1 |
On Sat, 22 Sep 2007 07:07:23 Grant wrote: |
2 |
> Hello, |
3 |
> |
4 |
> As I have previously posted about, my host sent me an email a few days |
5 |
> ago stating that support tickets for 5,000-6,000 of their clients had |
6 |
> been broken into. I checked my records and found that my root |
7 |
> password had previously been submitted in a support ticket. I then |
8 |
> decided I needed to reinstall my system. |
9 |
> |
10 |
> I requested that my host allow me access to a second machine for 2-5 |
11 |
> days while I switch over to a clean system, after that I would turn |
12 |
> the old system over to them and continue with the new system. |
13 |
> |
14 |
> My request was denied! I'm blown away by this. Was I asking too much? |
15 |
> |
16 |
> - Grant |
17 |
|
18 |
You are probably asking more than their terms of service *require* them to |
19 |
provide, especially if they don't believe the leaked information was used for |
20 |
any nefarious activity. |
21 |
However a reasonable webhost who accepts responsibility for its mistakes and |
22 |
values its customers would probably grant such a request as a gesture of |
23 |
goodwill - unless they were worried about opening the floodgates for every |
24 |
customer to request such treatment, a scenario which would likely leave them |
25 |
unable to comply even if they wanted to. |
26 |
As a side note, although I agree with all the comments about 'never been sure' |
27 |
a system is still clean, did you check whether there was actually any root |
28 |
logins to your server not from your IP since the breach? If I was in your |
29 |
situation and could confirm that no root logins occurred (via ssh, ftp, |
30 |
cpanel, whatever else is running) from other ip's I'd probably rest easy just |
31 |
changing my password. |
32 |
|
33 |
- Noven |
34 |
-- |
35 |
>-- Novensiles divi Flamen --< |
36 |
>---- Miles Militis Fons ----< |
37 |
-- |
38 |
gentoo-user@g.o mailing list |