New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Hope RAMNODE is OK.
NEVER do that to anyone. If Hitler was alive I wouldnt DDoS his Mein Kampf page.
There is a saying here: Ce tie nu-ti place, altuia nu face, meaning what you dont like dont do to another. Violence breeds violence.
BTW, anyone knows what the cvps solus vulnerability was ?
On another note, this is one of the important reminders that you need to remove anything you dont use/need, reducing attack surface is a key component of any security policy.
@maounique - yeah I realised a fews seconds later that I said something stupid so edited, but I guess a few ppl saw it :-(
BTW: edited
I wonder what liability clauses are in the SolusVM licence..... or what custom agreements large hosts might have worked out. It was this kind of thing that killed HyperVM after all.
Software EULAs usually include an 'even if we fuck up totally, you don't get anything from us' clause.
No, it was the stupidity of some people that think open source is insecure because hackers can get the source and that only paid for software is secure, windows being perhaps the only exception.
Guess what, people, EVERYTHING can be hacked. Everyone makes mistakes, and even without them, there can still be flaws.
Now, dont ask me to provide a PoC on "Hello World !" programs :P
The same liability clause that Microsoft includes in its buggy full-o-vulnerabiliies software products "tough shit enduser"
I was refering to the mass hacking fiasco that resulted in the unfortunate circumstance (regardless of the crap code etc). Anyway its a bit off topic :P
Would have expected SolusVMs site to have a big warning on it by now, or have they done a mass email or something?
They have, here's the email we received:
Soluslabs Ltd Sunday, June 16, 2013
12:58:28 PM GMT 0
Dear Adam Gunderson (IPXcore LLC),
PLEASE READ THIS INFORMATION CAREFULLY. THIS INFORMATION IS RELEVANT TO ALL VERSION OF SOLUSVM, INCLUDING BETA VERSIONS.
In the last few hours a security exploit has been found. This email is to inform you of a temporary fix to eliminate this exploit whilst the issue is patched and transferred to our file servers for release.
Instructions:
You will need root SSH access to your master server. You are then required to delete the following file:
/usr/local/solusvm/www/centralbackup.php
Example:
rm –f /usr/local/solusvm/www/centralbackup.php
Once the file is deleted the exploit can no longer be used. This file only exists on the master server and the slaves will not be affected.
You will receive a follow-up email once the patch versions are available.
Regards,
Soluslabs Security Team
they issued a warning on their blog and twitter about 2 hours ago
http://blog.soluslabs.com/2013/06/16/important-security-alert-all-solusvm-versions/
Conclusion I'd be drawing is that someone really has it in for Robert and is trying to frame him. Wasn't it only last month that his name and photo was left all over a bunch of hacked government websites? Remember this thread?
Indeed, I've watched him antagonize skids (and everyone else....) on IRC. You'd think that he'd learn by now that by putting his head in the lion's mouth, he's going to get bitten....
That's true @DomainBop. Although his hatred for Nick is always hanging out there with no subtlety. I'll reserve judgement, but if he is responsible I hope he pays to the furthest extent possible for a minor in the US.
I have a creeping feeling it may be Robert although I really hope it wasn't him and he's not that dumb, and basically what @jarland said. ;-)
('',3792,6016,'Central Backup Delete','Complete','1371375190','50.46.111.187','','2013-06-16 09:33:10'),
http://bgp.he.net/ip/50.46.111.187
That's his IP, right near MS HQ where Daddy lives.
Looks like this time he'll legitimately be v&
Fortunately we aren't affected by this and fixed it as soon as we got the email. Best of luck to RamNode >,< Some serious scum to do something to a provider like that.
Not posting here, might have nothing to do with it. It is Sunday, maybe he is out playing, swimming, skating, whatever.
Any statement from Robert yet?
Nah, he conveniently dissapeared after people suspected it was him.
With the above information, I'd advise his parents not to allow him to make any statements. This looks quite serious.
Nick is on it, via his twitter. From the looks of things he has a lot of work to do. I am sure he will update ASAP.
It's also possible his parents told him to go play outside...
Remember the attacker had SQL access, that data could be planted.
EDIT: I should probably not that I am not sticking up for Robert directly. I am just a strong believer in innocent until proven guilty.
Going to be a heated day in the Clarkezone.
Everett, WA reverse IP + Robert's [Head Shoe] Pictures = James better call a lawyer ASAP.
This is seriously serious thing.Hope ramnode keeps the hacked server for forensics and report to police.
So I guess while we're waiting for Robert to come up with an excuse we can all enjoy this nice picture of him:
I also dont like circumstantial evidence when we all KNOW he was framed before.
If Jack could get his skype ip, everyone could.
No matter how bad it looks, every man, woman or child (collectively human beings) have the right to be presumed innocent until proven guilty.
Heck, it is valid for animals too...
On the other hand, if he is guilty indeed, then it is bad, but I would still blame it on his age.
THIS
+1
And THIS is why I use a skype proxy.
Is it normal to be a big shithead at his age, because I don't recall me or any of my peers being as bad as him?
Hmm I guess I worded that poorly
I'm just super anal about my IP and how easy it is to pull up via Skype resolvers.