Page 5 of 22 FirstFirst ... 234567815 ... LastLast
Results 101 to 125 of 537
  1. #101
    Join Date
    Jul 2008
    Location
    France
    Posts
    105
    [QUOTE=DedicatedBox;5360202]
    Sh*t happends, unfortunately. I just hope I dont get swamped with spam...

    You mean 'more' spam right? lol
      0 Not allowed!

  2. #102
    Join Date
    Oct 2004
    Location
    San Francisco, CA
    Posts
    394
    Quote Originally Posted by ST-Mike View Post

    I'm wondering where the 6 month backup was stored and why there couldn't have been at least a monthly backup along with it.
    This is the true question.
      0 Not allowed!

  3. #103
    Join Date
    Jun 2006
    Posts
    1,112
    Quote Originally Posted by HD Fanatic View Post
    I can't believe there was no recent local backup of the database. Hope you can recover most of the data.
    I agree here.

    Where are the hard backups, you know, in your office and perhaps at an off-site location? (on removable media)

    I run a very small business but keep backup DVD's every month or so in addition to backups made to remote machines.

    Of course WHT is massive but I see no reason why they can't cope with at least monthly hard backups, tape drives or something - whatever the big guys do with masses of data!
      0 Not allowed!

  4. #104
    Join Date
    Apr 2003
    Location
    Atlanta, Jawja
    Posts
    3,074
    Folks, I'm just as annoyed as the next person is (Remember, I had a killer thread going in the VPS Hosting forum that was directed to providers and customers), but I'm not going to sit here and complain about missing posts, or my post count.

    Am I annoyed that I lost a few posts and my post count? Yes.
    Am I upset that this even happened? Yes.
    Am I wondering what's going on about the backups? Yes.
    Am I going to raise a stink about this? No.

    iNet/WHT has some damned capable people on their team. If there's a way to recover the missing data, you can bet your last dollar that the guys working behind the scenes will do whatever they have to do in order to get it back.

    You can also bet your last penny that going forward, the folks that admin the site will ensure that they are better protected against a situation like this.

    Dennis has already said what was going on, and what the team is doing to try to rectify the problem.

    The twit that did this gained access through a backup system. This tells me, right off the bat, that no matter what backup methodology that was used (even multi-tiered/separate systems) would have been at risk for fodder. If the backups were automated (which they should be), this clown would have been able to exploit it to his or her advantage. The only safe backup would have been manual ones where there was no path to follow (such as someone copying a tarball onto a local machine).

    I'm not shaking my finger at anyone in this situation, except for the twit that caused all of this.

    Everyone needs to take a step back and look at this situaiton logically.

    The folks behind WHT need our support, our patience and our understanding. The last thing they need to do is to be distracted from what they're doing and dealing with folks just yammering about this.

    Give them a chance to do what they do best, please.
    Doug Hazard - "retired" Web Hosting Master
    * Full Stack (Web/WP) Dev for The Catholic Diocese of Richmond (160+ sites)
    * Sports Photographer, Media Personality and CFB Historian
    * Tech Admin for several Sports Networks/Sites
      0 Not allowed!

  5. #105
    Join Date
    Aug 2006
    Location
    Houston, TX USA
    Posts
    345
    Glad to see WHT back, good luck with catching this person and restoring the databases!
    LaneHost.com | Professional Web Hosting Solutions
    Affordable Shared Hosting, Reseller Hosting & Dedicated Servers at Great Prices!
    Follow us on Twitter!
      0 Not allowed!

  6. #106
    Join Date
    Oct 2004
    Location
    San Francisco, CA
    Posts
    394
    I sure hope that this wasn't all caused by saving money on security and backup resources to make more profit off of ad revenue...
      0 Not allowed!

  7. #107
    Join Date
    Jul 2008
    Posts
    972
    Quote Originally Posted by Douglas View Post
    The twit that did this gained access through a backup system. This tells me, right off the bat, that no matter what backup methodology that was used (even multi-tiered/separate systems) would have been at risk for fodder. If the backups were automated (which they should be), this clown would have been able to exploit it to his or her advantage. The only safe backup would have been manual ones where there was no path to follow (such as someone copying a tarball onto a local machine).
    I'll make sure never to use your hosting company then; you're saying it's okay to only have one method of backup? Come on, I'd have multiple backup locations distributed throughout the world, along with offline backups distributed through at least 2 location, especially when stuff like this has happened before and WHT matters to a lot of businesses.
      0 Not allowed!

