Stories
Slash Boxes
Comments

SoylentNews is people

posted by NCommander on Monday May 18 2015, @10:00AM   Printer-friendly
from the standing-by-our-principles dept.

Normally, when I make a post on SoylentNews, it's to talk about some exciting new feature, our future, or something similar.

Unfortunately though, on rare occasions, I have to make announcements like this one. Sometime between May 12-13th, one of our email accounts was breached. The account ("test1") was left over from go live, over a year and half ago, and had a very weak password protecting it. We believe that an automated password guesser was able to find and access the account. Once breached, the account was used to send a significant amount of spam until we deleted the affected account on the 14th May 2015.

As a result of the compromise, several spam services have blacklisted our mail server; we're currently working to try and get ourselves cleared whenever we become aware of one of these blocks. We do not believe any user information or sensitive data was compromised; the account in question was simply a virtual dovecot account with no corresponding UNIX account attached to it.

mechanicjay was primarily responsible for handling this and cleaning up the mess, and I wish to personally thank him and the rest of the sysops team for their handling of this issue. We are looking at taking steps to prevent a reoccurence such as using fail2ban and the like. Unfortunately, most IDS systems like fail2ban are incompatible with IPv6 which we use extensively internally within our network.

A sysops meeting is being scheduled to discuss this and other changes we're making to the infrastructure.

I will update this article (or post a new one) with additional information should it become available,
NCommander

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by NCommander on Tuesday May 19 2015, @05:43AM

    by NCommander (2) Subscriber Badge <michael@casadevall.pro> on Tuesday May 19 2015, @05:43AM (#184936) Homepage Journal

    Relatively few FOSS projects seem to use the database layer for business logic. The odds if/when I get to it, I can remove 30k LOC or so from the DB layer into smaller stored procedures ....

    --
    Still always moving
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2