Stories
Slash Boxes
Comments

SoylentNews is people

posted by NCommander on Monday May 18 2015, @10:00AM   Printer-friendly
from the standing-by-our-principles dept.

Normally, when I make a post on SoylentNews, it's to talk about some exciting new feature, our future, or something similar.

Unfortunately though, on rare occasions, I have to make announcements like this one. Sometime between May 12-13th, one of our email accounts was breached. The account ("test1") was left over from go live, over a year and half ago, and had a very weak password protecting it. We believe that an automated password guesser was able to find and access the account. Once breached, the account was used to send a significant amount of spam until we deleted the affected account on the 14th May 2015.

As a result of the compromise, several spam services have blacklisted our mail server; we're currently working to try and get ourselves cleared whenever we become aware of one of these blocks. We do not believe any user information or sensitive data was compromised; the account in question was simply a virtual dovecot account with no corresponding UNIX account attached to it.

mechanicjay was primarily responsible for handling this and cleaning up the mess, and I wish to personally thank him and the rest of the sysops team for their handling of this issue. We are looking at taking steps to prevent a reoccurence such as using fail2ban and the like. Unfortunately, most IDS systems like fail2ban are incompatible with IPv6 which we use extensively internally within our network.

A sysops meeting is being scheduled to discuss this and other changes we're making to the infrastructure.

I will update this article (or post a new one) with additional information should it become available,
NCommander

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Monday May 18 2015, @12:59PM

    by Anonymous Coward on Monday May 18 2015, @12:59PM (#184494)

    I would suggest a "Show All" link right next to the "# comments" under each story, that would show all comments at -1. Should save some bandwidth.

    Note: Everyone doesn't like to login, or even have an account linking them to what they wrote.

  • (Score: 0) by Anonymous Coward on Monday May 18 2015, @01:05PM

    by Anonymous Coward on Monday May 18 2015, @01:05PM (#184502)

    This security incident shows that it's actually bad to have accounts. Accounts with passwords can be compromised. This can't happen if the account doesn't exist in the first place.