amuck-landowner

Search results

  1. Marc M.

    ChicagoVPS / CVPS Hacked. New SolusVM exploit? [PT 2/2]

    @ at the bottom http://www.lowendbox.com/blog/a-days-recap-solusvm-exploit-released-ramnode-downtime-and-robert-clarke/
  2. Marc M.

    ChicagoVPS / CVPS Hacked. New SolusVM exploit? (Content Restored) [PT. 1/2]

    @ at the bottom http://www.lowendbox.com/blog/a-days-recap-solusvm-exploit-released-ramnode-downtime-and-robert-clarke/
  3. Marc M.

    ChicagoVPS / CVPS Hacked. New SolusVM exploit? (Content Restored) [PT. 1/2]

    @Mun it's either that or they are paying their coders so poorly that every so often their employees plant one or two Easter eggs in the code. Since they don't audit it unless a disaster like this one happens, no one cares. I don't see them jumping on their swords any time soon because they've...
  4. Marc M.

    ChicagoVPS / CVPS Hacked. New SolusVM exploit? [PT 2/2]

    @Mun it's either that or they are paying their coders so poorly that every so often their employees plant one or two Easter eggs in the code. Since they don't audit it unless a disaster like this one happens, no one cares. I don't see them jumping on their swords any time soon because they've...
  5. Marc M.

    ChicagoVPS / CVPS Hacked. New SolusVM exploit? (Content Restored) [PT. 1/2]

    @weservit I'm glad that something got them from sitting around on their d**** all day long and finally doing a full security audit. This begs the questions if a disaster is necessary every time for them to do something about it?!
  6. Marc M.

    ChicagoVPS / CVPS Hacked. New SolusVM exploit? [PT 2/2]

    @weservit I'm glad that something got them from sitting around on their d**** all day long and finally doing a full security audit. This begs the questions if a disaster is necessary every time for them to do something about it?!
  7. Marc M.

    ChicagoVPS / CVPS Hacked. New SolusVM exploit? (Content Restored) [PT. 1/2]

    Looks official to me: http://blog.soluslabs.com/2013/06/19/security-updates-available-for-all-solusvm-versions/
  8. Marc M.

    ChicagoVPS / CVPS Hacked. New SolusVM exploit? [PT 2/2]

    Looks official to me: http://blog.soluslabs.com/2013/06/19/security-updates-available-for-all-solusvm-versions/
  9. Marc M.

    ChicagoVPS / CVPS Hacked. New SolusVM exploit? (Content Restored) [PT. 1/2]

    @Mun, I would add this: "Created a function to delete all VMs from all nodes just to see if the hacker can find it..." ROFL and this: "Added dead simple functionality to facilitate a MySQL injection exploit to see if anyone could find it in less than two months..." again ROFL ... well, it...
  10. Marc M.

    ChicagoVPS / CVPS Hacked. New SolusVM exploit? [PT 2/2]

    @Mun, I would add this: "Created a function to delete all VMs from all nodes just to see if the hacker can find it..." ROFL and this: "Added dead simple functionality to facilitate a MySQL injection exploit to see if anyone could find it in less than two months..." again ROFL ... well, it...
  11. Marc M.

    ChicagoVPS / CVPS Hacked. New SolusVM exploit? (Content Restored) [PT. 1/2]

    How much warning do you need as a software provider about your code being poorly written? And why do you write code like this? Sorry, but I can't fault any provider that was hit by this attack, and all I can say is that I am sorry that some of you guys had to suffer because of this: <?php if...
  12. Marc M.

    ChicagoVPS / CVPS Hacked. New SolusVM exploit? [PT 2/2]

    How much warning do you need as a software provider about your code being poorly written? And why do you write code like this? Sorry, but I can't fault any provider that was hit by this attack, and all I can say is that I am sorry that some of you guys had to suffer because of this: <?php if...
  13. Marc M.

    Any VPS hosts that do not use Solus?

    We are working on launching a second budget KVM hosting business that my brother will manage and we might just use Virtualizor for that one. Thanks for showing that link :)
  14. Marc M.

    HOW-TO: Protect from recent SolusVM exploits.

    @willie from PHP -> http://php.net/manual/en/function.mt-rand.php
  15. Marc M.

    HOW-TO: Protect from recent SolusVM exploits.

    Here is another way to generate more customizable random root passwords and use them during the ordering process: function phoenix_rand_root_pass($l=16, $s=6) { $v = 'aeuy'; $c = 'bdghjmnpqrstvz'; if ($s & 1) { $c.= 'BDGHJLMNPQRSTVWXZ'; } if ($s...
  16. Marc M.

    Any VPS hosts that do not use Solus?

    @Zach for as long as these companies keep their source closed and encoded we won't know for sure. One thing that I have done was not to leave SolusVM to its' defaults, but secure it with my own version of Nginx and PHP compiled from source. Also running everything as non privileged users. You...
  17. Marc M.

    Any VPS hosts that do not use Solus?

    I am sorry to say this but Virtualizor is also just a little disaster waiting to happen. IMHO it's worse than SolusVM when it comes to security, it's just that no one has considered investing their time and energy into finding exploitable vulnerabilities in Virtualizor.
Top
amuck-landowner