[Gllug] Re: Insecure practices at my ISP
Alain Williams
addw at phcomp.co.uk
Fri Apr 4 10:29:25 UTC 2003
On Fri, Apr 04, 2003 at 10:56:08AM +0100, Adam Bower wrote:
> Jason Clifford writes:
>
> > On Thu, 3 Apr 2003, Garry Heaton wrote:
>
> > Have you contacted PlusNet to tell them of your concerns? They are a
> > reputable company so they should be receptive.
>
> I informed them of the same/similar security problem when I was a customer
> of theirs, this was well over 2 years ago (bad permissions on directories)
> and also of a linux kernel ptrace (or similar) vulnerability and a few other
> packages not being up to date on their server.
>
> They didn't believe me at first and challenged me to prove the claim, I then
> uploaded an example script and told them to run it which they did and the
> comment was something along the lines of "Oh well I don't think we will
> worry about that, its not really a big problem" they were no longer my
> hosting co. about an hour after that.
I trust that you let them know *why* you left them.
--
Alain Williams
#include <std_disclaimer.h>
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list