staff member that stated there was a problem during a maintenance window was severely mistaken and perhaps misinformed. Additionally, HostRocket acknowledges that any similar event is a breach of security regardless of the server usage situation at a given point. However, I'll stress once again that that fact does not apply to this incident though since there was no maintenance. Even during periodic maintenance, our servers are still extremely secure. Our security team is continuing to investigate the situation to ensure continued security for the affected clients. The same staff members are also taking necessary steps to guarantee the security of all accounts on other HostRocket servers.
In this situation, “index files” were the only files tampered with; all other files, databases, and e-mail accounts are in tact and untouched. While the entire situation is a large inconvenience for everyone involved, all we can now do is ensure a quick resolution for any lingering issues and take measures to prevent such events from reoccurring.
If you have any additional or specific questions or concerns regarding this issue, please do not hesitate to bring them to our attention. Our onsite staff is available to assist you 24/7. If you feel your issue is not being appropriately resolved by a member of our staff, please feel free to contact me or another member of our management team. I can be reached directly at timothy@hostrocket.com. Our Customer Service Manager, Melissa, can be reached directly at melissa@hostrocket.com.
Have a great week and thank you for your continued confidence in HostRocket.Last edited by Timothy; 06-14-2004 at 11:41 PM.
VOIPO - VoIP Telephone Service
-
06-14-2004, 11:42 PM #16Web Hosting Master
- Join Date
- May 2002
- Posts
- 3,416
So was the 10 dollar backup fee a "special event backup" or the normal daily bsackup? HR uses CPanel and the backup is automatica and available 24 hours a day or did the hacker rm -f?
dotGig
<:<: [Fruit eating linux administrator]
-
06-14-2004, 11:57 PM #17Web Hosting Master
- Join Date
- Nov 2000
- Location
- Newport Beach CA
- Posts
- 609
Originally posted by Samuel
So was the 10 dollar backup fee a "special event backup" or the normal daily bsackup? HR uses CPanel and the backup is automatica and available 24 hours a day or did the hacker rm -f?
Daily backups are made available every day for users to download from their control panel. It is solely the responsibility of the customer to download such backups if they they forsee a need to restore individual files in instances such as the one today. This is clearly outlined in our Terms of Service.
Some customers would prefer for us to manage the entire backup process, but would like an option to restore individual files upon request. The fee referenced is associated with another one our services that allows just that. The fee for such a service is $10.00 and that is the referenced price above.
I hope that is clear.VOIPO - VoIP Telephone Service
-
06-15-2004, 12:01 AM #18Aspiring Evangelist
- Join Date
- Jun 2004
- Location
- New York, NY
- Posts
- 376
Timothy I'm not blaming Host Rocket for that hacked web site, just wanted to warn people who are running same gallery script.
-
06-15-2004, 12:09 AM #19Web Hosting Master
- Join Date
- Aug 2001
- Posts
- 1,210
I would be more concerned with the fact that DesignQueue had to find out that the server had been compromised from a client rather than from hostrocket. IMO, anyone with an account on that machine should have been notified immediately.
-Biptables -I INPUT -s 64.88.128.0/19 -j DROP
iptables -I INPUT -s 66.111.192.0/18 -j DROP
iptables-save > /etc/sysconfig/iptables
-
06-15-2004, 12:17 AM #20Web Hosting Master
- Join Date
- Nov 2000
- Location
- Newport Beach CA
- Posts
- 609
Originally posted by TMX
I would be more concerned with the fact that DesignQueue had to find out that the server had been compromised from a client rather than from hostrocket. IMO, anyone with an account on that machine should have been notified immediately.
-BVOIPO - VoIP Telephone Service
-
06-15-2004, 12:43 AM #21Web Hosting Master
- Join Date
- Dec 2002
- Location
- Los Angeles
- Posts
- 559
Originally posted by HRTimothy
The staff member that stated there was a problem during a maintenance window was severely mistaken and perhaps misinformed.
datapimp - You only get one soul, ya dig?
-
06-15-2004, 12:52 AM #22Web Hosting Guru
- Join Date
- Apr 2004
- Posts
- 338
Yeah I got the email today as well. Makes me glad I did a backup this morning.
Tim are we good to go as far as getting out home pages back up?
-
06-15-2004, 10:43 AM #23Web Hosting Master
- Join Date
- Nov 2000
- Location
- Newport Beach CA
- Posts
- 609
Originally posted by datapimp.com
damn outsourcing...
[removed] we don't outsource any of our staffing. [removed]
Originally posted by Cope
Yeah I got the email today as well. Makes me glad I did a backup this morning.
Tim are we good to go as far as getting out home pages back up?Last edited by SoftWareRevue; 06-16-2004 at 03:17 PM.
VOIPO - VoIP Telephone Service
-
06-15-2004, 11:57 AM #24Hosting Systems Specialist
- Join Date
- Dec 2003
- Location
- New Zealand
- Posts
- 1,265
No servers are totally secure, They probably try there hardest to keep it secure.
Be nice
-
06-15-2004, 12:02 PM #25The VPS Specialist
- Join Date
- Aug 2003
- Location
- Edinburgh/London
- Posts
- 5,789
Considering a member of Hostrocket staff has come on here to post about the issues previously raised by DesignQueue.
Personally, as always, I praise a host that takes the time to explain to their customers ( as well as publicly on here) the issue at hand, what steps have been taken to avoid a reoccurance and information surrounding the problem.
I congratulate Hostrocket on their response and the way in which they've handled this situation and I see no reason why they can't explain to users of this forum about the type of service they offer.
Big up to Hostrocket.
.... and no, I'm not a customer and am in no way affiliated with them.