Results 126 to 150 of 537
Thread: Recent WHT down time
-
03-23-2009, 04:04 PM #126Web Hosting Master
- Join Date
- Jun 2006
- Posts
- 1,112
I guess the option to hide my e-mail address on my profile no longer matters... because after 1 minute of Googling a list of everybody's e-mail address from WebHostingTalk can be downloaded straight to your desktop...
I'm not sure why users are being so forgiving of this following the other recent "hacking". WHT is a *big* website with *alot* of traffic - iNet should be able to keep the community safe but it would seem they cannot.
Obviously not on the same scale but imagine if Google leaked our e-mail addresses and some sort of hashed passwords from accounts they held? There would be chaos, WHT has done the same for a certain niche area of the internet.Last edited by DevMonkey; 03-23-2009 at 04:08 PM.
0
-
03-23-2009, 04:05 PM #127Web Hosting Guru
- Join Date
- Mar 2003
- Location
- Chicago
- Posts
- 285
Someone getting in from the remote backup server is inexcusable. I am talking junior sysadmin stuff here. Obviously nothing is hack proof but you sure can make it 99% hack proof with some minor changes.
* change ssh port to a random high port
* disallow root logins
* disable password authentication - use keys
* firewall off all access except to the ips and ports that need it.
* one way ssh key mechanism would not allow a hacker into the WHT boxes when doing backups.
* do not allow connections to WHT from the backup boxes...
* etc0
-
03-23-2009, 04:07 PM #128Junior Guru Wannabe
- Join Date
- Jul 2006
- Posts
- 88
I think there are some questions that need answered:
1) It seems the extent of the data loss is unknown
2) Was it the entire database that was compromised?
3) Why were the backup servers setup in such a way that more than one machine can access it? If you have a backup server that has a sole purpose (backup WHT.com) then why on earth was it accessible to other machine's login attempts? Was there no system (IPTables) setup to block good IPs from bad?
it seems an entire lack of planning on behalf of iNET staff has led to a seriously potentially dangerous situation for many providers.
The countless number of private conversations going on via PM that has been exposed is just really and truly alarming. I know for one that my previous business conversations with various partners, customers, and service providers that I had here are NOT public.
I would also not appreciate receiving spam on my business e-mail, which happens to be linked to a blackberry.http://www.jdaigle.net/ - My portfolio
http://www.logicdeck.com/ - Awesome tutorials and webmaster resources!0
-
03-23-2009, 04:08 PM #129Aspiring Evangelist
- Join Date
- Dec 2004
- Location
- Netherlands
- Posts
- 384
0
-
03-23-2009, 04:08 PM #130Web Hosting Master
- Join Date
- Mar 2005
- Location
- Athens, Greece
- Posts
- 1,763
If the backups cannot be recovered, there could be a solution to recover the posts from google cache? An automated script should be created quickly.
magnolia tried something similar for the public bookmarks.▌ Managed.gr cloud hosting, paas, vps, dedicated, domain registration on global datacenters.0
-
03-23-2009, 04:11 PM #131Web Hosting Master
- Join Date
- Jun 2006
- Posts
- 1,112
0
-
03-23-2009, 04:11 PM #132Problem Solver
- Join Date
- Mar 2003
- Location
- California USA
- Posts
- 13,681
I am staying out of this thread besides this post, but SoftwareRevue, don't you feel bad now that the hack from last year was covered up? last year you guys were running a vulnerable kernel on your dev box, according to google caches, makes me wonder about the rest of your infrastructure.
Steven Ciaburri | Industry's Best Server Management - Rack911.com
Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance0
-
03-23-2009, 04:12 PM #133Junior Guru
- Join Date
- May 2005
- Location
- Houston, TX
- Posts
- 193
I heard what really happened from my cousin who heard from her dentist who heard from his wife who bought flowers from a guy who sat next to some lady on a bus who knew the culprits. The details are a little hazy (and sometimes nonexistent), so I'll just make them up as I go along ... as is standard practice in situations like these.
