What's wrong with this picture?

D

Doliviss

Weaksauce
Joined
Dec 29, 2006
Messages
77
I work for a dedicated server company; I got a ticket earlier tonight about a customer who normally only uses 10GB of bandwidth/mo somehow managed to use 1800GB. Naturally, I log in the box to take a peek, and this is what I see:

lolinternets.jpg


Way to be subtle, there, guys. :rolleyes:
 
Were they bruting the shit out of someone's server or something?
 
Allow me to clarify:

This is a dedicated server that one of our clients leases. I believe it's a SQL server. They're allowed 1500GB per month, but in the past have only used ~10GB/month. Last month, they went over by about 300GB & wanted to know why. Somebody quite obviously haxx0red their megahertz - there was about 40 extra ports open & MP3s and movies in the System Volume Information folder.

Funny how it's always the Windows boxes.
 
if they have IIS setup with FTP then I assume that there is a weakness there. Do they use Administrator as their main account (I know that they probably changed the name of the main log in account but you would be suprised how many people don't)
 
Doliviss said:
Allow me to clarify:

This is a dedicated server that one of our clients leases. I believe it's a SQL server. They're allowed 1500GB per month, but in the past have only used ~10GB/month. Last month, they went over by about 300GB & wanted to know why. Somebody quite obviously haxx0red their megahertz - there was about 40 extra ports open & MP3s and movies in the System Volume Information folder.

Funny how it's always the Windows boxes.
Click to expand...

It's wierd how people will nonchalantly redirect blame.

Sounds to me like you didn't properly secure the windows server he's renting from you that YOU own.

Yep. That's all microsoft's fault. The fact that they got hacked and it took you guys over a MONTH to realize it has nothing to do with anything, right?

Had the client built his own server and his company made say, marble flooring, and was just renting the bandwidth only from you, that'd be a different story.

But you are RENTING HIM A DEDICATED SERVER. It's YOUR JOB to properly affirm that it's secure. It's also YOUR JOB to do audits to find out if he's been haXXored.

How do I know this? Well. I own a hosting business.
How often do you audit? Only when someone complains?
We've got a team that does nothing but audits, all day.

Our AUTOMATED scripts that poll through our network would notice
"warez" in a matter of hours (usually more like minutes). It would also definitely notice ANY port changes.
 
No, that is not at all our responsibility. We have very well lined out terms of service and SLAs on our part. This particular customer had opted for self managed (probably because it's free), then came to us because they were unable to log in via RDP, because whoever hacked it disabled it.

There's much, much more to it than "dedicated server, your responsibility".
 
Doliviss said:
Funny how it's always the STUPID PEOPLES boxes.
Click to expand...

Fixed.

Funny how people are so quick to blame an operating systems security when it's got nothing to do about the security of the operating system... rather it has everything to do with the user using that software.

Windows, Mac, and Linux can all be made secure and can be all vulnerable and open in the hands of a dumb user.
 
spotted the weakness

SQL

I bet they haven't set up the database correctly
 
You must log in or register to reply here.
Back
Top