Page 6 of 22 FirstFirst ... 345678916 ... LastLast
Results 126 to 150 of 537
  1. #126
    Join Date
    Jun 2006
    Posts
    1,112
    I guess the option to hide my e-mail address on my profile no longer matters... because after 1 minute of Googling a list of everybody's e-mail address from WebHostingTalk can be downloaded straight to your desktop...

    I'm not sure why users are being so forgiving of this following the other recent "hacking". WHT is a *big* website with *alot* of traffic - iNet should be able to keep the community safe but it would seem they cannot.

    Obviously not on the same scale but imagine if Google leaked our e-mail addresses and some sort of hashed passwords from accounts they held? There would be chaos, WHT has done the same for a certain niche area of the internet.
    Last edited by DevMonkey; 03-23-2009 at 04:08 PM.
      0 Not allowed!

  2. #127
    Join Date
    Mar 2003
    Location
    Chicago
    Posts
    285
    Someone getting in from the remote backup server is inexcusable. I am talking junior sysadmin stuff here. Obviously nothing is hack proof but you sure can make it 99% hack proof with some minor changes.

    * change ssh port to a random high port
    * disallow root logins
    * disable password authentication - use keys
    * firewall off all access except to the ips and ports that need it.
    * one way ssh key mechanism would not allow a hacker into the WHT boxes when doing backups.
    * do not allow connections to WHT from the backup boxes...
    * etc
      0 Not allowed!

  3. #128
    Join Date
    Jul 2006
    Posts
    88
    I think there are some questions that need answered:

    1) It seems the extent of the data loss is unknown

    2) Was it the entire database that was compromised?

    3) Why were the backup servers setup in such a way that more than one machine can access it? If you have a backup server that has a sole purpose (backup WHT.com) then why on earth was it accessible to other machine's login attempts? Was there no system (IPTables) setup to block good IPs from bad?

    it seems an entire lack of planning on behalf of iNET staff has led to a seriously potentially dangerous situation for many providers.

    The countless number of private conversations going on via PM that has been exposed is just really and truly alarming. I know for one that my previous business conversations with various partners, customers, and service providers that I had here are NOT public.

    I would also not appreciate receiving spam on my business e-mail, which happens to be linked to a blackberry.
    http://www.jdaigle.net/ - My portfolio
    http://www.logicdeck.com/ - Awesome tutorials and webmaster resources!
      0 Not allowed!

  4. #129
    Join Date
    Dec 2004
    Location
    Netherlands
    Posts
    384
    Quote Originally Posted by ST-Mike View Post
    I guess the option to hide my e-mail address on my profile no longer matters... because after 1 minute of Googling a list of everybody's e-mail address from WebHostingTalk can be downloaded straight to your desktop...
    Well, report the link so that action can be taken
      0 Not allowed!

  5. #130
    Join Date
    Mar 2005
    Location
    Athens, Greece
    Posts
    1,763
    If the backups cannot be recovered, there could be a solution to recover the posts from google cache? An automated script should be created quickly.

    magnolia tried something similar for the public bookmarks.
    Managed.gr cloud hosting, paas, vps, dedicated, domain registration on global datacenters.
      0 Not allowed!

  6. #131
    Join Date
    Jun 2006
    Posts
    1,112
    Quote Originally Posted by DedicatedBox View Post
    Well, report the link so that action can be taken
    I'm sure the data is well on its way, it is already hosted across multiple locations. We're forgetting these "underground" places too... you know, "security" or "hacking" forums etc.

    The data has gone, iNet lost it - not good, not forgivable.
      0 Not allowed!

  7. #132
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,681
    I am staying out of this thread besides this post, but SoftwareRevue, don't you feel bad now that the hack from last year was covered up? last year you guys were running a vulnerable kernel on your dev box, according to google caches, makes me wonder about the rest of your infrastructure.
    Steven Ciaburri | Industry's Best Server Management - Rack911.com
    Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
    Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
    FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance
      0 Not allowed!

  8. #133
    Join Date
    May 2005
    Location
    Houston, TX
    Posts
    193
    Quote Originally Posted by SoftWareRevue View Post
    Now move on with the conspiracy theories, please.
    I heard what really happened from my cousin who heard from her dentist who heard from his wife who bought flowers from a guy who sat next to some lady on a bus who knew the culprits. The details are a little hazy (and sometimes nonexistent), so I'll just make them up as I go along ... as is standard practice in situations like these.

