Linode Forum
Linode Community Forums 		 FAQFAQ    SearchSearch    MembersMembers      Register Register 
 LoginLogin [ Anonymous ] 
Post new topic  Reply to topic

Board index » Linode.com Related Forums » Feature Request/Bug Report
  Previous topic | Next topic 
Author Message
sednet
PostPosted: Sun Mar 25, 2012 4:21 am 
Offline
Senior Member
User avatar

Joined: Wed Mar 17, 2004 4:11 pm
Posts: 554
Website: http://www.unixtastic.com
Location: Europe
Was there ever an update to the customer support portal issue that allowed a few sites to get hacked? If so I could not find it.

I would really like to know what exactly happened there.

I refer to this:
http://pastebin.com/UW7iT5fj
http://pastebin.com/6sSk00js

EDIT:
Ok, I found this:
http://status.linode.com/2012/03/manage ... ident.html

It doesn't describe how the attacker got a working customer support login in the first place, or how the attacker knew what machines to attack.
Top
   
Reply with quote  
Nuvini
 Post subject:
PostPosted: Sun Mar 25, 2012 5:16 am 
Offline
Senior Member

Joined: Fri Feb 17, 2012 8:20 pm
Posts: 365
They said they were still gonna do an announcement on March 9:
Quote:
Since last week, we've been completely consumed with evaluating, discussing, debating, planning, etc, ways in which we can do better. This was a learning experience for us and Linode will only improve because of it. Hoping to have an announcement soon covering the results of these efforts.


However, as of today there hasn't been one yet. Hopefully soon, though.
Top
   
Reply with quote  
obs
 Post subject:
PostPosted: Sun Mar 25, 2012 7:18 am 
Offline
Senior Member

Joined: Sun Mar 07, 2010 7:47 pm
Posts: 1970
Website: http://www.rwky.net
Location: Earth
I suspect the linode manager/api maintenance over the past few days may have something to do with why there's no announcement yet. They're busy changing things making them more secure then they'll make an announcement.

Of course this is pure speculation.

_________________
Paid support
How to ask for help
1. Give details of your problem
2. Post any errors
3. Post relevant logs.
4. Don't hide details i.e. your domain, it just makes things harder
5. Be polite or you'll be eaten by a grue
Top
   
Reply with quote  
sednet
 Post subject:
PostPosted: Sun Mar 25, 2012 9:58 am 
Offline
Senior Member
User avatar

Joined: Wed Mar 17, 2004 4:11 pm
Posts: 554
Website: http://www.unixtastic.com
Location: Europe
obs wrote:
I suspect the linode manager/api maintenance over the past few days may have something to do with why there's no announcement yet. They're busy changing things making them more secure then they'll make an announcement.


If there is some issue with the Linode manager this could well happen again, or maybe it has happened before. BitCoin sites will complain loudly when things like this happen but most people won't.

If I'm given no information I tend to think the worst. I don't think I'm alone in that.
Top
   
Reply with quote  
hoopycat
 Post subject:
PostPosted: Sun Mar 25, 2012 12:23 pm 
Offline
Senior Member
User avatar

Joined: Sat Aug 30, 2008 1:55 pm
Posts: 1739
Location: Rochester, New York
sednet wrote:
BitCoin sites will complain loudly when things like this happen but most people won't.

If I'm given no information I tend to think the worst. I don't think I'm alone in that.


The worst obviously didn't happen, because we're all still here. :-)

In this particular case, there were obvious and blatant indications that something bad happened: changing the root password required a reboot and multiple entries in the job log. Failure to notice or investigate unexpected reboots is probably pretty common, though.

Outside of the job queue and status information, there is likely complete isolation between the Linode Manager and the hosts themselves, limiting to the scope of any manager breach. This is a significant limitation when developing new features, but it could have been much much much worse...

(Cheap plug: a script to e-mail you the contents of your node's job queue on boot.)

_________________
Code:
/* TODO: need to add signature to posts */
Top
   
Reply with quote  
sednet
 Post subject:
PostPosted: Sun Mar 25, 2012 1:03 pm 
Offline
Senior Member
User avatar

Joined: Wed Mar 17, 2004 4:11 pm
Posts: 554
Website: http://www.unixtastic.com
Location: Europe
hoopycat wrote:
The worst obviously didn't happen, because we're all still here. :-)


We are, how about the multinational companies who never post on this forum?

Until we get an accurate and complete update from Linode it's all just guesswork.
Top
   
Reply with quote  
hoopycat
 Post subject:
PostPosted: Sun Mar 25, 2012 4:31 pm 
Offline
Senior Member
User avatar

Joined: Sat Aug 30, 2008 1:55 pm
Posts: 1739
Location: Rochester, New York
sednet wrote:
Until we get an accurate and complete update from Linode it's all just guesswork.


Pretty much, yeah. My info is nothing but an educated guess. -rt

_________________
Code:
/* TODO: need to add signature to posts */
Top
   
Reply with quote  
Display posts from previous:  Sort by  
Post new topic  Reply to topic

Board index » Linode.com Related Forums » Feature Request/Bug Report


Who is online

Users browsing this forum: No registered users and 2 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
RSS

Powered by phpBB® Forum Software © phpBB Group