Peršokti į turinį
  • ŽAIDIMAI
  • , ŽAIDIMAI
  • ŽAIDIMAI

Ši tema yra neaktyvi. Paskutinis pranešimas šioje temoje buvo prieš 5574 dienas (-ų). Patariame sukurti naują temą, o ne rašyti naują pranešimą.

Už neaktyvių temų prikėlimą galite sulaukti įspėjimo ir pranešimo pašalinimo!

Recommended Posts

Atsitiko siaubingas dalykas kurio turbūt niekas nesitikėjome... Nulaužtas serveris kuriame talpinome visus savo duomenis. Nukentėjo per 100000 tinklapių kuriems buvo nušluoti visi failai ir t.t. Plačiau apie tai čia. Šiaip ne taip atkasiau gana senoka duomenų bazės kopija, bei failus, tai geriau negu nieko. Duomenų bazės kopijos, kurios buvo daromos kasdien taipogi buvo laikomos serveryje, taigi nėra vilčių atgauti jų...

_Webhost hack wipes out data for 100,000 sites

Alert

Print Retweet Facebook

Vaserv suspects zero-day virtualization vuln

By Dan Goodin in San Francisco • Get more from this author

Posted in Small Biz, 8th June 2009 20:02 GMT

A large internet service provider said data for as many as 100,000 websites was destroyed by attackers who targeted a zero-day vulnerability in a widely-used virtualization application.

Technicians at UK-based Vaserv.com were still scrambling to recover data on Monday evening UK time, more than 24 hours after unknown hackers were able to gain root access to the company's system, Rus Foster, the company's director told The Register. He said the attackers were able to penetrate his servers by exploiting a critical vulnerability in HyperVM, a virtualization application made by a company called LXLabs.

"We were hit by a zero-day exploit" in version 2.0.7992 of the application, he said. "I've heard from other people they've been hit by the same thing."

Foster said he's been unable to reach anyone at LXLabs to discuss the suspected vulnerability. The Register has also received no response to inquiries sent to the company, which according to its website is located in Bangalore.

According to Foster, data for about half of the websites hosted on Vaserv was destroyed all at once sometime Sunday evening, shortly after administrators noticed "strangeness" on the system. The attackers had the ability to execute sensitive Unix commands on the system, including "rm -rf," which forces a recursive delete of all files.

Some 50 percent of Vaserv's customers signed up for unmanaged service, which doesn't include data backup, Foster said. It remains unclear of those website owners will ever be able to retrieve their lost data, he said. As a result, at least half the websites that were hosted on the site remain offline.

"Since last night, I've had probably 40 phone calls from clients saying 'Why is my website down,'" said Daniel Voyce, a web developer for Nu Order Webs who uses Vaserv to host customer sites. "It's making me look bad."

Voyce said the hackers, given the high level of server access they gained, were likely able to intercept a wealth of sensitive data stored on Vaserv's servers. Voyce said his customers are safe because all sensitive information was encrypted.

Little is known about the people who attacked the site. So far, there are no known reports of individuals taking credit for the hack. The breach was likely the result of a SQL injection attack that penetrated Vaserv's central management software and removed vital binaries and data for about half of all user data stored by the service, Foster said.

"This wasn't someone randomly scanning things," he said. "It was a deliberate attack on our infrastructure."

Vaserv specializes in low-cost web hosting using VPS, or virtualized private servers. Virtualization features in LXLabs' HyperVM helped Vaserv provide the service, which costs a fraction of the price of dedicated server hosting.

It remains unclear how other webhosts using the HyperVM have been affected. If you're aware of other providers affected by this reported vulnerability, please contact the reporter at the link above. ®________________________________________________________________________________

"Whatsoever thy hand findeth to do, do it with all thy might."

- Ecclesiastes 9:10

Visų gerbiamas ir pasižymintis ne tik dideliu protu, bet ir šauniu humoro jausmu, PHP-Fusion autorius Nick Jones Sausio 4d. iškeliavo anapilin. Kad ir kaip gaila bebūtų, tačiau reikia judėti toliau. Reikia stengtis dėl to, ką pradėjo Jis. Dėl ko Jis taip ilgai ir sunkiai dirbo? O gi dėl mūsų, todėl dabar Jam atsidėkodami, nepamirškim ir neterškim šios turinio valdymo sistemos vardo.

Iš PHP-FUSION.CO.UK :

"Seldom has these words been more adequate, accurate and true than this mournful day when we have the sad news to tell the community that our beloved founder Nick Jones has passed away yesterday morning, January 4th. He created this CMS with all of his might and what a might he displayed in creating this! This CMS has brought people from all over the World together into a project I presume Nick could never dream of when he first started it.

And many a skilled and devoted developer has made their first faltering steps of coding under Nicks gentle guidance, this has been a solid breeding ground for many people from all walks of life and from all parts of the World. That is real might, to be able to reach out and touch so many peoples lives in so many different ways and to do so without seeking nor the might, nor the power. He created this CMS because he just had to do it. And that was that. Simple as that.

Alas, even the mightiest and bravest of men do pass away, tired and weary of fighting. We must let go of them. And for us left behind, well... No matter how much we think we have been able to prepare ourselves for the inevitable, when the day finally comes, we find out that we never really could prepare ourselves for it. Hence a tremendous feeling of sadness and sorrow among many of us. Let us be inspired by the way Nick always carried himself and bear this loss with love, dignity and integrity. And perhaps the odd giggle too, Nick had a marvellous sense of humour, had he not been a developer he would have made an excellent comedian.

We offer our heartfelt condolences to Nicks family and kin, I'd like to mention his mother Sue especially here, since they shared a bond between them that was unbreakable and very special. We will also leave the opportunity for our community members to offer their condolences on this here website, more details of that will follow.

As for the continuance of PHP-Fusion, we do carry on with our daily routines until given other instructions. We do not know anything at all of Nicks intentions in regards to this, until we do, we will carry on as usual.

On behalf of Management Team I ask all of you to respect the fact that we cannot leave any more information than this at this point. Let's keep our heads up high and remember Nick Jones for being the extraordinary man he was and let's try to follow his example. I feel that is the best way we can honour Nick, his family and his creation the very best under the circumstances.

Ši tema yra neaktyvi. Paskutinis pranešimas šioje temoje buvo prieš 5574 dienas (-ų). Patariame sukurti naują temą, o ne rašyti naują pranešimą.

Už neaktyvių temų prikėlimą galite sulaukti įspėjimo ir pranešimo pašalinimo!

Prisijungti prie diskusijos

Palikti atsakymą galite iš karto, o užsiregistruoti vėliau. Jeigu jau turite paskyrą mūsų forume, Prisijunkite.

Svečias
Atsakyti šioje temoje...

×   Įklijuotas tekstas turi teksto formatavimą.   Pašalinti teksto formatavimą

  Galimi tik 75 veidukai.

×   Nuoroda buvo automatiškai įterpta.   Įterpti nuorodą paprastai

×   Jūsų ankstesnis pranešimas buvo atkurtas.   Išvalyti redaktorių

×   Jūs negalite įkelti nuotraukas tiesiogiai.Įkelkite arba įdėkite nuotraukas iš URL.

  • Šiame puslapyje naršo:   0 nariai

    • Nėra registruotų narių peržiūrinčių šį forumą.

Skelbimai


×
×
  • Sukurti naują...