Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Hosting firm denies weak passwords led to gigantic hack attack

Add to del.icio.us     Digg this story Digg this

June 10, 2009

Russ Foster, director of Web hosting provider VA-Serv.com has fully denied public allegations that weak and insecure password management combined with loosely configured servers were responsible for a massive Internet attack that wiped out data for more than 100,000 Web sites in more than 23 countries.

Foster also says that he was shocked when he learned that the CEO of an Indian software company hanged himself late last night, shortly after his software was determined to be the culprit of the security breach of the UK-based Web hosting firm.

As previously reported, the apparent suicide of K.T. Ligesh came around the same time Foster said a serious vulnerability in a virtualization management application made by Ligesh's Lx Labs led to the catastrophic security breach.

Foster was quoted as saying "I wondered if I was responsible in some way. I'm just so, so tired." (!)

The comments came a few hours after an anonymous posting from one of the purported attackers claimed Foster's repeated use of the same four passwords over and over again laid to the groundwork for the mass compromise of VA Serv's system.

It went on to even suggest that VAServ's main website ran on what's known as a virtualized private server, a configuration that the writer claimed made the password attack work quickly.

"Z3r0 day in hypervm?" the anonymous poster wrote, substituting numbers for letters as is common in hacker parlance. "Plz u give us too much credit."

Foster said he has discounted the posting because it contained fabricated details, including passwords and IP address information, along with a description of part of his network topology.

The post was general enough that it could have been written by anyone. It was originally added to this thread discussing the Vaserv incident on a website that caters to webhosts. It was quickly removed and later reposted on other similar forums such as the Web Hosting Tech Support Forum. That forum also rapidly removed the post as well.

"I don't have any of those passwords," he said of the secret phrases that were included in the post. "I don't recognize them either."

About 2 days after the data was suddenly deleted from more than 200 servers operated by VAServ, a few company technicians have managed to retrieve some of the lost information and restored the hosting service for some but not all of the 100,000 to 150,000 Web sites it hosted.

Foster also warned on June 8 that data for some customers who signed up for unmanaged accounts was likely gone forever!

The security breach has proved trying for Foster, who announced in a posting Vaserv was being taken over by a larger hosting provider known as BlueSquare.

Foster even added "I've personally reached the end of my physical and emotional tether."

He went on to say that he decided to "do what is best for the customer base as it stands and get some "big boys" in behind to help get things back up and running and give people a chance."

Needless to say, Foster's blatant lack of security implementation at his company has surprised more than one in the hosting industry.

Add to del.icio.us     Digg this story Digg this

Source: ISNW.

Save Internet Security.ca's URL to the list of your favorite web sites in your Web browser by clicking here.

Become an authorized reseller of Proxy Sentinel™ and Firewall Sentinel™. Do like the rest of our authorized resellers and have your clients benefit the important security features of our products and solutions, while increasing your sales at the same time. Click here for all the details.


You can link to the Internet Security web site as much as you like. Read our section on how your company can participate in our reciprocal link exchange program and increase your rankings in the major search engines such as
Google and all the others.

Click here to order your Proxy Sentinel™ Internet security server today!

Proxy Sentinel™ is the most secure Internet proxy server on the market today. Click here for more information.
Site optimized by Pagina+™
Powered by Sun Hosting
Search engine keywords by Rank for Sales
Development platform by My Web Services
Internet Security.ca is listed in
Global Business Listing

| Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact |
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer



Install your server in Sun Hosting's modern colocation center in Montreal. Get all the details by clicking here.










Get your Linux or Windows dedicated server today.










The industry's best and most accurate tool to find out EXACTLY what your CORRECT keywords are. Click here to learn more.