Quote:
Originally Posted by borked
ORLy? which host would this be then???
|
Umm.. Well the old apache exploits/admin targets came in through VOIP IP exploits and not from the FL IP. So previous admin/attacks came through server level exploits first, once they had access they exploited the data the exact same way. This is why NATS made the admin/webmaster pw's one way, so they can't be pulled from the admin. A security step by NATS, mind blowing I know.
Hosts didn't know it was the same attacker each time doing the same thing in different ways. Not until recently at least and once people started posting on GFY, then people put two and two together, we saw it right here, live. Yes, I'm sure a couple of hosts knew something was going down, but they sure as hell didn't talk about it, fear, pfft..
If John ever threatened me for exposing an exploit I would have blasted his ass all of the boards. Anyone that wouldn't do the same is weak minded.
NATS has a ticket system. You have to post in for all support, ect. And icq history for those they talk to on ICQ. If all these clients really had these problems, threats, ect about the hacks/ips, exploits then why don't they just post the tickets? I'm sure people have tickets, I do, but they show NATS helping and not threating.
NATS isn't perfect, boy it's far from perfect. Clients already knew this - guess it was only time for Webmasters to find out. Support isn't the fastest, they don't always work on weekends, and you don't always get the right support person smart enough to help with your complex problem.
And since NATS doesn't monitor my NATS/server 24/7 - I take security into my own hands and my hosts, as it should be.