The Planet Warns Of Security Breach
Oct 16, 2008
I got this email earlier today, surprised to see there isn't already a 10-page thread about it. Did anyone else get this from The Planet?
In the course of the last two days, our Computer Security Incident Response Center team has identified suspicious activity in our customer management portal. Through their vigorous investigation, we have identified what appears to be a security breach that may have affected your customer portal account and server passwords. We have identified the methods by which the systems were compromised and have closed those holes. In addition to those actions, we will be implementing additional security measures to further strengthen the infrastructure and systems.
We are taking this action to alert you to this potential malicious activity. At this juncture, we are aware of only two incidents whereby log-in and server passwords were accessed. Based upon our security review of access logs, we do not believe any credit card information was compromised. We have contacted the authorities and are working with them to identify the perpetrator and to pursue appropriate legal action.
We are taking a proactive approach by contacting you directly, which we believe is the best course of action. We strongly suggest you implement a security best-practices approach by immediately taking four steps to mitigate risk:
1) Change your Orbit log-in passwords immediately and do so again every 60 days.
2) Change your server passwords and do so again every 60 days.
3) Be alert to any suspicious activity on your account.
4) If you suspect any unusual activity, please retain your access logs along with
View 11 Replies
ADVERTISEMENT
Oct 1, 2006
somewhere on my cpanel server a script has been able to be used by a spammer and im now getting tonnes of returned mails from aol etc. 1000's are coming in every hour.
I think i have found the culprit, but i can't be sure. how can i find out for sure which script this was? the email headers dont even show the user from what i can see!
View 6 Replies
View Related
Jun 17, 2008
I got an email saying that there was a security breach at steadfast. At the same time I got an email saying that my account was suspended because I am sending spam from one of my domains. I NEVER SEND SPAM. I opened a support ticket and they apologized saying it's not my fault and they restored my account. Apparently spam was sent by a php script but they don't want to give me details. The next day they suspended my account again on the same reason.
View 13 Replies
View Related
Dec 17, 2007
I found a random proxy site running out of /var/www/temp. It seems to have been created yesterday, and I found about it via a DMCA notice from the planet. Is this apache's temporary directory? There was even an entry for it in the apache configuration and was running as a perl script out of its own cgi bin. I killed it and chmod'd it to 0. In the future, would setting permissions on this directory to non executable prove to be effective? Any idea if this type of breach is serious enough to warrant an OS reinstall?
View 9 Replies
View Related
Sep 2, 2013
I think the wrong text is displayed for the option "Remove Domain Alias".
In Plesk 11.5.30 Update #13, in a Webspace, on the Websites & Domains tab, if I click an alias, a window appears for the alias with the option to "Remove Domain Alias". If I move the cursor over the text "Remove Domain Alias", or click on the link, I see a pop-up: Removing this website will also delete all related files, directories, and web applications from the server.
I think this is incorrect because removing an alias should not remove any files, directories, and web applications.
View 3 Replies
View Related
Nov 5, 2009
We have found (thanks to CSF warning us) in /tmp 4 suspicious files. One is a perl script (probably a backdoor) and the other 3 files are binaries. They were probably uploaded by some vulnerability a customer's website (now suspended) because they are under his ownership.
The server seems ok, nothing out of the ordinary (the root logins are disabled, we su - from another account).
We have run rkhuner and chkrootkit (fresh installs) and found nothing.
One of the binaries contained this (retrieved with strings): chown root:root /tmp/suid; chmod +s /tmp/suid (suid being one of the other binaries). This /tmp/suid has no suid set and is not under root ownership:
-rw-r--r-- 1 user user 759 Jan 25 2008 dc.pl
-rwxr-xr-x 1 user user 2404 Nov 4 22:10 libno_ex.so.1.0*
-rwxr-xr-x 1 user user 4945 Nov 4 22:10 suid*
-rwxr-xr-x 1 user user 6209 Nov 4 22:10 udev*
dc.pl seems to be from January but it's apparently fake:
# stat dc.pl
File: `dc.pl'
Size: 759 Blocks: 8 IO Block: 4096 regular file
Device: 901h/2305d Inode: 62820496 Links: 1
Access: (0644/-rw-r--r--) Uid: (userid/username) Gid: (userid/username)
Access: 2009-11-05 13:52:37.000000000 +0100
Modify: 2008-01-25 19:49:43.000000000 +0100
Change: 2009-11-05 13:55:41.000000000 +0100
I hope all this means that the command was either not successful or it didn't run in the first place.
