[sf-lug] Hacked RHEL4/PHP4 server

Rick Moen rick at linuxmafia.com
Thu May 22 11:11:16 PDT 2008

Quoting Tom Haddon (tom at greenleaftech.net):

> Yeah, on the one hand I do want to find out what happened. On the other,
> I'm not (yet) being paid to do so. I have a call with the non-profit
> early next week to discuss next steps, so that may change, in which case
> I'll be doing a more thorough investigation.

You may hear a lot of resistance to the necessary steps, if you continue
to believe they've been root-compromised and make the obvious proposal
(for which, see the CERT document I referred to).  People don't want to
hear "Sorry, but this will be painful", and want to hear about that
magic wand they're sure you have hidden somewhere.

> On Thu, 2008-05-22 at 09:12 -0700, Asheesh Laroia wrote:

> > Out of curiosity, which virtualization technology?
> Not sure, I'm afraid. This seems a bit vague and marketing-type-speak:
> http://www.verio.com/vps-technology/

Oddly enough, I answered this question a couple of months ago on...
SF-LUG's mailing list.  (Note that they have both a FreeBSD-based "VPS"
offering and a Linux-based one.)  Replying to Jim Stockford:

Hmm, in case you were unclear on this, Verio is not a Linux
distribution, but rather a huge nationwide ISP headquartered in the East
Coast -- one that bought a large number of smaller but much more
technically competent local providers in past decades, including (in
S.F.) Best Internet and The Little Garden / TLGnet.  

What they appear to be selling _here_ is Internet virtual host services
using Xen under RHEL5.

Basically, they're advertising that they're another among dozens of
virthost vendors.  

That fluff about their "deep roots in open source (FreeBSD)" merely
refers to them having _bought_ Best Internet, who used to employ Matt
Dillon, and who had their infrastructure mostly on FreeBSD -- but those
"deep roots" withered and died with the buyout.  (As former Best.com and
TLG customers will testify, Verio screwed up the firms it bought out.)

The phrasing about the company being "inventor of Virtual Private Server
(VPS) technology" appears to be just a reference to Verio (and Best
Internet before it) being one of innumerable firms commercialising the
jail(2) virtual-host syscall technology included in every release of
FreeBSD since 4.0-RELEASE.  That code was _not_ developed by Verio, but
rather by ServeTheWeb.com and Safeport Network Services.  See:

The phrase "VERIO Linux VPS" appears to just mean Xen under RHEL5, plus
some sort of proprietary "control panel" Web thing -- with little
connection to their of the term "Virtual Private Server" under FreeBSD.

So, just a sales job from a mammoth firm trying to take credit for other
people's work.

More information about the sf-lug mailing list