New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
You would blame it on his age? I know there are a few people that are similar age to him and have a little bit of common sense, and I'm one of them, heck I'm probably a month or so younger than him.
I don't think so, Robert has shown in the past that he might not be the smartest one around.
Looks like some RamNode servers are offline, one of my two are offline, hope @Nick_A can pull this around, what sort of bastard does this? I'd expect Nick to follow this through the justice system, if there's a log saying that he's elevated himself, then that's good enough to fuck him over on the Computer Misuse Act...
Good luck.
And THIS is why I install Skype BETA and select this:
Certainly, and the judge would probably give him a lighter sentence because of his age.
Too bad Skype beta still has ways to resolve your IP if you know what you're doing. It's not really fixed.
You mean, having me in your contacts and calling me (packet sniffing) or using the debug version of skype and view my profile as a contact and my IP shall be in your log files.
He probably was excited becuase he finally got some power
LET needs drama.
Well this is something real,far from drama
@Jarland
You're right. His parents would get it in the neck.
Maybe, maybe not.Everybody is innocent until proven guilty.
Nick_A> Ok, please do not start sending me a bunch of questions or PMs. As you are all aware, this has been a nightmare for me. Robert Clarke ran the SolusVM exploit on our control panel early this morning. Someone, him or someone else, then logged into several nodes and wiped data. Some nodes are completely fine, some are completely trashed, and some are in between. I am restoring SolusVM (patched), then our we
bsite, then any backups of VPSs still down.
Seems to me that there's already been a lot of circumstantial evidence already built up.
Yes, it has been pretty much confirmed by Nick that it's Robert.
Woah!
Someone just won the olympic gold medal for stupidity. Seriously, you thought it was a good idea to run that exploit using your account with personal information and ip that can locate you?
I don't know whats worse, that this kid has a hosting service or that he actually has some paid clients.
With ethics like that I wouldn't be surprised if he logs in to his clients vps for shits and giggles.
Accusing someone without a proven court order is also against law.
@pavs As uninterested as I am in drama (far more interested in seeing charges pressed), I have to agree. I expect to see servercrate sold off by its real owners, if there is an ounce of respect for their own reputation as a family. Kids do dumb things, it happens, but there is a point where a line has been crossed and the consequences must be dealt with.
Consequences will never be the same.
Nick_A: It was definitely him who hacked us. He has admitted it to me personally. I don't know who actually destroyed data yet.
How so? Suing somone is accusing them of something. Your statement would mean that one would have to get a court order in order to sue someone.
I guess Robert can be sued depending on how much damages have been done. Both to RamNode and their clients. I mean, what if people are running their own businesses on their VPS with RamNode?
I guess the free provider Host1Free is affected as well. Their solus interface is down as well their VPS as per their IP ranges / reports.
That reminds me to increase the frequency of my backup cron.
Accusing is OK, saying it is them without proof is slander.
I still think he was framed again (i.e. name and IP planted in DB) until definitively proven otherwise, but if you want to define "it: as his attitude in general I would blame it on him being a spoiled brat
No, the way the justice system works in the US, his parents' money would buy his way out of trouble and he'd get a slap on the wrist and the court records would be sealed when he hit 18
the node my VPS is on is still down so I'm assuming it's on one of those nodes
I can estimate a minimum amount of 30K in this case.
Nick already stated that Robert indeed ran the exploit just doesn't say if he drop/destroy those vps data
http://pastebin.com/PtEZiSSW
Solus email released:
PLEASE READ THIS INFORMATION CAREFULLY. THIS INFORMATION IS RELEVANT TO ALL VERSIONS OF SOLUSVM, INCLUDING BETA VERSIONS.
A security update has now been released for the Stable and Beta versions of SolusVM. We advise you to make this update as soon as possible.
To run the update you can either do it from within the SolusVM admin area or from CLI on the master server. To preform the update from CLI the commands differ depending on the version of SolusVM you are running.
Stable version:
/scripts/upcp
Beta version:
/scripts/upcp-beta
Once the update is complete you will have the patched system.
We have included the original instructions in this email that were given when the exploit was announced and before we released the patched updates. If you feel the need to remove the originally exploited file after the update you can do the following:
Instructions:
You will need root SSH access to your master server. You are then required to delete the following file:
/usr/local/solusvm/www/centralbackup.php
Example:
rm –f /usr/local/solusvm/www/centralbackup.php
Due to this exploit we are conducting a full audit of the SolusVM client area code. The audit is already underway and any updates, if needed will be released in quick succession.
A full explanation of this exploit will be released in due course. We will also be reviewing the release status of version 1.14 due to the advanced security features it already contains.
Thank you for your continued support and apologies for any inconvenience caused.
Regards,
Soluslabs Security Team
On Fathers Day, it is a really d-bag move by whoever did it. I feel for RamNode (Nick). If there was something I could do, I'd do it.
I just put a company website on ramnode the other day. Performance was exceptional, price was unbelievable. Didn't have time yet to put any real measures into place for something like this. This morning I woke up to pingdom telling me the site was down. Once I saw how sever this was I had to configure another LEB I had and move the site over before the company noticed. Of course I didn't have a good backup so I had to tweak the site again and figure out why certain things weren't functioning (like mail forms). Not a big deal but enough to piss me off this morning.