Linode Forum :: Linoded compromised for "Outbound DoS"

I do have backups (by linode), however they told me that I still need to redeploy. They have shut off my vps temporarily and I have since experienced damages from lost income and advertising efforts and expenses which cannot be paused temporarily.

1) Where's your original programmer?

3) If this is a money making venture, you need a sysadmin to deal with things like this. No, not your 16 year old nephew, or that "geek kid next door".

4) Learn how things work, yourself, so you don't need #3 anymore.

Can someone find out who compromised my linode? I am somewhat reluctant to foot the bill for damages caused by someone else.

Author:	linqueue [ Sun Dec 05, 2010 6:24 pm ]
Post subject:	Linoded compromised for "Outbound DoS" - Need to R
Linode.com contacted me on Saturday about an outbound DoS that occured from my linode. It seems that my linode was compromised. Linode then asked me to redeploy. However, I had a programmer set up my linode initially (this was over 2 years ago), and I do not feel comfortable doing it myself. Would someone give me a hand? I need my linode for several wordpress blogs and had virtualmin and webmin installed (I know these two to handle simple mysql issues, etc.). Can someone find out who compromised my linode? I am somewhat reluctant to foot the bill for damages caused by someone else. I hope I can find help here. Thanks for your comments, guys.

Author:	vonskippy [ Sun Dec 05, 2010 6:33 pm ]
Post subject:
This guy over on SliceHost seems to have a good reputation and following (that is of course if you can't find a fellow Linode-r to help you out). http://forum.slicehost.com/comments.php ... ionID=4628

Author:	linqueue [ Sun Dec 05, 2010 6:37 pm ]
Post subject:
What amount do you believe will be fair for him to charge me?

Author:	vonskippy [ Sun Dec 05, 2010 6:47 pm ]
Post subject:
7 billion pickled herrings No clue - that thread states he's fair, quick, and reliable - none of which I can personally vouch for (not having ANY OTHER knowledge of that person except for that thread). He'll charge what he charges - it's up to you to decide if it's worth it TO YOU or not. If you can't afford (or are unwilling) to farm out sysadmin stuff, then it's best to roll up your sleeves and learn the basics yourself. It's not rocket science (although hardening a server seems to be something you really REALLY need to work on). Also, learn to BACKUP! If you had a backup (i.e. bare metal recovery) we wouldn't be having this conversation. Documenting a bare metal recovery is a standard practice for any server admin.

Author:	linqueue [ Sun Dec 05, 2010 6:57 pm ]
Post subject:
I do have backups (by linode), however they told me that I still need to redeploy. They have shut off my vps temporarily and I have since experienced damages from lost income and advertising efforts and expenses which cannot be paused temporarily.

Linode Forum https://forum.linode.com/

Linoded compromised for "Outbound DoS" - Need to R https://forum.linode.com/viewtopic.php?f=19&t=6360	Page 1 of 1

Author:	boxedlogs [ Mon Dec 06, 2010 11:31 am ]
Post subject:
linqueue wrote: I do have backups (by linode), however they told me that I still need to redeploy. They have shut off my vps temporarily and I have since experienced damages from lost income and advertising efforts and expenses which cannot be paused temporarily. No offense but: 1) Where's your original programmer? 2) If he's gone, get him back. 3) If this is a money making venture, you need a sysadmin to deal with things like this. No, not your 16 year old nephew, or that "geek kid next door". 4) Learn how things work, yourself, so you don't need #3 anymore.

Author:	linqueue [ Mon Dec 06, 2010 11:35 am ]
Post subject:
Quote: 1) Where's your original programmer? In India I lost his contact info - never had the need to contact him again. After he had set up the linode, I was fine administering the sites through virtualmin/webin and wordpress. WAS. I guess I'm not anymore. Quote: 3) If this is a money making venture, you need a sysadmin to deal with things like this. No, not your 16 year old nephew, or that "geek kid next door". Makes a few hundred $$ a month, not much. Quote: 4) Learn how things work, yourself, so you don't need #3 anymore. I will put my best foot forward in learning things myself. As for the time being, getting the sites back up as soon as possible is my priority.[/quote]

Author:	obs [ Mon Dec 06, 2010 6:10 pm ]
Post subject:	Re: Linoded compromised for "Outbound DoS" - Need
linqueue wrote: Can someone find out who compromised my linode? I am somewhat reluctant to foot the bill for damages caused by someone else. I doubt you'll be able to find out "who" as in Joe Bloggs, but you might be able to find an IP address, then email the abuse@serviceprovider and pray they do something. Do you have any idea how it was compromised, what's running on the server?

Page 1 of 1	All times are UTC-04:00
Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/