New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
ChicagoVPS database leaked? ChicagoVPS customers - change your root passwords immediately!
This discussion has been closed.
Comments
Haven't seen the dump, don't really want to. Say ratios I saw in the thread that had them 50 something per node. Probably read it wrong then.
You were misinformed on the amount of promised RAM and the node's specs then ;-)
I thought is was 2GB a pop... hence my conclusion that it was crap
Adding the numbers posted here I would agree with that. I don't know what hardware they use though. Honestly it sounds to me like Jeremiah may not have been that great of a system administrator. Are they better now? I don't know. Maybe.
I've jumped on their case a lot but even I have to say sometimes, enough is enough. This is all old information from an old problem that has already been discussed at jaw dropping length. It sounds like Kevin is taking the appropriate measures today, no one can deny that from his words, whether or not the "easy passwords" language is figured in.
3 outages in 2 weeks. First one was because of a DDoS attack and about an hour. Other two shorter than that. Machine seems fine, hd and processor specs are wonderful. Uptime sucks. Customer Service is all lies.
This is what I have been thinking. KVM in the lowend market just doesn't make sense. there is not enough meat left on the bone.
Can somebody show me how they make money of thier Lowend KVM lines.
If you were to take 150 vps and distribute the 2gb vps's evenly. Your still looking at
about 200% overselling. Regardless.
Still useful.
I suppose it depends what other plans you have on the node. We have a set package/node layout, we don't have one node for one package size etc.
He's taking the appropriate measures while blowing smoke up his customers' asses and claiming there's nothing to see here.
Maybe my expectations of low end providers are too high; what with wanting them to behave like real, responsible businesses.
I agree. Maybe my expectations are too high as well.
@GetKVM_Ash just spreading them out over all 150 nodes. I have seen how many 2gb plans are on each node. From that date and the numbers are astounding.
I was referring to your KVM question
No, you're not, and I hope they learn from it. The other day I had a failure in security surrounding my WHMCS and I had to send an unfortunate e-mail to clients outlining what I believed to be compromised and apologizing for my failure to put the same passion into the security of the billing software that I put into my nodes. I felt like trash. Later I discovered that the breach wasn't as bad as I thought, and no information was taken, copied, or even viewed, but I didn't take back my announcement simply because I still failed and I deserve the blame.
You are correct that people should own up to their mistakes, but more and more I'm feeling as though asking for that is a battle we're set to lose. Either way, Kevin has a better head on his shoulders than people give him credit for.
Size or ratio?
it works out x / 150 = 19 2gb vps per server!
That was with the amount of vps's they had at that time with the nodes they have now.
With the nodes they had then it is
x / 56 = 51 2gb vps per node
@GetKVM_Ash could you pm the layout. Just trying to wrap my head around the numbers.
That's an oxymoron
That's called marketing ;-)
@BronzeByte We won't be offering KVM anytime soon. Just trying to wrap my head around it.
@jarland: That sounds like exactly what I'd expect people to do, so thank you. I'm sure you had customers who may have been worried or pissed by the announcement, but that's an okay way for them to feel when they get that kind of email. I've gotten that email and felt those feels, but you also appreciate doing business with people who are adults and handle situations appropriately.
I'd never ditch a provider who sent me that email just for being honest. I'd absolutely cancel any provider who made up some shit, and I found out later what actually happened.
I've got no skin in this game. I was going to try CVPS back when they did their first big Christmas offer, but they flagged my order as fraud and deleted it without even emailing me to let me know what was happening. Their loss, and I dodged a bullet. The reason I'm commenting is that it pisses me off to see customers getting shit on, and people acting like they're being completely reasonable about it.
I'm always learning, and in this case always finding new information. In any case this is what I think I can infer, assume, and re-iterate what has fully happened.
In early Nov. 2012 a large attack commenced upon CVPS. I think this attack was disguised by a rather large ddos attack on the main control panel for the Chicago location, but this could be false. At some point during this attack someone was able to gain access and crack the main cp database using a brute force attack. After downloading the full database for the CP, the attacked then deleted the whole db causing most vps's to be deleted.
-- attack over.
After the attack CVPS staff begin recreating all instances and send out the first email: https://www.town-assembly.com/discussion/53/chicago-vps-attacked in which they say "brute force" attack. Which in this case is what I think happened as CVPS_Chris blamed an exploit, which I don't think it fully true on his part. Rather a disguise to there own stupidity.
-- All nodes restored and a few more emails sent.
Somewhere in the fray Shinkle leaves, gets fired, etc. and with him takes the largest and most intact information about the attack, yes I'm talking about in his brain and not in a glowing case. In any case new staff is brought in and another email is pushed out stating "In no way, has WHMCS been effected from this, so no customer personal information such as credit cards, emails, etc. has been stolen." Which I think is a clue that they knew that the other db was stolen. In any case the other db did contain email addresses, at least in my case. So the above statement was a total coverup on the CVPS team.
--- Today
It seems as of now that the full database has now been fully decrypted and published to the web. Only before supposedly someone tried to extort Chris, and works at Urpad. I don't like Urpad, but I really really doubt that this is the case, just a pawn to try and bring flack off the gents at CVPS. (They have already bent the truth before) In any case they reset the passwords fearing that the db may contain now unsalted passwords.
We are all rather lucky that we haven't all been hacked via the now available root passwords, but still this is a shitty situation.
/Just my opinion jents.
And console passwords :S
Root & console passwords are 2 way encrypted with 2 salts.
There's a static ~80 character salt that solus has in their crypt library and then there's the encryption key that's stored in each installs solus.conf file. This is why when you move/backup your DB, solus insists that you also backup that file because if you lose the encryption key, you have to blank a fairly large part of the database, as well as relink all your nodes.
I'm not entirely sure why node key/passes are also hashed given the nodes have an IP lock.
Francisco
Personally I really doubt that Urpad is behind this leak, I don't like or hate them nor use their service but I doubt they're stupid enough to ruin their reputation by leaking a competitor's DB, besides doing so isn't exactly going to gain them any clients....
Afaik, the encryption key is also floating around.
It's also leaked...
Chris is on some kick that I was the one behind it actually. Not sure if Kevin is saying the same, but I haven't talked to Kevin in forever and a day.
It should be known by now that I rarely talk out of my ass or lie about most things. I've known about the DB leak since last year when someone dumped their 'administrators' table to #frantech. If Chris didn't spend so much time trying to dick with us I would have taken the time to let him know so he could start properly addressing it.
Who knows how many people have been jacked over this since November.
I don't but for the sake of the clients i'm hoping it's as close to 0 as possible.
Best of luck to them, they need it.
Francisco
.... oi.
Francisco
Somebody ruining CVPS by going in consoles and corrupting stuff for example? ;-)
That would certainly be really nasty...
Don't give people ideas please.
If the root passwords really are floating and people didn't swap them, there's going to be a lot of shit hitting the fan and soon.
Francisco