The kernel is: 2.6.18-128.1.6.el5PAE
Control Panel: cPanel
View 7 Replies
View Related
Apr 18, 2008
I dont know how but the passwords keeps getting changed on the emails on my cpanel. Its no one who has acess and no files are being delted to the problem is only with the email.
View 6 Replies
View Related
Mar 4, 2008
we have a server that was breeched and is being used to send ddos attacks to another website and we need to stop it permanently and secure our server to avoid it from happening again.
My tech has already been able to track down the bot/script that was sending it and seemed to stop it for about a week, but they have gained access to the server again.
He is not an expert at security issues so I'm looking to hire someone for a one time job to correct this issue.
Can someone offer me some referrals of someone to take care of this. Please do not recommend Rack911 as I waited nearly a week for their assistance and had no luck.
View 6 Replies
View Related
Jan 8, 2008
I just received a fairly scary WHMCS notice, you can view the details here:
<<please don't paste the file names, there are accounts that may have these on them>>
What are your thoughts on the entire situation? Personally, I'm a tad fearful (luckily, I hadn't upgraded to the next version yet as I was letting the other users play beta-testers) given the fact that there wasn't any versioning / modification 'notification' system in place on their end.
I'm fearing further updates. In essence, my concern is that the WHMCS development team isn't entirely certain how they were backdoored or to what scale they were backdoored.
Are their own billing systems & servers hosted in the same environment, were our billing details also released? etc. I want to know the scale of the attack.
View 14 Replies
View Related
Nov 6, 2009
is there anybody out there with a rave review and different experience than the rest of us are having?
View 14 Replies
View Related
Jul 18, 2008
I've been waiting to get a server for a long time. On Monday, I went ahead and ordered a server from The Planet. 20 minutes later, I decided for the money I might as well upgrade my package a little bit (from $180 to $220). So I chatted with one of the sales representatives (Ryan B to be exact) and was told my first order was canceled and that the second server was ordered. $197 was charged for the first order and today, 5 days later, has yet to be refunded.
I found out on Tuesday that I'm being laid off on August 22. With this information, I immediately canceled my second order with The Planet, knowing I wouldn't be able to pay it monthly. I was told the order was canceled (the server was never setup) and I also asked about my first order. They said it had been canceled and I should be getting the refund shortly. That was Tuesday afternoon. I contacted them on Wednesday and again they said I should be getting the money soon. It's a simple credit card charge back, it can be done instantly. It's now Friday afternoon, almost 5 days since I ordered my first server and the money (totaling $443) still hasn't been refunded. Is this normal...? I really could use that money...
View 3 Replies
View Related
Mar 13, 2008
In general, which of those is the best in hardware and bandiwdth, and in support?
View 14 Replies
View Related
Apr 28, 2009
I was hosted with these guys for well over 2 years, and was spending on average more than $2,000.00 a month for servers.
I had slowly grown to well over 10 boxes, and was definately on my way. then one day I get a spam complaint that one of my serves was casing complaints. So I checked it out, and asked for the complaints to be relayed so I would have record of it..... nothing.... I responded and even tried to call, but at that point they had sent me a tciket stating.
We have recieved well ofer 1000 spam complaints from a server you lease with us, per out TOS we are terminating ALL OF YOUR SERVERS, and you have 15 days to remove the data!
WOW... there was no ability to have them terminate that server, they simply said NO your account will be terminated (all of your servers) and you will be banned from The Planet!
When I tried to call they said your not allowed to speak with the abuse dept, again I tried contacting my account manager, and he said he checked into it and only saw a few complaints, and didn;t understand why they were doing this... In short I barely got moved over to another provideer before they shut me down completely..... They did however offer one course of action... you could turn your dedicated server clients over to us so they dont have to move! THEY ACTUALLY SAID THIS!
I at that point made the move and then they hit my credit card for another month well short of 20 days before a bill would even be due.. I had to file charges at the local courthouse to get this reversed.
My advice, if you host at the planet dont send mail. get another server provider for mail, these guys are *&^)(* and they don;t care about shutting you down no matter what you spend with them, on top of that they will try to scarf your clients up if they can, after they leave you high and dry....
Anyone else have issues like this with anyone else. I want to compile a list of providers that do business like this so I can avoid them.
