Oct 9, 2006

reverse.layeredtech.com snoopy v1.2.3 Abuse

POST HTTP/1.0
snoopy v1.2.3
72.232.60.162 162.60.232.72.reverse.layeredtech.com

This bot came in using snoopy and tried to post 6 loads of spam to the blog.
A legit snoopy agent would never post to your blog. Because the latest spam bots have started using the snoopy useragent it is now banned.


layeredtech.com is not a ISP its a hosting company where abusers are setting up bots to abuse websites. The domain needs to be added to the domain ban list.


reverse.layeredtech.com,unknown bots

1 comment:

chad gray said...

Layeredtech Important Security UPDATE!!!

-----------------------------------

Just got off the phone, with Layeredtech guys and they still trying to push the problem to us as a Self managed problem when in reality its clearly THERE problem. Layeredtech sent out a notice I have attached it to the bottom of this message below.. Well I for one got hit hard on this one and started calling other hosting companies and found Server Beach is more then willing to step up and make an offer to help anyone in the same situation we were in.

I talked to Roger Gonzales who is a Sales Manager at Server Beach and explained our problem and asked if he could help us move from Layeredtech and he offered to give us 30% a new server if we choose them as a deal to those effected by this security breach or who has had it with layered tech not taking proper responsibility in this and admitting there mistakes.

After we did that about 15 of our friends who also host at layered tech wanted the same deal, so here it is in case others wanted to follow suit remember you will have to provide a invoice from layeredtech for the 30% off deal, and contact

Roger Gonzales
(Reference CHAD GRAY = Layered tech problem)
Sales Manager
ServerBeach
A Peer 1 Company
1-800-741-9939 Option 3
T: 210.798.4418
Roger@ServerBeach.com

Or

If you do not have a Layeredtech invoice then you can put in this referral code J76QAET8MR to get a discount

but I would advise you call Roger and explain you read this, and that you are a customer of layered tech to make sure he knows you suffered too cause 30% off a full server setup is pretty good deal we happened to get more server for our money on this, so there is a sliver lining to this cloud layeredtech did.

this is really ashame, I really liked Layeredtech and been with them for many years but with there massive price hike and not taking credit for there clear lack of security and blaming it on us…not securing our private information that’s enough to warrant us to move or seek a new provider. There is also a LARGE chance our credit cards were accessed in this breach of the help desk script, layeredtech was using. God only knows what other info had been stolen. We not taking a chance and we moving…

Good luck to all,

Chad

——————————————————————-

Dear Layered Tech Customer ~

As a result of a routine internal security analysis, a vulnerability was detected which allowed certain communications between the Layered Tech help desk and clients to be vulnerable to interception. While normal help desk communications are not a source of concern, occasionally LT clients submit unencrypted passwords via e-mail or the help desk ticketing system which could result in unauthorized system access by 3rd parties.

As a result, we strongly advise all customers to take proactive measures and change user and system credentials.

Given the overall industry rise in security issues, it is best to err on the side of caution and maintain robust security procedures. Layered Tech also recommends the following security practices:

1) Always change passwords after sharing them via e-mail, or upon receipt of new system login details.
2) Ensure that you have a defined interval for password changes (every 30, 60, or 90 days)
3) Disable/remove non-essential applications, services, and user accounts
4) Set regular maintenance intervals to update core applications and kernels, to address known security issues
5) Change default ports for administration and remote access to non-standard so they are not easily identifiable

We value your business, and will continue working diligently to safeguard against any future vulnerabilities. Please note that SSL is now required to access the LT help desk system. Clients who are unable to gain access to the system should contact our Client Services team.

Should further information become available following our extensive security review and analysis, we will update you.

Thank you,

Layered Tech, Client Services