  8. #108
    Join Date
    Jul 2008
    Location
    France
    Posts
    105
    well said. There's a brightside to every bad situation and it will be found eventually here
      0 Not allowed!

  9. #109
    Join Date
    Oct 2004
    Location
    San Francisco, CA
    Posts
    394
    Quote Originally Posted by Douglas View Post
    The folks behind WHT need our support, our patience and our understanding. The last thing they need to do is to be distracted from what they're doing and dealing with folks just yammering about this.
    I understand completely, but isn't this the Forum Announcements, Feedback, and Questions forum? Feedback is a good thing.
      0 Not allowed!

  10. #110
    Join Date
    Aug 2008
    Posts
    176
    Quote Originally Posted by Douglas View Post
    Folks, I'm just as annoyed as the next person is (Remember, I had a killer thread going in the VPS Hosting forum that was directed to providers and customers), but I'm not going to sit here and complain about missing posts, or my post count.

    Am I annoyed that I lost a few posts and my post count? Yes.
    Am I upset that this even happened? Yes.
    Am I wondering what's going on about the backups? Yes.
    Am I going to raise a stink about this? No.

    iNet/WHT has some damned capable people on their team. If there's a way to recover the missing data, you can bet your last dollar that the guys working behind the scenes will do whatever they have to do in order to get it back.

    You can also bet your last penny that going forward, the folks that admin the site will ensure that they are better protected against a situation like this.

    Dennis has already said what was going on, and what the team is doing to try to rectify the problem.

    The twit that did this gained access through a backup system. This tells me, right off the bat, that no matter what backup methodology that was used (even multi-tiered/separate systems) would have been at risk for fodder. If the backups were automated (which they should be), this clown would have been able to exploit it to his or her advantage. The only safe backup would have been manual ones where there was no path to follow (such as someone copying a tarball onto a local machine).

    I'm not shaking my finger at anyone in this situation, except for the twit that caused all of this.

    Everyone needs to take a step back and look at this situaiton logically.

    The folks behind WHT need our support, our patience and our understanding. The last thing they need to do is to be distracted from what they're doing and dealing with folks just yammering about this.

    Give them a chance to do what they do best, please.
    True but this never should have happened in the first place.

    Again this isn't the first time.

    There should have been a hard back up somewhere.

    I understand that complaining doesn't help. I usually don't agree with such but I feel like people have at least a little right to be angry.

    Especially seeing as we don't know how much was really taken.
      0 Not allowed!

  11. #111
    Join Date
    Dec 2004
    Location
    Netherlands
    Posts
    384
    Quote Originally Posted by Payton Designs View Post
    I sure hope that this wasn't all caused by saving money on security and backup resources to make more profit off of ad revenue...
    I doubt it.
    And all the vague assumptions that nobody can backup are not really contributing any help to the current problem.

    I fully agree with Douglas.



    Sincerely,
    - Liroy
      0 Not allowed!

  12. #112
    Join Date
    Aug 2001
    Posts
    4,028
    If it weren't for the complaining/feedback the boards would have a whole 10 posts since coming online. Gotta let us all Vent
    Last edited by Outlaw Web Master; 10-14-2008 at 09:24 PM.
      0 Not allowed!

  13. #113
    Join Date
    Aug 2006
    Location
    Ashburn VA, San Diego CA
    Posts
    4,615
    I'm suprised with a board of this size and revenue there is no continuous backup solution in place (r1soft, ect). Off-site to some FTP account? Wow.
    Fast Serv Networks, LLC | AS29889 | DDOS Protected | Managed Cloud, Streaming, Dedicated Servers, Colo by-the-U
    Since 2003 - Ashburn VA + San Diego CA Datacenters
      0 Not allowed!

  14. #114
    Join Date
    Sep 2005
    Location
    Sheffield, UK
    Posts
    783
    Well this sucks. For members and iNet (who I'm sure are now paying the price for not having multiple backup locations!).