As some of you know, The Ann Arbor News will be publishing their last daily edition in July of this year. To those not living near Ann Arbor, this isn't too significant, but to Rutherford Steinjack of Burns Park, Michigan, this news was catastrophic ... you see, Mr. Steinjack has a very picky guinea pig named Boris who burrows exclusively in Stefanie Murray's articles (Steinjack once tried to sneak in a page of coupons from Village Corner and Boris bit off his pinky).
Afraid of what Boris might do when The Ann Arbor News did not show up on his doorstep every morning, Mr. Steinjack decided that drastic times called for drastic measures so he called his grandson in West Philadelphia (born and raised) to wage war against this "Internet" thing for him ... as the most current piece of technology in Mr. Steinjack's split-level house was a toaster built in 1986 which he avoided like the plague because it cooked toast unnecessarily fast. Because Steinjack's grandson had been busy with homework from Ms. Bailson's fourth grade math class, he had to outsource this "war on the Internet" to a team of huckleberry pickers living just south of Santa Barbara, CA.
Around this point in the story, the woman on the bus sitting next my cousin's dentist's wife's flower salesman had to disembark, but she promised to explain the mechanics of the hack tomorrow evening between Wheel of Fortune and Bingo on the #9 bus between Huron, SD and Wausau, WI.
Sorry I couldn't be of any help on that side, but at least we know a little of the back-story now.
In all seriousness, I hope everything gets restored as soon as possible and you guys can track down the folks behind it.0
-
03-23-2009, 04:15 PM #134Web Hosting Master
- Join Date
- Feb 2005
- Posts
- 1,358
Easy fix for that is to run rysnc from the backup server. No way to hack that, especially when your backup server should work via private network only.
I can think of several backup methods that are fool proof and can not be accessed from the server being backed up.
Its too late to make excuses or gripe about what happened. The data on the drives needs to be recovered by a data recovery company.Eleven2 Web Hosting - World-Wide Hosting, Done Right!0
-
03-23-2009, 04:20 PM #135Web Hosting Master
- Join Date
- Feb 2005
- Posts
- 1,358
I just found a method to recover all the posts. I remember recently several sites using wht rss to draw all the posts into their forums. Now all wht has to do is use rss to draw them back.
Eleven2 Web Hosting - World-Wide Hosting, Done Right!0
-
03-23-2009, 04:21 PM #136Web Hosting Master
- Join Date
- Sep 2005
- Location
- Sheffield, UK
- Posts
- 783
WHSuite - Billing, Automation and Client Management Software.0
-
03-23-2009, 04:31 PM #137Web Hosting Evangelist
- Join Date
- Jun 2003
- Location
- Calgary, Alberta
- Posts
- 531
Wow - major blow to WHT...
But - sometimes it is good to purge, out with the old, in with the new...Jason (JC) Morris, Vice President - Technology
TechWest Hosting - Enterprise Plesk & cPanel Hosting Since 2003!
Shared & Reseller Hosting on Dell Quad Core 5420 Servers w/ RAID 10 in Multiple Datacenters!
Ruby on Rails, FFMPEG, Fantastico, RVSiteBuilder, RVSkins, Nightly Off-site Backups, Clustered DNS!0
-
03-23-2009, 04:31 PM #138WHT Addict
- Join Date
- Apr 2008
- Location
- Somerset, UK
- Posts
- 103
Welcome back WHT!
Missed you0
-
03-23-2009, 04:33 PM #139Aspiring Evangelist
- Join Date
- Dec 2004
- Location
- Netherlands
- Posts
- 384
0
-
03-23-2009, 04:33 PM #140Web Hosting Master
- Join Date
- Sep 2005
- Location
- Sheffield, UK
- Posts
- 783
WHSuite - Billing, Automation and Client Management Software.0
-
03-23-2009, 04:37 PM #141Web Hosting Master
- Join Date
- Jul 2008
- Posts
- 972
I don't use a real password for WHT and I don't care who has my email, I'm just trying to make a point. If I pretend I care maybe inet will take their heads out of their asses and learn about real backups... haha I can't believe I just said that, that'll never happen; remember last time there was a **** storm about passwords being stolen they didn't care and denied it.
