Linoded compromised for "Outbound DoS" - Need to R
Linode then asked me to redeploy. However, I had a programmer set up my linode initially (this was over 2 years ago), and I do not feel comfortable doing it myself.
Would someone give me a hand? I need my linode for several wordpress blogs and had virtualmin and webmin installed (I know these two to handle simple mysql issues, etc.).
Can someone find out who compromised my linode? I am somewhat reluctant to foot the bill for damages caused by someone else.
I hope I can find help here. Thanks for your comments, guys.
7 Replies
No clue - that thread states he's fair, quick, and reliable - none of which I can personally vouch for (not having ANY OTHER knowledge of that person except for that thread).
He'll charge what he charges - it's up to you to decide if it's worth it TO YOU or not.
If you can't afford (or are unwilling) to farm out sysadmin stuff, then it's best to roll up your sleeves and learn the basics yourself. It's not rocket science (although hardening a server seems to be something you really REALLY need to work on).
Also, learn to BACKUP! If you had a backup (i.e. bare metal recovery) we wouldn't be having this conversation.
Documenting a bare metal recovery is a standard practice for any server admin.
@linqueue:
I do have backups (by linode), however they told me that I still need to redeploy. They have shut off my vps temporarily and I have since experienced damages from lost income and advertising efforts and expenses which cannot be paused temporarily.
No offense but:
1) Where's your original programmer?
2) If he's gone, get him back.
3) If this is a money making venture, you need a sysadmin to deal with things like this. No, not your 16 year old nephew, or that "geek kid next door".
4) Learn how things work, yourself, so you don't need #3 anymore.
> 1) Where's your original programmer?
In India
> 3) If this is a money making venture, you need a sysadmin to deal with things like this. No, not your 16 year old nephew, or that "geek kid next door".
Makes a few hundred $ a month, not much.
> 4) Learn how things work, yourself, so you don't need #3 anymore.
I will put my best foot forward in learning things myself. As for the time being, getting the sites back up as soon as possible is my priority.
@linqueue:
Can someone find out who compromised my linode? I am somewhat reluctant to foot the bill for damages caused by someone else.
I doubt you'll be able to find out "who" as in Joe Bloggs, but you might be able to find an IP address, then email the abuse@serviceprovider and pray they do something.
Do you have any idea how it was compromised, what's running on the server?