No. Not with them. The thing is, with the case of Network Solutions, is that from what I've read it was the result of remote file inclusion (RFI). How is it they have to take the fall for that. Granted if it happened on a shared server it shouldn't have infected hundreds of websites on that same server, but, from what I know, RFI attacks are typically the result of bad programming.
Thomas J. Raef e-Based Security "You're either hardened or you're hacked!" We Watch Your Website "We Watch Your Website - so you don't have to." > -----Original Message----- > From: Burian, Matthew J. [mailto:[email protected]] > Sent: Wednesday, January 20, 2010 4:37 PM > To: Thomas Raef > Cc: funsec > Subject: Re: [funsec] Network solutions admits to "few hundred" > defacements > > I had a similar issue with some of my clients sites that were hosted > with InMotion Hosting (http://www.inmotionhosting.com) several months > ago. I was not sure if it was a breach of the companies servers, or > insecure credentials on the part of the client. About 100 lines of > identical text including links to various bogus online pharmacy > websites was injected into each HTML file. Anyone heard anything > about this? > > Matt Burian | IT Consultant > Burian Information Technology, LLC. > > > On Tue, Jan 19, 2010 at 10:48 AM, Thomas Raef > <[email protected]> wrote: > > http://blog.networksolutions.com/2010/update-web-site-defacement- > issue/ > > > > > > > > "We have discovered the cause of a limited attack on websites hosted > on > > Network Solutions Unix servers where a few hundred sites were > affected. > > Hackers were able to add a file displaying illegitimate content on > top of > > the customer website content. This was an issue on multiple servers > and > > unknown intruders were able to get through by using a file inclusion > > technique. There was no danger to any personally identifiable or > secure > > information." > > > > > > > > Thomas J. Raef > > > > e-Based Security > > > > "You're either hardened or you're hacked!" > > > > We Watch Your Website > > > > "We Watch Your Website - so you don't have to." > > > > > > > > _______________________________________________ > > Fun and Misc security discussion for OT posts. > > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > > Note: funsec is a public and open mailing list. > > _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
