[NBLUG/talk] My sad VPS story
micxz at micxz.com
Wed Jul 13 23:07:42 PDT 2011
-----BEGIN PGP SIGNED MESSAGE-----
> As requested, the slides from my talk last night are posted on my website:
Cool thanks for that Frank.
I'd like to share my sad story of moving from dedicated server to VPS
at Hostgator. It's slightly off topic (re-threading) and a long story
so I will give you guys the short version:
- - I purchased a VSP server
- - Tried to migrate my sites/mail etc with Plesk software that failed
- - Because the failed migration messed up the Plesk database my
provider said the only way would be to re image the VPS.
- - After re-imaging there was an issue with mysql password.
- - A Linux admin at my provider logged in reset the pass without
restarting the server normally.
- - I was unaware of this as I continued to work on migration.
- - For just over 24hr mysql was running (skip-grant-tables) with a hole
in the firewall for all public to access.
- - Someone updated the admin password for Plesk setup a cron job for
root to create user "sendmail" with uid 0 and logged in and proceeded
to install a rootkit!
If you would like the long version you can view it here:
A week of real stress having to deal with the compromise, migration &
explain this to all my clients. I've been hosting for many years this
is the first (hopefully last) for me actually getting r00ted. My
provider has apologized many times over and has credited my account
for months to come. I felt violated. Anyhow thanks for listening and
now it's back to R/L.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
More information about the talk