|
Admin
ForumCo Administrator
Éire
4092 Posts |
 Posted - 01/25/2003 : 22:10:26
|
Earlier today ECUI was the victim of an attack which resulted in the loss of service of a number of websites / servers. Below please find a message from ECUI explaining what happened. (I have blocked the email address and phone numbers for obvious reasons).
********************************************
January 25, 2003
To All Clients;
This morning at approximately 3:57 AM EST ECUi’s internal network began to flood with traffic and by 4:05 AM the network literally came to a halt. After about an hour of troubleshooting it was determined that an attack against several dozen clients’ unmanaged dedicated and co-located servers had been launched.
This attack was specifically targeted at those servers running Microsoft SQL Server 2000, and more specifically those operating in an unsecured fashion. As the cause of the problem was now isolated; ECUi’s technicians began the task of attempting to isolate which servers were actually the problem. Since the affected servers are unmanaged ECUi does not possess knowledge as to the applications running on them, therefore all unmanaged servers were required to be manually isolated and removed for the network.
Once the unmanaged servers were disconnected from the network normal operations resumed, leaving the task of actually isolating which servers were causing the problem. Servers were individually accessed via KVM and if the determination was that either they were not running SQL Server 2000, or that SQL Server 2000 was not be operated in an insecure manner (not properly patched) they were returned to an active state and placed back online. Completion of the actual isolation process and return to active status for those servers which were unaffected was at 7:44 AM EST.
Dedicated and co-located servers which are presently offline will remain offline until such time as their administrators have been in contact with ECUI’s staff and can provide assurance that their servers will “immediately” be updated to SQL Server 2000 Service Pack 3, which they may obtain directly from ECUi at: http://***HERE***DOTCOM****
We would like to apologize to each and every client for the inconvenience they have incurred due to this situation, and assure you that all shared SQL Server 2000 databases and files were unaffected and remain secure.
This incident will be reviewed by management at a special meeting first thing Monday morning with the following goals; determining best methods for handling isolation of unmanaged servers, possible internal scanning operations targeted to isolate unsecured servers and providing service interruption compensation to those clients who’s servers Virtual, Dedicated and Co-Located were not actually at cause.
Please be on watch for additional information sometime Monday, January 27, 2003 for additional details.
With our sincere apology,
J**** J*****
Customer Service Department
Electronic Communications Unlimited, Inc.
Microsoft Certified Solution Provider
You must be logged in to see this link.
(407) ***-****
|
Padraic,
ForumCo Support
www.forumco.com
Helpdesk Knowledgebase Rate ForumCo @ Hotscripts Rate ForumCo @ Cgi-Resources
Please provide:
* error messages * direct link to your forum * any possibly helpful information. |
 |
|
Topic Locked
