1 |
> > > As I have previously posted about, my host sent me an email a few days |
2 |
> > > ago stating that support tickets for 5,000-6,000 of their clients had |
3 |
> > > been broken into. I checked my records and found that my root |
4 |
> > > password had previously been submitted in a support ticket. I then |
5 |
> > > decided I needed to reinstall my system. |
6 |
> > > |
7 |
> > > I requested that my host allow me access to a second machine for 2-5 |
8 |
> > > days while I switch over to a clean system, after that I would turn |
9 |
> > > the old system over to them and continue with the new system. |
10 |
> > > |
11 |
> > > My request was denied! I'm blown away by this. Was I asking too |
12 |
> > > much? |
13 |
> > > |
14 |
> > > - Grant |
15 |
> > |
16 |
> > Would it be unreasonable to tell us who this host is? I want to make |
17 |
> > sure I don't host any sites on their system; if they can't secure their |
18 |
> > work tickets, what makes anybody think they can secure anything else? |
19 |
> |
20 |
> I'm taking a guess it's these guys: |
21 |
> http://www.theregister.co.uk/2007/09/19/layered_technologies_breach_disclosure/ |
22 |
> |
23 |
> - Noven |
24 |
|
25 |
Bingo. They sent me another message with an offer that could be what |
26 |
I asked for. It was vague. I replied and lookie here: |
27 |
|
28 |
----- The following addresses had permanent fatal errors ----- |
29 |
"|/usr/local/sbin/cerberus /usr/local/etc/config.xml FATAL |
30 |
/var/log/cerberus.log" |
31 |
|
32 |
I guess that means they're working on the system. I'll try to send again. |
33 |
|
34 |
- Grant |
35 |
-- |
36 |
gentoo-user@g.o mailing list |