[dundee] Recent WHT down time - Warning Nasty Hack, well worth a read cunning little ba.......

lug at seany.us lug at seany.us
Thu Mar 26 16:17:07 UTC 2009


Hopefully that is them restoring it.

Being a WHT premium member I was saddened by this :(

I'm positive if they used Pull backups (ie, BackupPC) rather than push that the hackers could have probably never gained access to the backups?

Isn't having an offsite machine with no inbound access (iptables drops everything inbound as does hardware firewall) with only physical console access possible a sure way to keep backups?

Regards,
Sean McRobbie

----- Original Message -----
From: "Robert Ladyman" <it at file-away.co.uk>
To: "Tayside Linux User Group" <dundee at lists.lug.org.uk>
Sent: Thursday, 26 March, 2009 16:10:30 GMT +00:00 GMT Britain, Ireland, Portugal
Subject: Re: [dundee] Recent WHT down time - Warning Nasty Hack, well worth a read cunning 	little ba.......

And just as I was reading, a message came up...

--------------
 WebHostingTalk.com is currently down for maintenance.

 Thank you for your patience,

 WebHostingTalk.com Team

Oh dear
-----------

On Thursday 26 March 2009 16:04:59 Robert Ladyman wrote:


> Hmmm...interesting that the culprit went straight to the backup servers:
> how would they know where they were - inside information / social
> engineering? It shouldn't have been publically accessible, surely.
>
> On Thursday 26 March 2009 15:57:52 Arron Finnon wrote:
> > http://www.webhostingtalk.com/showthread.php?t=729362
> >
> > Just come across this and i thought it worthy of a post.  Its a post
> > in the WebHostingTalk forum explaining their recent downtime.  Due to
> > backup servers being used in a deliberate, and planned attack.  Its
> > actually quite interesting.
> >
> > Hope someone enjoys, and remember your backup is coming to get you
> > whaahaahaahaaaaaa
> >
> > _______________________________________________
> > dundee GNU/Linux Users Group mailing list
> > dundee at lists.lug.org.uk  http://dundee.lug.org.uk
> > https://mailman.lug.org.uk/mailman/listinfo/dundee
> > Chat on IRC, #tlug on dundee.lug.org.uk

-- 

Robert Ladyman
File-Away Limited, 32 Church Street, Newtyle
Perthshire, PH12 8TZ SCOTLAND
Registered in Scotland, Company Number SC222086
Tel: +44 (0) 1828 898 158
Mobile: +44 (0) 7732 771 649
http://www.file-away.co.uk


_______________________________________________
dundee GNU/Linux Users Group mailing list
dundee at lists.lug.org.uk  http://dundee.lug.org.uk
https://mailman.lug.org.uk/mailman/listinfo/dundee
Chat on IRC, #tlug on dundee.lug.org.uk



More information about the dundee mailing list