RamNode Down?

[peterw]

RamNodes SolusVM CP is online again.

We will open the ticket system shortly, but please understand that we will not be able to respond with our usual quickness for a few days.

 

[Mun]

According to his posts on LET, he did try it on his own infrastructure at first (http://lowendtalk.com/discussion/comment/283952/#Comment_283952). This makes his "attempt" at other providers even worse. He did already know it worked. He wasn't testing it on others, he was doing it knowing perfectly well it would work.

It wasn't per say a time line, and he may have very well tested it on other first, and just stated and acted like he didn't to try and protect what he had done. 

Mun

 

[wlanboy]

Considering the timezones the timing was perfect to catch RamNode cold. But deleting (reinstall) the vps of users?

This attack is at the expenses of others to damage a host.

Can't believe the whole thing and the lower stairs ethics of the attacker.

Heads up @RamNode. Hopefully you can now get some sleep.

 

[JDiggity]

anybody know if this is the hack that took out CPVS that we have never been able to confirm?

 

[CVPS_Chris]

anybody know if this is the hack that took out CPVS that we have never been able to confirm?

I talked to Solus and he said it is a very good possibility. You can all say I was a big liar blah blah blah but I was not lying, I just did not have any information to pursue after Jeremiah quit, he also said it had to do with CB before he left.

Kevin also checked out web server logs and  confirmed that Robert ( or whoever ) tried to do it to us as well but failed.

 

[JDiggity]

@CVPS_Chris If the community was wrong and called you a liar, about the hack, it needs to be set straight.

 

[Aldryic C'boas]

I talked to Solus and he said it is a very good possibility. You can all say I was a big liar blah blah blah but I was not lying, I just did not have any information to pursue after Jeremiah quit, he also said it had to do with CB before he left.


 


Kevin also checked out web server logs and  confirmed that Robert ( or whoever ) tried to do it to us as well but failed.

If you would, make a text file of Robert's attempts to try it against you, please. I'm putting together similar information for Nick, as I believe he's going to pursue a criminal case on this.


(You also might want to grep your logs for the googlecode bit I mentioned before).

 

[CVPS_Chris]

If the community was wrong and called you a liar, about the hack, it needs to be set straight.

I just did set it straight, I opened a ticket with Solus and Phil said its a good possibility that it was the same method.

 

[CVPS_Chris]

 

[Aldryic C'boas]

 

50.46.111.187 manage.chicagovps.net:5656 - [16/Jun/2013:06:51:59 -0400] "GET /rofl.php HTTP/1.1" 404 345 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.110 Safari/537.36 AlexaToolbar/alxg-3.1"


Is this what you need?

That's perfect, thanks. He only made one attempt?
Edit, Unrelated: I guess I'm gonna have to break down and start using a 'proper' browser... links is butchering the hell out of the BBCode and quote attempts <_<

 

[JDiggity]

@CVPS_Chris I understand that, I saw this thread, saw what happend, and wanted to vindicate you.  I am being nice to your Chris, no need to be an ass to me.  I was making a point on your behalf!  Just say thank you and move on.