Virus warning from www.puppylinux.com/manuals.htm

[Sage]

Huh! Jumping the queue at the expense of the poorest instead of paying more tax?! No free lunches in this world.

[Sage]

Excuse me, I had no intention of hijacking this thread, just that the arrogance of some is overwhelming.

Concerning the substantive issue,
Quote from Barry

"I don't have any scripts left. Well, not exactly, WordPress is still there, I just renamed the directory to something no one will guess. Anyway, I shall reply to their reply.
Oh yeah, I've cleaned up my site, yet again."

Can't say I've ever encountered such a tolerant guy. The time to file suit would seem to have long past. Beating one's head against the proverbial doesn't help ( bit like MU with linuxcbon, who won't even disclose this affiliation!). I'd sue without further warning. Nothing to lose. Adverse publicity will help close them down in the long term.

[big_bass]

Sample below:

well ,here is the latest I will update this same post
with a time stamp

************************************************************
Last-Modified: Mon, 10 Mar 2008 12:53:00 GMT

Etag: "6ab0130-326b-af092300"
Content-Length: 12907

************************************************************


still clean from Mon, 10 Mar 2008 12:53:00 GMT
until -----> Wed, 12 Mar 2008 14:50:12 GMT


I know many others are monitoring also
big_bass

[wingruntled]

Barry
Thank You for looking into servage’s history a little farther.
Now you understand IN PART why I was complaining about that useless excuse of a host so much.
Do yourself a favor. Bite the bullet and get the hell out of there.
edited to add: IN PART

[HairyWill]

whilst we're sticking the boot in, I just received this email

Dear Will,
SSL Certificates from only GBP 14.95
Before and After Upgrade

In addition to our focus on your account security, you can actually protect you and your visitors data even further by using a SSL certificate. This enables very strong and absolute protection from any third party gaining access to the sent data during transmission.

The use of secure communication between your website and its visitors is strongly recommended. Therefore we have reduced our prices for SSL certificates by amazingly 50% in order to enable as many people as possible to stay safe!

» Order your SSL certificate from only GBP 14.95
Why should you use SSL?
Before and After Upgrade

Did you know that any data without the use of SSL is sent in plain text? That means any personal data, credit card numbers, passwords etc. are sent to your site (for instance if you use a login form, webshop etc. on your hosting account) can be viewed (and abused) by anyone gaining access to your data transmission!

The best case scenario is your visitor submitting his confidential data via a secure line to your site using an SSL certificate. No one can read the data.
Thank you...

...very much for being with Servage Hosting. We are proud to host your site!

Best Regards,
Jakob, Servage Hosting

Oooohhh I feel all inclined to give them some more money. So I can use ssl to ensure that all traffic to the site is encrypted. I wonder how safe the data is once it gets there?

[prehistoric]

@HairyWill,
Already explained. Servage is staffed with 'bots. Time to reject the null hypothesis?

[Th3_uN1Qu3]

Time to drop Servage, definitely. Check this out:

http://www.hammersound.net/

Just found this when i was looking for some soundfonts for use with Fluidsynth. Site was hacked and the hacker left a message, saying "Servage - where security is no security."

Any of this could happen to us too.

[bobwrit]

I wonder whether the black hats have been on the forums and hence are aware of the counter mesures in place. I know that servage is a bad host and am not denying that.

[alienjeff]

I wonder whether the black hats have been on the forums and hence are aware of the counter mesures in place.

Don't wonder. Presume yes. Fortify accordingly. Compute wisely.

[BarryK]

After arguing with Servage, I cleaned up my site, made sure all scripts were gone, checked dir/file permissions, changed passwords, then waited. Servage indicated they were trying to fix it, myself and guys in this thread were monitoring my site. Then on 9th March, just one file got hacked, puppylinux.com/index.html. I got the feeling that the hacker just wanted to show that he/she could still do it, but was cautious in just hacking one file.

I cleaned it immediately, but I renamed the hacked file to index.htlHACKED-9MAR08, just in case Servage admin wanted to see it.

Well, guess what, today that same index.html has been hacked, and the index.htmlHACKED-9MAR08 has been removed. Just the one file again, the hacker is showing that he can delete any file on my site.

Someone is toying with me.

Today I received an email from someone who came across my news page and was relieved as he has also been plagued with his site (hosted by Servage) being hacked, and being told by Servage customer support that no one else has that problem.

It is interesting that puppylinux.org, which is hosted on another Servage account, appears to be uncompromised. Perhaps it is just a particular "cluster" that is compromised. I'm on Sevage's cluster 39.

I've paid for one year with Servage, just used 3 months of that. They only have a 5 day money back guarantee, and from stories I've read even that is hard to get.