    Hope you're able to recover that DB. 6 months ago my account was unused for over a year. Since then its been filled with several hundred decent posts. I suppose this also means that all our reviews got wiped, along with my premium membership and username change.

    The person who thought it would be a good idea to have a single backup shouldn't be working for iNet. Seriously a company with that kind of money shouldn't be shirking on backups.

    Maybe an explanation as to why they felt only 1 backup was needed would be useful.
    WHSuite - Billing, Automation and Client Management Software.
      0 Not allowed!

  15. #115
    Join Date
    Mar 2008
    Posts
    1,717
    Quote Originally Posted by citricsquid View Post
    I'll make sure never to use your hosting company then; you're saying it's okay to only have one method of backup? Come on, I'd have multiple backup locations distributed throughout the world, along with offline backups distributed through at least 2 location, especially when stuff like this has happened before and WHT matters to a lot of businesses.
    What he's saying is, even if there were more backups, the intruder made it from the backup server across to the main server. Kind of suggests they'd have been able to make it anywhere else backups were stored, no? You can have 12 backup copies spread all over the globe - if an intruder deletes them all you're still dead in the water.

    As far as the people complaining about having "their password out there" - it's 2009 people! It's time we acted a little more educated about security isn't it?

    I used a throwaway password for this forum and the only thing I'm upset about is that now I gotta pick another throwaway password for all the other "trivial" websites I go to. If your WHT password is used for banking, email, servers, or anything of that nature, I for one don't think you should even be in the web hosting business.

    Passwords are out there, albeit in hashed format, but you should consider them compromised anyway, particularly given the minimal effort it'll take to pick a new throwaway password and memorize it. Your password being compromised isn't the big deal here - the spam list thing is a bigger deal IMHO. If you're not using the password for something stupid then what's the big deal?
    I used to run the oldest commercial Mumble host.
      0 Not allowed!

  16. #116
    Join Date
    Jun 2008
    Location
    Los Angeles, CA
    Posts
    272
    Glad to see the site back - went from addict to newbie
    █ Lebnene
    █ Consultant: Colocation, Cloud & Dedicated Servers
      0 Not allowed!

  17. #117
    Join Date
    Apr 2003
    Location
    Atlanta, Jawja
    Posts
    3,074
    Quote Originally Posted by citricsquid View Post
    I'll make sure never to use your hosting company then; you're saying it's okay to only have one method of backup? Come on, I'd have multiple backup locations distributed throughout the world, along with offline backups distributed through at least 2 location, especially when stuff like this has happened before and WHT matters to a lot of businesses.
    If we had all of my posts, I could have referred you to several posts where I comment about backups.

    I'm one of the biggest advocates of backup policies around. One of my own personal customers had SIX different backup methods. Four of them available via internet methodology, two of them not.

    You completely misunderstood/misread what I said. Let me clarify exactly what I mean:

    The twit that did this gained access through a backup system. This tells me, right off the bat, that no matter what backup methodology that was used (even multi-tiered/separate systems) would have been at risk for fodder. If the backups were automated (which they should be), this clown would have been able to exploit it to his or her advantage. The only safe backup would have been manual ones where there was no path to follow (such as someone copying a tarball onto a local machine).
    Let's use my former personal customer (We'll call him "Michel") as an example. We'll use the WHT breach as the defining factor for this situation.

    * Michel has RAID1 protection: Hacker wipes the DB. This affects both drives.

    * Michel has a rsync going over to a third drive on his local machine: Hacker wipes that out too.

    * Michel has an automated FTP backup going: hacker locates the PW to that system and wipes that out, as well.

    * Michel has an off-site (different facility) rsync backup that's automated: Hacker gets that info and wipes it out, as well.

    * Michel has a tape backup, manually rotated out by DC staff, cycled every three days amongst five backups: Hacker could wipe the current one out, but has no physical access to that backup.

    * Michel keeps an updated (once a week) backup, done manually onto his own local machine: Hacker doesn't have access to that, ergo no wiping capabilities.