The point is, if you're running a site that relies upon data, as any forum does, why on earth do you keep a single backup? If I ran WHT, I'd have a secondary server, for switching in if stuff went down, I'd have remote backups around the world, I'd have offline backups taken weekly with copies of those at different locations, etc etc. inet is worth millions, I could do something like that for $500/month and in the long run, it saves users data. I wouldn't be surprised if they lose the coporate members from this, faith in WHT is being lost.
Exactly.0
-
03-23-2009, 04:43 PM #142Problem Solver
- Join Date
- Mar 2003
- Location
- California USA
- Posts
- 13,681
Steven Ciaburri | Industry's Best Server Management - Rack911.com
Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance0
-
03-23-2009, 04:59 PM #143Temporarily Suspended
- Join Date
- Apr 2008
- Location
- Bury St Edmunds
- Posts
- 160
0
-
03-23-2009, 04:59 PM #144Web Hosting Guru
- Join Date
- Jun 2004
- Posts
- 259
This only affected WHT or other inet databases (hotscripts and etc) are stolen too?
DWS (Desktop Whois System), an easy to use desktop application to whois domains in many TLDs...
IR5.Net Europe Shared Hosting, Reseller accounts and VPS Provider...0
-
03-23-2009, 05:00 PM #145Problem Solver
- Join Date
- Mar 2003
- Location
- California USA
- Posts
- 13,681
Steven Ciaburri | Industry's Best Server Management - Rack911.com
Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance0
-
03-23-2009, 05:00 PM #146Web Hosting Guru
- Join Date
- Apr 2008
- Location
- United Kingdom
- Posts
- 339
-Stephen. javaKrypt.com0
-
03-23-2009, 05:01 PM #147Danananana Danananana Batman!
- Join Date
- Dec 2008
- Location
- Florida
- Posts
- 1,052
=(
I only lost roughly all of my posts, not to mention my account.
Oh well, hopefully I won't get in trouble for making this account again, I just wanted to post and chat with the community again.0
-
03-23-2009, 05:06 PM #148Junior Guru
- Join Date
- Feb 2005
- Location
- Scotland, UK
- Posts
- 185
Should iNET look into using a pull backup solution, rather than push? This way your database/webservers do not store login details for the backup servers.
The way we have backups done is via completely locked down (ie, ALL inbound traffic firewalled off at software and hardware level) machines which SSH into our servers to download incremental backups daily.
Have a look at BackupPC! It'll do what you guys need for the futureSean McRobbie - Specialising in virtualisation since 2005.
‡ www.openitc.co.uk - We create, we host, we connect - Fully Managed VPS & Dedicated Hosting0
-
03-23-2009, 05:07 PM #149Web Hosting Master
- Join Date
- Jun 2006
- Location
- Europe
- Posts
- 632
i'd have 25 backups
--
anyway, whatever happened, happened.
one strange thing i saw today, since i was not logging into forums last fews days, today i saw wht came back, i was logged out of the board, so went to login again with the old credentials, however i wasn't able to do so, like password was incorrect/change, so i did email password recovery which went smooth, and i was logged in again.
i'm not sure did i missed something at all this posts regarding this, but if i remember there were no posts saying that all wht account password were set to reset so that we have to recover via email recovery?
some other users might be in this same situation like me *cannot login with the old credentials*, so it might be a good idea to make an annoucement about this.Last edited by JOEsDC; 10-14-2008 at 10:39 PM. Reason: Forgot to add Something
0
-
03-23-2009, 05:07 PM #150Web Hosting Master
- Join Date
- Nov 2005
- Location
- /etc/fstab
- Posts
- 1,342
Mellowhost - Providing High Quality Web Hosting Services since 2007
SSD Cpanel Shared, SSD OpenVZ & KVM VPS Hosting
A Hosting Provider with Complete SSD VPS & Shared Hosting.0