    As some of you know, The Ann Arbor News will be publishing their last daily edition in July of this year. To those not living near Ann Arbor, this isn't too significant, but to Rutherford Steinjack of Burns Park, Michigan, this news was catastrophic ... you see, Mr. Steinjack has a very picky guinea pig named Boris who burrows exclusively in Stefanie Murray's articles (Steinjack once tried to sneak in a page of coupons from Village Corner and Boris bit off his pinky).

    Afraid of what Boris might do when The Ann Arbor News did not show up on his doorstep every morning, Mr. Steinjack decided that drastic times called for drastic measures so he called his grandson in West Philadelphia (born and raised) to wage war against this "Internet" thing for him ... as the most current piece of technology in Mr. Steinjack's split-level house was a toaster built in 1986 which he avoided like the plague because it cooked toast unnecessarily fast. Because Steinjack's grandson had been busy with homework from Ms. Bailson's fourth grade math class, he had to outsource this "war on the Internet" to a team of huckleberry pickers living just south of Santa Barbara, CA.

    Around this point in the story, the woman on the bus sitting next my cousin's dentist's wife's flower salesman had to disembark, but she promised to explain the mechanics of the hack tomorrow evening between Wheel of Fortune and Bingo on the #9 bus between Huron, SD and Wausau, WI.

    Sorry I couldn't be of any help on that side, but at least we know a little of the back-story now.

    In all seriousness, I hope everything gets restored as soon as possible and you guys can track down the folks behind it.
    Kevin Hazard
    Director, Digital Content
    SoftLayer, an IBM Companyhttp://twitter.com/softlayer
      0 Not allowed!

  9. #134
    Quote Originally Posted by Douglas View Post
    * Michel has an off-site (different facility) rsync backup that's automated: Hacker gets that info and wipes it out, as well.
    Easy fix for that is to run rysnc from the backup server. No way to hack that, especially when your backup server should work via private network only.

    I can think of several backup methods that are fool proof and can not be accessed from the server being backed up.

    Its too late to make excuses or gripe about what happened. The data on the drives needs to be recovered by a data recovery company.
    Eleven2 Web Hosting - World-Wide Hosting, Done Right!
      0 Not allowed!

  10. #135
    I just found a method to recover all the posts. I remember recently several sites using wht rss to draw all the posts into their forums. Now all wht has to do is use rss to draw them back.
    Eleven2 Web Hosting - World-Wide Hosting, Done Right!
      0 Not allowed!

  11. #136
    Join Date
    Sep 2005
    Location
    Sheffield, UK
    Posts
    783
    Quote Originally Posted by fwaggle View Post
    What he's saying is, even if there were more backups, the intruder made it from the backup server across to the main server. Kind of suggests they'd have been able to make it anywhere else backups were stored, no? You can have 12 backup copies spread all over the globe - if an intruder deletes them all you're still dead in the water.

    As far as the people complaining about having "their password out there" - it's 2009 people! It's time we acted a little more educated about security isn't it?

    I used a throwaway password for this forum and the only thing I'm upset about is that now I gotta pick another throwaway password for all the other "trivial" websites I go to. If your WHT password is used for banking, email, servers, or anything of that nature, I for one don't think you should even be in the web hosting business.

    Passwords are out there, albeit in hashed format, but you should consider them compromised anyway, particularly given the minimal effort it'll take to pick a new throwaway password and memorize it. Your password being compromised isn't the big deal here - the spam list thing is a bigger deal IMHO. If you're not using the password for something stupid then what's the big deal?

    I think the point was there there should be more than one method not more than one server. I.E CD's Tapedrives, etc.
    WHSuite - Billing, Automation and Client Management Software.
      0 Not allowed!

  12. #137
    Join Date
    Jun 2003
    Location
    Calgary, Alberta
    Posts
    531
    Wow - major blow to WHT...

