It only took a about 5 days, but the host finally got back to me. They still won't 'fess up to a security breach. Their advice was a "stronger" password. Given that the old password was about 12 characters long and made up of several words run together, I don't think that password strength was an issue. I still think they got rooted.
Saturday, June 28, 2008
It's been a week and a half...
I just put a sample bottle of the Irish Red Ale in the 'fridge to chill. I'll sample it tomorrow.
Labels:
beer
Wednesday, June 25, 2008
I'm getting ticked at my Webhost
No, not the host for this page. Blogspot does a just plain ducky job of hosting blogs. I'm talking about a service I pay real, cashy money for to host a few sites.
The service, which will remain nameless for the time being, seems to have some "issues" with security patches. Google, the fine folks who run the fine site hosting this blog, flagged two of my sites last week as hosting malware. The "malware" was code injected by the host itself as part of a system upgrade. It didn't do anything more than tell them that the files were in the right place on their system. But, since that upgrade was finished a while ago, I decided that the code wasn't really needed anymore. So, to keep the Googlistas happy, I deleted the script. And sure enough, the Googlistas were indeed happy. The sites got a clean bill of health.
...Until today.
The "clean" sites suddenly sprouted real malware. (A virus/worm AVG identifies as Framer.Z) Now, the first thing one ought to suspect is a weak password; but, that wasn't the case here. We were using a nice, strong password on the site. A little Googling turned up several other customers of the unnamed host complaining about virus injections on their sites. Those same complaints pointed to a spotty job of patching their server software. Guys, if you're reading this and something seems familiar, you've got a week until this 5+ year customer wanders off of the reservation and stops recommending your to his clients.
Yeah, it's a Linux system and yeah, to those in the Windows World, Linux seems like rocket science; but really, it's not rocket science. You can patch a Linux system without having to reboot and without any downtime. There's no excuse for allowing someone to run around on your server adding scripts to everything named "index".
I'm waiting for a decent excuse from them as to how their system got rooted and how it will never happen again. Until then, however, I'm browsing the vast multitude of web hosting review sites out there.
The service, which will remain nameless for the time being, seems to have some "issues" with security patches. Google, the fine folks who run the fine site hosting this blog, flagged two of my sites last week as hosting malware. The "malware" was code injected by the host itself as part of a system upgrade. It didn't do anything more than tell them that the files were in the right place on their system. But, since that upgrade was finished a while ago, I decided that the code wasn't really needed anymore. So, to keep the Googlistas happy, I deleted the script. And sure enough, the Googlistas were indeed happy. The sites got a clean bill of health.
...Until today.
The "clean" sites suddenly sprouted real malware. (A virus/worm AVG identifies as Framer.Z) Now, the first thing one ought to suspect is a weak password; but, that wasn't the case here. We were using a nice, strong password on the site. A little Googling turned up several other customers of the unnamed host complaining about virus injections on their sites. Those same complaints pointed to a spotty job of patching their server software. Guys, if you're reading this and something seems familiar, you've got a week until this 5+ year customer wanders off of the reservation and stops recommending your to his clients.
Yeah, it's a Linux system and yeah, to those in the Windows World, Linux seems like rocket science; but really, it's not rocket science. You can patch a Linux system without having to reboot and without any downtime. There's no excuse for allowing someone to run around on your server adding scripts to everything named "index".
I'm waiting for a decent excuse from them as to how their system got rooted and how it will never happen again. Until then, however, I'm browsing the vast multitude of web hosting review sites out there.
Subscribe to:
Posts (Atom)