View 14 Replies
View Related
Oct 2, 2009
I've had my servers with The Planet for years. Used to be really happy with them. Ever since the merger, they seem to have deteriorated over time. Recently, I find the level of support to have become poor.
The redeeming quality is that they have had outstanding uptime over all of these years, and they are always there if you need them in a true emergency - in other words, they always pick up the phone.
I need a company that is comparable in their level of staffing and resources. Who out there is comparable, yet providing better support and overall attitude these days and for the long-haul?
View 14 Replies
View Related
Jun 18, 2009
I currently have a colocation solution with The Planet. How do they stack up against the competition for price and reliability?
View 10 Replies
View Related
Oct 1, 2008
The Planet used to be great. All the people that made them great left for softlayer.
The Planet support now runs the gamut from mediocre to bad. But their billing policies are atrocious. They add charges to your service without you ordering it. They promise to refund you but don't. And when you cancel, they bill you anyway. When you call, they will admit their mistake. They will claim to refund you, but then don't.
It's a nightmare. So far Softlayer is as good or even better than The Planet used to be.
When you cancel with The Planet, make sure to change your credit card number so they can't charge you. If you are contemplating hosting with them, don't. Everything good you heard about them was true, but only because of the people who left for Softlayer.
View 14 Replies
View Related
Jun 11, 2008
My firewalls block IP's from multiple failed login attempts. The FW on one server has been blocking someone from The Planet. My servers are at GNAX, so why is someone from TP trying to get in?
This is what the system emails tell me:
IP: 70.87.XX.X (2.27.XXXX.static.theplanet.com)
Failures: 5 (sshd)
Interval: 95 seconds
Blocked: Yes
View 4 Replies
View Related
Jul 13, 2008
As those who read my previous thread (or helped me on it -- thank you!) know, I've been looking at upgrading to a new server at the Planet. I've been very happy with the service at the Planet. I ended up with a quote on a Xeon 3040/2 GB of RAM/2x 250 GB hard disks/RHEL 5/10 usable IPs/cPanel+Fantastico and the Planet's standard "built in support" monitoring, escalation procedure, automated OS updates, etc. for $174/month and no setup.
That sounds decent enough, but I keep reading this forum and seeing good things about SoftLayer over and above the Planet. Should I consider moving? Anyone care to say what is better about SoftLayer? Anyone know of any cons to moving? I was inclined not to really shop around since the Planet has been good, but I don't want to be foolish and I by the sounds of some of those reviewing them, it sounds like SoftLayer's support is worth switching for.
View 14 Replies
View Related
Jul 21, 2008
I currently had NAC and The Planet as DC (I like both, but I really don't trust putting all servers on a single DC)
I was looking for a DC to get 2 new servers
despite I like The Planet, I was looking at other alternatives because it wasn't that cheap
but I'd like to thanks Ryan B. from sales, who got a very good offer, and kept giving impressive support after I ordered the servers
he really seems to like what his job, so thumbs up here to The Planet
View 3 Replies
View Related
Aug 16, 2008
Can anyone recommend a good reputation company that resells The Planet's servers?
For some reason I can't purchase from them directly, they do not accept PayPal nor accepting my credit card payments. Tried contacting them but it still doesn't work. I hope to find a reseller out there.
View 8 Replies
View Related
Jul 3, 2008
Which do you get best service with? I rather pay a bit more to get good service as im sick of crap companies.
View 5 Replies
View Related
Dec 14, 2008
Is anyone else having problems with The Planet nameservers at the moment? My sites aren't resolving at the moment, so they appear down to most people.
I know there is some DNS maintenance going on, but it said to expect no downtime?
View 8 Replies
View Related
Sep 25, 2008
I have a decent sized ecommerce site..but in all reality a dedicated server is likely overkill. Still I like having room to grow. I am looking for a linux setup (preferably red hat) with Cpanel. I need something managed...with decent support. I can do very basic stuff..but I am also busy owning a business..and do not have time to really figure out how to maintain a server. I need someone to answer questions quickly..or do it for me. Seems these the Planet and LiquidWeb are two of the biggest ones. I am gonna say support is the big issue here...who would be most likely to help me do whatever it takes to keep my site online no matter what.
View 2 Replies
View Related
Apr 14, 2008
I run a MMO game server and when I outgrown my home DSL connection I decided only way was to get a dedicated server so I ordered an entry level server at the planet. Very good service from the start, server uptime was pretty much %100, never had any huge network issues or anything. Some slowdowns at one point but it was more of a internet issue.