    But - sometimes it is good to purge, out with the old, in with the new...
    Jason (JC) Morris, Vice President - Technology
    TechWest Hosting - Enterprise Plesk & cPanel Hosting Since 2003!
    Shared & Reseller Hosting on Dell Quad Core 5420 Servers w/ RAID 10 in Multiple Datacenters!
    Ruby on Rails, FFMPEG, Fantastico, RVSiteBuilder, RVSkins, Nightly Off-site Backups, Clustered DNS!
      0 Not allowed!

  13. #138
    Join Date
    Apr 2008
    Location
    Somerset, UK
    Posts
    103
    Welcome back WHT!
    Missed you
      0 Not allowed!

  14. #139
    Join Date
    Dec 2004
    Location
    Netherlands
    Posts
    384
    Quote Originally Posted by A Grateful Dad View Post
    But - sometimes it is good to purge, out with the old, in with the new...
    Unfortunately it is the other way around at the moment :-X
      0 Not allowed!

  15. #140
    Join Date
    Sep 2005
    Location
    Sheffield, UK
    Posts
    783
    Quote Originally Posted by A Grateful Dad View Post
    Wow - major blow to WHT...

    But - sometimes it is good to purge, out with the old, in with the new...
    Except all the old stuff is still here and its the new stuff thats gone...so its more out with the new, in with the old
    WHSuite - Billing, Automation and Client Management Software.
      0 Not allowed!

  16. #141
    Join Date
    Jul 2008
    Posts
    972
    Quote Originally Posted by fwaggle View Post
    What he's saying is, even if there were more backups, the intruder made it from the backup server across to the main server. Kind of suggests they'd have been able to make it anywhere else backups were stored, no? You can have 12 backup copies spread all over the globe - if an intruder deletes them all you're still dead in the water.
    I don't use a real password for WHT and I don't care who has my email, I'm just trying to make a point. If I pretend I care maybe inet will take their heads out of their asses and learn about real backups... haha I can't believe I just said that, that'll never happen; remember last time there was a **** storm about passwords being stolen they didn't care and denied it.

    The point is, if you're running a site that relies upon data, as any forum does, why on earth do you keep a single backup? If I ran WHT, I'd have a secondary server, for switching in if stuff went down, I'd have remote backups around the world, I'd have offline backups taken weekly with copies of those at different locations, etc etc. inet is worth millions, I could do something like that for $500/month and in the long run, it saves users data. I wouldn't be surprised if they lose the coporate members from this, faith in WHT is being lost.

    Quote Originally Posted by Rick-Xolot View Post
    I think the point was there there should be more than one method not more than one server. I.E CD's Tapedrives, etc.
    Exactly.
      0 Not allowed!

  17. #142
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,681
    Quote Originally Posted by citricsquid View Post
    I don't use a real password for WHT and I don't care who has my email, I'm just trying to make a point. If I pretend I care maybe inet will take their heads out of their asses and learn about real backups... haha I can't believe I just said that, that'll never happen; remember last time there was a **** storm about passwords being stolen they didn't care and denied it.

    The point is, if you're running a site that relies upon data, as any forum does, why on earth do you keep a single backup? If I ran WHT, I'd have a secondary server, for switching in if stuff went down, I'd have remote backups around the world, I'd have offline backups taken weekly with copies of those at different locations, etc etc. inet is worth millions, I could do something like that for $500/month and in the long run, it saves users data. I wouldn't be surprised if they lose the coporate members from this, faith in WHT is being lost.



    Exactly.

    For a forum like this I would have at least 3 backup methods.
    Steven Ciaburri | Industry's Best Server Management - Rack911.com
    Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
    Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
    FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance
      0 Not allowed!

  18. #143
    Join Date
    Apr 2008
    Location
    Bury St Edmunds
    Posts
    160
    Quote Originally Posted by citricsquid View Post
    I don't use a real password for WHT and I don't care who has my email, I'm just trying to make a point. If I pretend I care maybe inet will take their heads out of their asses and learn about real backups... haha I can't believe I just said that, that'll never happen; remember last time there was a **** storm about passwords being stolen they didn't care and denied it.

    The point is, if you're running a site that relies upon data, as any forum does, why on earth do you keep a single backup? If I ran WHT, I'd have a secondary server, for switching in if stuff went down, I'd have remote backups around the world, I'd have offline backups taken weekly with copies of those at different locations, etc etc. inet is worth millions, I could do something like that for $500/month and in the long run, it saves users data. I wouldn't be surprised if they lose the coporate members from this, faith in WHT is being lost.



