| 1 |
> > > As I have previously posted about, my host sent me an email a few days |
| 2 |
> > > ago stating that support tickets for 5,000-6,000 of their clients had |
| 3 |
> > > been broken into. I checked my records and found that my root |
| 4 |
> > > password had previously been submitted in a support ticket. I then |
| 5 |
> > > decided I needed to reinstall my system. |
| 6 |
> > > |
| 7 |
> > > I requested that my host allow me access to a second machine for 2-5 |
| 8 |
> > > days while I switch over to a clean system, after that I would turn |
| 9 |
> > > the old system over to them and continue with the new system. |
| 10 |
> > > |
| 11 |
> > > My request was denied! I'm blown away by this. Was I asking too |
| 12 |
> > > much? |
| 13 |
> > > |
| 14 |
> > > - Grant |
| 15 |
> > |
| 16 |
> > Would it be unreasonable to tell us who this host is? I want to make |
| 17 |
> > sure I don't host any sites on their system; if they can't secure their |
| 18 |
> > work tickets, what makes anybody think they can secure anything else? |
| 19 |
> |
| 20 |
> I'm taking a guess it's these guys: |
| 21 |
> http://www.theregister.co.uk/2007/09/19/layered_technologies_breach_disclosure/ |
| 22 |
> |
| 23 |
> - Noven |
| 24 |
|
| 25 |
Bingo. They sent me another message with an offer that could be what |
| 26 |
I asked for. It was vague. I replied and lookie here: |
| 27 |
|
| 28 |
----- The following addresses had permanent fatal errors ----- |
| 29 |
"|/usr/local/sbin/cerberus /usr/local/etc/config.xml FATAL |
| 30 |
/var/log/cerberus.log" |
| 31 |
|
| 32 |
I guess that means they're working on the system. I'll try to send again. |
| 33 |
|
| 34 |
- Grant |
| 35 |
-- |
| 36 |
gentoo-user@g.o mailing list |
Archives