04/10/2009
Epic fail from a hosting company involving bad customer support and a critical security issue
To cut the story as short as possible let’s say that someone rents some dedicated servers somewhere in a big hosting company. I occasionally do some administrative tasks for him.
A server stopped responding and was unbootable on October 1st, one disk had crashed, then the hosting company did a huge mistake, I notified them about it and then they did another even bigger mistake (security issue) on the next day, October 2nd. I re-notified them about it…
So you can either read the whole story or if you are only interested on the security issue, skip the first day and go straight to October 2nd.
Some details, the server had 2 disks, sda with the OS (Debian 4.0) with Plesk control panel and sdb which had some backup files.
October 1st 2009:
10:10 I got a telephone call to help on that server because it looked dead and it couldn’t even be rebooted from the hosting’s company control panel.
10:15 I contacted the company’s support by email and notified them of the problem.
(more…)
Filed by kargig at 13:29 under Linux
Tags: compromise, customer support, debian, fail, hard disk, Linux, lsattr, password, plesk, rootkit, security, shv4, shv5, trojan, ttyload, ttymon, vulnerability
6 Comments | 20,491 views