ALL ART BURNS

It does, you know. You just have to get it hot enough.

Saturday, June 9, 2007

dreamhost got hacked

In case you haven’t heard, dreamhost got hacked.

The short of it is:
– dreamhost stores login passwords in the clear
– someone obtained a partial list of these passwords and use them to deface sites hosted at dreamhost.

You’ll see mention of “ftp account passwords” or “ftp passwords”, but dreamhost uses your webpanel login as your unix shell/ftp login. That means anyone can log into your shell and do anything they like or use an ftp program to do anything they like. In my case, the only thing that happened was all of my index.html/index.php files got trashed, so I should consider myself lucky or something.

One other thing: Don’t use your dreamhost login password anywhere else. Consider it compromised since it’s stored in the clear. (I’ll write more on password security at some point.)

In the meanwhile, I’m using the default style for the journal until I can restore everything from backups…

EDIT: I think I’ve restored everything, let me know if anything seems broken or is missing.

Technorati Tags: , ,

posted by jet at 11:23  

2 Comments »

  1. They added a checkbox to disable ftp access. But damn, this sucks. No weird wtmp entries so far, but I had been using the same ssh key there as elsewhere, which was… inconvenient. That’s fixed now, in case they snaked it.

    Comment by Howard Berkey — 2007/06/12 @ 23:10

  2. They seem to have stopped going up and down like a yoyo, but it sucked for a week or so there.

    Comment by Howard Berkey — 2007/07/01 @ 12:33

RSS feed for comments on this post. TrackBack URI

Leave a comment

Powered by WordPress