    In the section taht I quoted above, WHT had a manual backup that was stored locally somewhere. Granted, it was out of date, but that's the only safe backup that wasn't wiped. That's what I meant by my quoted part.

    Everyone that has ever interacted with me with regards to my backup posts/philosophies can vouch for the fact that I always advocate at least THREE of the methods above being used at the same time, though I will always recommend all six, every time.

    Please do not mis-read what I posted as me advocating only one backup methodology. Again, I meant that in WHT's situation, the one backup that they have was safe from being deleted, because the twit that did this couldn't gain access to a localized backup, ergo, meaning that it was the only safe backup that couldn't be deleted.

    I hope this explains it a bit more clearly, citricsquid.
    Doug Hazard - "retired" Web Hosting Master
    * Full Stack (Web/WP) Dev for The Catholic Diocese of Richmond (160+ sites)
    * Sports Photographer, Media Personality and CFB Historian
    * Tech Admin for several Sports Networks/Sites
      0 Not allowed!

  18. #118
    Join Date
    Jul 2008
    Location
    France
    Posts
    105
    Just a little though about those backup methods. The rysncs and ftp's going out? Thats never going to be secure as it requires storing remote server information locally which kinda defeats the object of backup in these scenarios. You should always have a delivery guy.
      0 Not allowed!

  19. #119
    Join Date
    Apr 2003
    Location
    Atlanta, Jawja
    Posts
    3,074
    rsync and FTP can both be secured (rsync of an SSL tunnel, and use sFTP instead).

    FYI, I would recommend one more backup method, as well (Thanks to Mike V for reminding me): R1Soft's CDP Backup.

    There, 7 layers of backups advocated.
    Doug Hazard - "retired" Web Hosting Master
    * Full Stack (Web/WP) Dev for The Catholic Diocese of Richmond (160+ sites)
    * Sports Photographer, Media Personality and CFB Historian
    * Tech Admin for several Sports Networks/Sites
      0 Not allowed!

  20. #120
    Join Date
    Mar 2005
    Location
    Athens, Greece
    Posts
    1,763
    I wonder if this is a known exploit - last week some dbs (less than 5) on Hostgator had corrupted data - many servers were affected and unscheduled maintenance occured as I had read on their forums. The administrator managed to repair some dbs I pointed out, while I had to restore a few tables from backups (it turned out to be quicker to restore them than open a ticket).
    Managed.gr cloud hosting, paas, vps, dedicated, domain registration on global datacenters.
      0 Not allowed!

  21. #121
    Join Date
    Jan 2004
    Posts
    1,184
    I completely disagree with all the backups options state till now.

    you don't need more than 1 offsite remote backup to make it secure.
      0 Not allowed!

  22. #122
    Join Date
    Jun 2001
    Location
    Kalamazoo
    Posts
    33,412
    Quote Originally Posted by EditDNS-Tyler View Post
    Any plans to update vB if it's not already the latest?
    Yes. Likely will be a mid-week thing.
    There is no best host. There is only the host that's best for you.
      0 Not allowed!

  23. #123
    Its easy to say what you think should have been done after its happened, and its a different story when it happens to you.
    Last edited by page-zone; 10-14-2008 at 10:01 PM.
      0 Not allowed!

  24. #124
    Join Date
    Jun 2001
    Location
    Kalamazoo
    Posts
    33,412
    Quote Originally Posted by MikeDVB View Post
    That in and of itself is a very dangerous statement to make because if you don't know how it happened, you don't know how to prevent it.
    Dangerous or not, I'm not going to lie to you.
    There is no best host. There is only the host that's best for you.
      0 Not allowed!

  25. #125
    Join Date
    Jun 2001
    Location
    Kalamazoo
    Posts
    33,412
    Quote Originally Posted by tristanperry View Post
    *If* the data in the backup server cannot be salvaged for whatever reason (which really wouldn't be your fault), would WHT stay as it is currently (i.e. at an October 2008 revision on many things)?
    Of course that's a possibility. But I just don't want to run with every possibility. All things are possible, so the list could get a little long.
    There is no best host. There is only the host that's best for you.
      0 Not allowed!

Page 5 of 22 FirstFirst ... 234567815 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •