aumedina 0 Report post Posted June 9, 2008 (edited) We own colegiodepediatria.com, official site for the Colegio de Pediatria de San Luis Potosí, a mexican medical association.I received at 1205 the following feedback in the site: Hey, just discovered that my VPS was compromised and did a google search to see if their were any other victims and I found out you are. http://forums.xisto.com/no_longer_exists/The above page showed some asian text. I contacted Xisto online help, which weren't able to help and told me to contact support. I wrote them and got the following answer:"We have checked your issue and found that site donsa.colegiodepediatria.com is hosted with us on other server under other user ownership.Server is not hacked and your domain colegiodepediatria.com is safe."And after I queried I didn't understood how somebody else could own a subdomain of our domain: "Hello Aldo, Its already owned by someone else and you are trying to create it now. You can verify the whois record on whois.domaintools.com for more information if its owned by someone else or you. Update us if any query. Thank you Ashley Support. Ticket Details Ticket ID: AFU-693904"Of course a whois for donsa.colegiodepediatria.com only shown information for colegiodepediatria.comA query to sales got me this answer: "I have forwarded this issue to our senior executive. You will receive a response in 12-16 hours, I am very sorry about the delay in action but we need to make sure that no one faces a loss here "And then nothing. The ticket was closed. donsa.colegiodepediatria.com disappeared. The problem has been solved, but we didn't get any answer from our hosting/domain company. This worries us, because we're talking about an important resource for our group.Will it happen again? Edited June 9, 2008 by aumedina (see edit history) Share this post Link to post Share on other sites
OpaQue 15 Report post Posted June 9, 2008 I checked your ticket and found this reply by Velma. Aldo,First of all let me apologize for this extreme delay, I know you are very frustrated as the issue was indeed a serious one and once more I hope you can forgive us for this mistake. This ticket was assigned to our Senior but as he was traveling, he was unable to reply to your ticket. I am sorry about that.Now coming to that sub domain, there was a slight glitch on the server in the matter of permissions therefore one user was able to create sub domains of accounts present on the server. Now none of the data was compromised. We immediately terminated the clients account along with the sub domains created.We have changed all the permissions so that users cannot see other domain names present on the server to prevent this issue. I hope you can accept an honest apology from me for the late response and the late action.Sincerely,VelmaSales Executive.Xisto - Web Hosting.com Share this post Link to post Share on other sites
aumedina 0 Report post Posted June 10, 2008 Thank you very much. Yes, I just received that message today at 4:07 am.That finally closes the problem. Thanks again. Share this post Link to post Share on other sites