Head Guru Posted December 22, 2010 Share Posted December 22, 2010 Hey TCH Family, I wanted to let everyone know that we did a complete round of unplanned server reboots. This was prompted by a root exploit that we found in one of our dedicated server clients. The clients server was compromised and this lead us to determine the cause and entry point. Once this was done, I made the choice to do kernel and software upgrades to patch this unreleased to the public exploit and reboot all the servers in the Data Center. It is now 7:15am and we have just completed the last of the reboots. I am confident that this was the correct thing to do, our team always is taking measures to secure our servers and this is just another point in case. As always if you have any concerns or questions please do feel free to let us know. Thank you for your continued support and Merry Christmas to everyone. Link to comment Share on other sites More sharing options...
Pony99CA Posted December 27, 2010 Share Posted December 27, 2010 If this exploit was unknown to the public, did you forward it to the appropriate software developers and/or reputable security agencies? I'd be curious in knowing what component was exploited (obviously you can't release the details of how the exploit was done). Steve Link to comment Share on other sites More sharing options...
Head Guru Posted January 1, 2011 Author Share Posted January 1, 2011 Steve, The exploit was in fact forwarded to the proper people, that is our SOP here. Merry Xmas Link to comment Share on other sites More sharing options...
Pony99CA Posted January 3, 2011 Share Posted January 3, 2011 The exploit was in fact forwarded to the proper people, that is our SOP here. That's good. Can we have any information on what component (high-level -- PHP, Apache, a forum, etc.) was compromised? It will help us determine whether or not we have anything to worry about. Thanks, Steve Link to comment Share on other sites More sharing options...
Head Guru Posted January 3, 2011 Author Share Posted January 3, 2011 I will gladly release the details once the patch is released by the software vendor. Link to comment Share on other sites More sharing options...
Pony99CA Posted August 24, 2011 Share Posted August 24, 2011 A spammer's post triggered an update notification about this. Was the problem's cause ever described here? I'm still curious what it was. Thanks, Steve Link to comment Share on other sites More sharing options...
Recommended Posts