I have decided that even if Servage fix my security problem, I'm leaving, simply on principle. Their customer support tell outright lies.

Also a comment about my experiences with their technical support: they don't seem to have the ability nor the authority to actually fix anything. They just have a set of standard replies to send, and that's it. Probably the penalty paid from out-sourcing the customer support (I read somewhere that's what Servage has done). I need customer support where you talk to an actual admin guy.

Thanks to recent donations from Ian and pakt (Ian in particular, a quiet guy who doesn't say much on this forum, but he is very keen on Puppy and supports me by sending a cheque every now and then), I can afford to signup with another host. I've had some recommendations, I'll have a bit of a look around tonight.

[prehistoric]

While Barry's experience with Servage furnishes grounds for dismissing these attacks as the result of sheer incompetence there is evidence of similar attacks against a harder target. http://www.theregister.co.uk/2008/03/13 ... _infected/

To quote an understatement of the late mathematician, Paul Erdos, "This is not a trivial problem."

prehistoric

[Sage]

Small Claims Courts cost peanuts and in the unlikely event you lose, there are no costs against you. If you have sworn (notorised) statements from experts in support, the 'little man' invariably wins on 'balance of probability'. Winning is not so much a warm feeling for the individual but helps those that come after and helps to close down the business of bad companies by the adverse publicity. In the UK, you can file online - it's easy. I have been successful against such diverse companies as Ebuyer, Indesit and Parcel Force. In the latter case, it got as far as the bailiffs arriving to remove the CEO's computer - I let him off for a cash alternative. These bullying traders need to be taught a lesson - it's the only way their behaviour can be moderated. These days, when buying goods and asked if I would like an extended warranty (for a vast extra premium). I always decline and tell the salesman "No thank you, I always sue if there's a problem" and insist on him giving me the address of the registered office, to make sure the message gets home.

[wingruntled]

Bad News!
I wasn't going to post on this forum any longer because of the lack of securties set by the admin but With fireswalls up!
Here is the log I just got from firestarter when I went to Barry's blog
Time: Mar 16 22:54:49 Source: 77-232-84-168.static.servage.net Destination: mke-216-54-***.***.******.com In IF: ppp0 Out IF: Port: 2600 Length: 44 ToS: 0x00 Protocol: TCP Service: Zebrasrv

Bye! and clearing system again!!!!!

[wingruntled]

BUMP
due to an SQL error when I posted the above.

[alienjeff]

test

[oblivious]

Just came across this:

Posted by: vec7 on 03/10/2008 09:18 PM
Friends, this is the beginning of the new VectorLinux website. This site will be under construction for awhile to rebuild our content. We are pretty much starting from scratch since our database was severely compromised by a hacking group a few days ago. So bear with us content will be added on an ongoing basis.
cheers,
Vec

Maybe Puppy isn't the only one being messed with?

[BarryK]

I've been looking at this site:
http://www.webhostingjury.com/
It is customer reviews of web hosts.

I am of course looking at where to move puppylinux.com. One thing, they must accept PayPal, which rules out Netfirms. The reason for PayPal is that it gives you more control, and they can't do an automatic renew. I was with Netfirms and they required that I telephone them in the US to cancel the account -- not at all satisfactory.

Hostgator looks interesting:
http://www.hostgator.com/
...they include SSH, I missed that with Servage.

Godaddy was recommended to me by one person, but the customer reviews are awful.

So, what do you reckon, does Hostgator look good? I want this for my own sites. I have puppylinux.com, goosee.com, plus a couple other small private domains.
For puppylinux.org and some other Puppy domains, there is a separate effort going on to find a better home than Servage.

I think having two separate homes is a good thing. Of course this forum is hosted at yet another place ( -- does John mind if the host is known?)

We need to avoid "all the eggs in one basket".

[Caneri]

Hi Barry,

I looked at http://drupal.org/.
There is lots of recommended hosts on the forum there.

May be of use to you.

I didn't need any phone calls about PayPal here....but I'm on .ca not Netfirms.com...maybe a difference..dunno.

Best,
Eric

[prehistoric]

Don't assume puppylinux.org is safe. See this thread. http://www.murga-linux.com/puppy/viewtopic.php?t=27374

Yes, oblivious, you could say others are being messed with, hardly a secret. Here's a report on media reaction to one current wave of attacks. Danchev on PR storm

Even if exploits do not apply to us, a redirect through a search engine can bring others to an infected page. Puppy's page rank makes it a reasonable target for rank manipulation on search engines.

[oblivious]

Yes, oblivious, you could say others are being messed with

The whole thing just makes me feel sick.