    Exactly.
    Ha sam i dont think a $500/mo budget would cover whts infrastructure
      0 Not allowed!

  19. #144
    This only affected WHT or other inet databases (hotscripts and etc) are stolen too?
    DWS (Desktop Whois System), an easy to use desktop application to whois domains in many TLDs...

    IR5.Net Europe Shared Hosting, Reseller accounts and VPS Provider...
      0 Not allowed!

  20. #145
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,681
    Quote Originally Posted by racked_solutions View Post
    Ha sam i dont think a $500/mo budget would cover whts infrastructure
    For backups? sure it would. Their database can't be that big. One of my clients is 5 times larger in terms of post count and users, and its 25gb.
    Steven Ciaburri | Industry's Best Server Management - Rack911.com
    Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
    Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
    FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance
      0 Not allowed!

  21. #146
    Join Date
    Apr 2008
    Location
    United Kingdom
    Posts
    339
    Quote Originally Posted by racked_solutions View Post
    Ha sam i dont think a $500/mo budget would cover whts infrastructure
    Just proves the point the data is more important for the cost.
    -Stephen. javaKrypt.com
      0 Not allowed!

  22. #147
    Join Date
    Dec 2008
    Location
    Florida
    Posts
    1,052
    =(

    I only lost roughly all of my posts, not to mention my account.

    Oh well, hopefully I won't get in trouble for making this account again, I just wanted to post and chat with the community again.
      0 Not allowed!

  23. #148
    Join Date
    Feb 2005
    Location
    Scotland, UK
    Posts
    185
    Quote Originally Posted by Douglas View Post
    The twit that did this gained access through a backup system. This tells me, right off the bat, that no matter what backup methodology that was used (even multi-tiered/separate systems) would have been at risk for fodder. If the backups were automated (which they should be), this clown would have been able to exploit it to his or her advantage. The only safe backup would have been manual ones where there was no path to follow (such as someone copying a tarball onto a local machine).
    Should iNET look into using a pull backup solution, rather than push? This way your database/webservers do not store login details for the backup servers.

    The way we have backups done is via completely locked down (ie, ALL inbound traffic firewalled off at software and hardware level) machines which SSH into our servers to download incremental backups daily.

    Have a look at BackupPC! It'll do what you guys need for the future
    Sean McRobbie - Specialising in virtualisation since 2005.
    www.openitc.co.uk - We create, we host, we connect - Fully Managed VPS & Dedicated Hosting
      0 Not allowed!

  24. #149
    Join Date
    Jun 2006
    Location
    Europe
    Posts
    632
    Quote Originally Posted by Steven View Post
    For a forum like this I would have at least 3 backup methods.
    i'd have 25 backups

    --
    anyway, whatever happened, happened.

    one strange thing i saw today, since i was not logging into forums last fews days, today i saw wht came back, i was logged out of the board, so went to login again with the old credentials, however i wasn't able to do so, like password was incorrect/change, so i did email password recovery which went smooth, and i was logged in again.

    i'm not sure did i missed something at all this posts regarding this, but if i remember there were no posts saying that all wht account password were set to reset so that we have to recover via email recovery?

    some other users might be in this same situation like me *cannot login with the old credentials*, so it might be a good idea to make an annoucement about this.
    Last edited by JOEsDC; 10-14-2008 at 10:39 PM. Reason: Forgot to add Something
      0 Not allowed!

  25. #150
    Join Date
    Nov 2005
    Location
    /etc/fstab
    Posts
    1,342
    Quote Originally Posted by Steven View Post
    For a forum like this I would have at least 3 backup methods.
    I agree, and I would also make sure to have a weekly local backup as well. Though, I hope from this they will learn and make sure it won't happen again. A big loss won't be the data only, but also the Search Engine listing.
    Mellowhost - Providing High Quality Web Hosting Services since 2007
    SSD Cpanel Shared, SSD OpenVZ & KVM VPS Hosting
    A Hosting Provider with Complete SSD VPS & Shared Hosting.
      0 Not allowed!

Page 6 of 22 FirstFirst ... 345678916 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •