Jump to content


Photo

Unplanned Reboots


  • Please log in to reply
5 replies to this topic

#1 Head Guru

Head Guru

    Bill Kish Head Guru

  • Admins
  • PipPipPipPip
  • 6,878 posts

Posted 22 December 2010 - 07:18 AM

Hey TCH Family,

I wanted to let everyone know that we did a complete round of unplanned server reboots. This was prompted by a root exploit that we found in one of our dedicated server clients. The clients server was compromised and this lead us to determine the cause and entry point. Once this was done, I made the choice to do kernel and software upgrades to patch this unreleased to the public exploit and reboot all the servers in the Data Center.

It is now 7:15am and we have just completed the last of the reboots.

I am confident that this was the correct thing to do, our team always is taking measures to secure our servers and this is just another point in case.

As always if you have any concerns or questions please do feel free to let us know.

Thank you for your continued support and Merry Christmas to everyone.

Bill Kish

Head Cook and Bottle Washer

If you need help with your account or have any questions, please feel free to contact me using any of the contact methods below.  I can be reached 24 hours a day seven days per week.

Office :: 800-930-0485 x211
Mobile :: 248-632-3243

email: bill(at)totalchoicehosting.com

Instant Messenger -
AOL Instant Messenger: tchgurubill
Yahoo Messenger : tchgurubill
MSN Messenger : tchgurubill@hotmail.com

Thank you for your support and continued business


#2 Pony99CA

Pony99CA

    Family Friend

  • Members
  • PipPip
  • 77 posts

Posted 26 December 2010 - 09:41 PM

If this exploit was unknown to the public, did you forward it to the appropriate software developers and/or reputable security agencies?

I'd be curious in knowing what component was exploited (obviously you can't release the details of how the exploit was done).

Steve
Silicon Valley Pocket PC
http://www.svpocketpc.com

#3 Head Guru

Head Guru

    Bill Kish Head Guru

  • Admins
  • PipPipPipPip
  • 6,878 posts

Posted 01 January 2011 - 02:45 PM

Steve,

The exploit was in fact forwarded to the proper people, that is our SOP here.

Merry Xmas

Bill Kish

Head Cook and Bottle Washer

If you need help with your account or have any questions, please feel free to contact me using any of the contact methods below.  I can be reached 24 hours a day seven days per week.

Office :: 800-930-0485 x211
Mobile :: 248-632-3243

email: bill(at)totalchoicehosting.com

Instant Messenger -
AOL Instant Messenger: tchgurubill
Yahoo Messenger : tchgurubill
MSN Messenger : tchgurubill@hotmail.com

Thank you for your support and continued business


#4 Pony99CA

Pony99CA

    Family Friend

  • Members
  • PipPip
  • 77 posts

Posted 03 January 2011 - 02:36 AM

The exploit was in fact forwarded to the proper people, that is our SOP here.

That's good. Can we have any information on what component (high-level -- PHP, Apache, a forum, etc.) was compromised? It will help us determine whether or not we have anything to worry about.

Thanks,
Steve
Silicon Valley Pocket PC
http://www.svpocketpc.com

#5 Head Guru

Head Guru

    Bill Kish Head Guru

  • Admins
  • PipPipPipPip
  • 6,878 posts

Posted 03 January 2011 - 12:02 PM

I will gladly release the details once the patch is released by the software vendor.

Bill Kish

Head Cook and Bottle Washer

If you need help with your account or have any questions, please feel free to contact me using any of the contact methods below.  I can be reached 24 hours a day seven days per week.

Office :: 800-930-0485 x211
Mobile :: 248-632-3243

email: bill(at)totalchoicehosting.com

Instant Messenger -
AOL Instant Messenger: tchgurubill
Yahoo Messenger : tchgurubill
MSN Messenger : tchgurubill@hotmail.com

Thank you for your support and continued business


#6 Pony99CA

Pony99CA

    Family Friend

  • Members
  • PipPip
  • 77 posts

Posted 24 August 2011 - 10:43 AM

A spammer's post triggered an update notification about this. Was the problem's cause ever described here? I'm still curious what it was.

Thanks,
Steve
Silicon Valley Pocket PC
http://www.svpocketpc.com




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users