Server 9 Emergency Maintenance Update

Bookmark and Share

This is to note that the emergency security audit is still on going.

I would like to stress again, please refrain from opening tickets related to server9.

I would like to also make it clear that this security audit is indeed extremely important and urgent. Intermittent downtime is expected until we have the issue resolved.

The issue more specifically is that we have reason to believe that a kernel exploit has resulted in the kernel becoming infected with malicious code.

Fortunately, no serious or noticable damage has been done. We have techs onsite working on this as well as majority of our resources diverted in resolving this issue.

Customers are urged to remain calm and patient (I understand that is easier said than done), but we are working actively on this issue and will be working through the night till the early hours of the morning, probably even for the rest of the day.

All data is intact and secure, there is no reason for alarm at this time as the situation is contained. That said I would like to remind all customers we do have offsite backups of all your data, in addition to secondary weekly backups and we will be making backups of those backups too. I honestly doubt we will even need those backups as apart from an infected kernel, nothing else is affected.

The downtime is due to us recompiling new kernels and also needing to boot the server into a live cd to secure to perform the necessary audit without any possible infected files interfering.

All of the measures we are taking right now are actually more of being pre-cautionary measures as all security issues are taken very seriously.

This entry was posted on Thursday, June 12th, 2008 at 12:14 am and is filed under Announcements. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.