Later on noticed the server specs were actually lower then what I was paying for. Figured, mistakes happen, I put in a ticket. They acted really quick on it and gave me a new server and even doubled my ram + gave me refund. The refund took a bit of time but I eventually got it.
Recently I wanted to try the dual xeon server but virtualize my game server so I can use Linux as the host OS for other purposes, so I chatted with someone and asked if I could get a "trial" before paying, and surprisingly they were ok with that and set me up within a few hours.
I configured the new server and everything was going smooth when I turned on the firewall so it blocked monitoring.
No joke, within 1 minute I got an email saying my server was down and they had responded to the ticket saying they'll look at it. it was a false alarm, but just to show how fast they responded, was really impressed. I just mentioned to ignore it for now until I get the firewall to let their stuff through. All in all I have to say even as a small customer I'm really impressed with the service there.
View 14 Replies
View Related
Feb 16, 2007
Does Anyone Know Thier Nameservers? It Was Like Ns5.hyperdrive.net
Please Help Me And Let Me Know, My Job Is On The Line
I Called Them, Once They Found Out I Had A Problem They Hung Up!
View 12 Replies
View Related
Apr 4, 2008
I run a web hosting company and one of my servers is a LAMP server running CentOs 5. A user of mine has a Joomla installation running to manage his website and he has run into the following problem that I am puzzled by.
When Joomla adds a component or module to itself, or when a user uses the Joomla upload functionality, Joomla will add the new files under the user name "apache". This makes sense as it is the apache service running PHP that is actually creating the files.
However, when he FTP's into the account to modify these files, he doesn't have the appropriate permissions to do so as he doesn't have a root level login, just permissions on his home directory which is the site. Any help would be much appreciated.
Also, does anyone know how to change the owner/group of a directory and all of its sub directories in Linux without changing the actual permissions? I.e. some of the files in the folder have different permissions (0644 as apposed to 0755) than its parent but if I do a top down user/group change on the folder it will change everything in that folder to 0755.
View 10 Replies
View Related
Nov 22, 2008
The Planet, Rackspace or Liquidweb
I have a couple of customers recently, and find that I would like to put their sites into a dedicated server environment. Which is a better provider in terms of support and reliability? These companies do seem to be the more reputable ones. What are the important things to look out for in the servers?
View 11 Replies
View Related
Jan 12, 2009
is it true that the planet does not accept paypal payments?
i was considering to get a server from them, also management from touchsupport (which is owned by the planet now) they dont accept paypal?
View 9 Replies
View Related
Apr 10, 2009
We saw the special offer of ThePlanet here on banner advertisement and tried to get a special promo but since the last 3 days, I am running after them and every sales person is telling something different about promo and my deal even it's confirmed by management...
View 8 Replies
View Related
Sep 24, 2008
Very hard to believe that it has been 4.5 (Ordered our first server in January of 2004) years since I first turned up services with The Planet (ServerMatrix at the time) and still have equipment with them to this day.
Here's my quick breakdown....Support - Looking back at our ticket history, we've never opened a ton of tickets. When we needed assistance, they were always quick to assist us and provided prompt resolutions.
Network - Their network is top notch and I've yet to find another provider that's even close to The Planet. We still have some equipment that is on their legacy unmetered Cogent product (now on their premium network, since they dont have Cogent any longer) and we continuously are able to pull the 20m and normally, much much more. Their network has always been top notch.
Hardware - I've acknowledged over the years that The Planet, historically, had issues with replacing failed drives and reloading OS's in a timely fashion. We never experienced that, ever... nor have I seen a complaint about that in quite some time.
We've experienced a single hardware failure with The Planet and the failed item was replaced quickly and at a time we dictated, which was great.
Overall - Fantastic. One of things I've really come to love about The Planet is the dedication to their customer. To this day, I still get a phone call at the office, at the house and on my cell whenever anything goes haywire on one of my servers. I can't count on them to have my back when I'm not watching and I've come to rely on them to respond to and resolve issues before I am aware of them.
Although we have diversified where we place our hardware, we'll continue to partner with The Planet and continue to enjoy the excellent service we've become accustomed to.
View 14 Replies
View Related
Mar 30, 2008
There is a huge price difference between similar configs in all 3.. (hivelocity seems to be quiet cheap, comparitively)
what is the difference in quality levels can I expect?
If i have my own management, then which should i go with?
And anyone with an experience with all 3?
View 14 Replies
View Related
