Preventing My Hosting Provider From Rooting My Server?

Preventing My Hosting Provider From Rooting My Server? 539

Posted by Soulskill on Saturday December 26, 2009 @01:25PM from the booby-traps dept.

hacker writes "I have a heavily-hit public server (web, mail, cvs/svn/git, dns, etc.) that runs a few dozen OSS project websites, as well as my own personal sites (gallery, blog, etc.). From time to time, the server has 'unexpected' outages, which I've determined to be the result of hardware, network and other issues on behalf of the provider. I run a lot of monitoring and logging on the server-side, so I see and graph every single bit and byte in and out of the server and applications, so I know it's not the OS itself. When I file 'WTF?'-style support tickets to the provider through their web-based ticketing system, I often get the response of: 'Please provide us with the root password to your server so we can analyze your logs for the cause of the outage.' Moments ago, there were three simultaneous outages while I was logged into the server working on some projects. Server-side, everything was fine. They asked me for the root password, which I flatly denied (as I always do), and then they rooted the server anyway, bringing it down and poking around through my logs. This is at least the third time they've done this without my approval or consent. Is it possible to create a minimal Linux boot that will allow me to reboot the server remotely, come back up with basic networking and ssh, and then from there, allow me to log in and mount the other application and data partitions under dm-crypt/loop-aes and friends?" Read on for a few more details of hacker's situation.

"With sufficient memory and CPU, I could install VMware and run my entire system within a VM, and encrypt that. I could also use UML, and try to bury my data in there, but that's not encrypted. Ultimately, I'd like to have an encrypted system end-to-end, but if I do that, I can't reboot it remotely without entering the password at boot time. Since I'll be remote, that's a blocker for me.

What does the Slashdot community have for ideas in this regard? What other technologies and options are at my disposal to try here (beyond litigation and jumping providers, both of which are on the short horizon ahead)."

Preventing My Hosting Provider From Rooting My Server?

This discussion has been archived. No new comments can be posted.

Search 539 Comments Log In/Create an Account

Comments Filter:

Just.. (Score:5, Funny)

by roblarky ( 1103715 ) writes: on Saturday December 26, 2009 @01:29PM (#30556774)

Be sure to stun them as soon as they start casting it.

Tough question... (Score:5, Funny)

by couchslug ( 175151 ) writes: on Saturday December 26, 2009 @02:00PM (#30557006)

"How do I turn a whore into a housewife?"
Some things are only solved by replacment.

Re:Tough question... (Score:1, Funny)

by Anonymous Coward writes: on Saturday December 26, 2009 @02:49PM (#30557354)

How do I turn a whore into a housewife?"
Some things are only solved by replacment.
The beatings will continue until the cooking improves!
Note: No whores or housewives were harmed in the writing of this post. Please do not try this at home. Any and all beatings should be administered by a trained professional with medical help standing by.

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Preventing My Hosting Provider From Rooting My Server? 539

Preventing My Hosting Provider From Rooting My Server? More Login

Preventing My Hosting Provider From Rooting My Server?

Just.. (Score:5, Funny)

Tough question... (Score:5, Funny)

Re:Tough question... (Score:1, Funny)

Related Links Top of the: day, week, month.

Slashdot Top Deals

Slashdot