Stories
Slash Boxes
Comments

SoylentNews is people

Full Disclosure: SN Email Account Compromised

posted by NCommander on Monday May 18 2015, @10:00AM   Printer-friendly
from the standing-by-our-principles dept.

Normally, when I make a post on SoylentNews, it's to talk about some exciting new feature, our future, or something similar.

Unfortunately though, on rare occasions, I have to make announcements like this one. Sometime between May 12-13th, one of our email accounts was breached. The account ("test1") was left over from go live, over a year and half ago, and had a very weak password protecting it. We believe that an automated password guesser was able to find and access the account. Once breached, the account was used to send a significant amount of spam until we deleted the affected account on the 14th May 2015.

As a result of the compromise, several spam services have blacklisted our mail server; we're currently working to try and get ourselves cleared whenever we become aware of one of these blocks. We do not believe any user information or sensitive data was compromised; the account in question was simply a virtual dovecot account with no corresponding UNIX account attached to it.

mechanicjay was primarily responsible for handling this and cleaning up the mess, and I wish to personally thank him and the rest of the sysops team for their handling of this issue. We are looking at taking steps to prevent a reoccurence such as using fail2ban and the like. Unfortunately, most IDS systems like fail2ban are incompatible with IPv6 which we use extensively internally within our network.

A sysops meeting is being scheduled to discuss this and other changes we're making to the infrastructure.

I will update this article (or post a new one) with additional information should it become available,
NCommander

 
This discussion has been archived. No new comments can be posted.
Full Disclosure: SN Email Account Compromised | Log In/Create an Account | Top | 91 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 0) by Anonymous Coward on Monday May 18 2015, @07:13PM

    by Anonymous Coward on Monday May 18 2015, @07:13PM (#184736)

    Here are some bad mods that I saw recently:

    https://soylentnews.org/comments.pl?sid=7488&cid=184067 [soylentnews.org]: 0, Flamebait (it was incorrectly modded Troll too)

    https://soylentnews.org/comments.pl?sid=7488&cid=184045 [soylentnews.org]: 0, Offtopic (although it is completely on topic)

    https://soylentnews.org/comments.pl?sid=7488&cid=184071 [soylentnews.org]: 2, Flamebait

  • (Score: 0) by Anonymous Coward on Monday May 18 2015, @09:46PM

    by Anonymous Coward on Monday May 18 2015, @09:46PM (#184830)

    Agreeing with the posters' biases does not make downmoderations to it bad. As for that last one, there's nothing wrong there, thats an example of the community fixed a perceived bad mod; the rest are modded correctly.

    • (Score: 0) by Anonymous Coward on Monday May 18 2015, @11:19PM

      by Anonymous Coward on Monday May 18 2015, @11:19PM (#184871)

      They were all modded incorrectly. Whoever moderated them improperly like that should not be allowed to moderate again.

      • (Score: 0) by Anonymous Coward on Tuesday May 19 2015, @09:13AM

        by Anonymous Coward on Tuesday May 19 2015, @09:13AM (#184983)

        Whoever moderated them improperly like that should not be allowed to moderate again.

        I imagine a hell, fire, dark, Fox News on a TV you cannot turn off, and there, there, are posts on Soylent News that you cannot mod down, even though they are so blatantly wrong, both in fact and in tenor. You strive for the "troll" button, but the harder you strain, the further away it appears to be. No virgins. Hell, no furries. No nothing, and nothing to contribute. And then it hits you, you are not in Hell, you are just an AC on Soylent News, with no mod privileges. Or at least not enough of them. Oh, the suffering. If only someone, perhaps and admin, could feel your pain. But they never seem to care, because they know what you are here for. Godspeed, Improperly modded AC.

  • (Score: 4, Insightful) by Marand on Tuesday May 19 2015, @01:43AM

    by Marand (1081) on Tuesday May 19 2015, @01:43AM (#184909) Journal

    First one: probably should have been marked "offtopic" instead, but downmodding made sense. Flamebait still makes sense, though, because it reads as a deliberately inflammatory comment. Why else would it have "Shrillary" in there? That's no different than gewg's obsession with derogatory names to use in place of "Microsoft"

    Second: It's an article about diet and the AC is, instead, bitching about language semantics. Correctly modded offtopic. Sometimes you can get away with an offtopic or tangential remark like that, but it's a gamble. I've gotten my share of offtopic mods for the same sort of thing.

    Third: I don't get the flamebait mod there, but it's only showing "flamebait" on the side because none of the other mod types outnumbered it. Easily fixed by anybody with modpoints that wants to throw another mod on there.

    Overall, the system is working well enough. If you were willing to do something other than bitch in AC comments, like make an account, you could actually get the modpoints to fix it yourself. And, before you even try to weasel out of it, you can use an anonymous mailer like guerrillamail.com to sign up, and you can continue to post anonymously even after signing up.

    If you really care about the moderation, stop bitching and start fixing. I browse at -1 to fix abuses and upmod good AC comments; do you?