Skip to content

Confundiendo la instalación Apache por defecto con una intrusión

Publicado por Sergio Hernando el 27 marzo 2006

La necedad de más de uno no tiene límites.

El último necio de la lista es una especie de administrador del sistema de un pueblo llamado Tuttle, Oklahoma, D. Jerry Taylor, que tras visualizar una instalación por defecto de Apache en una distribución CentOS efecutada en los servidores municipales, confundió la página mostrada con un ataque al sitio web.

A continuación el intercambio de mensajes entre Jerry Taylor, y Johnny Hughes, jefe de desarrollo de CentOS 4. Es un intercambio largo, pero es digno de ser leído :)

Memorable el mensaje intermedio de Hughes en el que pone CC al alcalde de la ciudad. ¿Qué habrá pensado al ver todo este embrollo? Notar que Jerry Taylor acredita tener "22 años de experiencia en TI". Sin duda, se ha hecho famoso por su ignorancia.

El tono amenazante incluye amenaza de aviso al FBI y a las autoridades. No tiene desperdicio.

Un saludo :)

Thu, 23 Mar 2006 00:52:58 +0000 (Wed, 18:52 CST)
Jerry A. Taylor submitted the following Information:
Email xxxxxxx
Company City of Tuttle
Location Oklahoma
Comments

Who gave you permission to invade my website and block me and anyone else from accessing it???
Please remove your software immediately before I report it to government officials!!
I am the City Manager of Tuttle, Oklahoma.

-----------------------------------------------

From: Johnny Hughes
To: Jerry A. Taylor
Subject: Re: www.centos.org - Contact Us Form
Date: Wed, 22 Mar 2006 18:59:18 -0600

I feel sorry for your city.

CentOS is an operating system. It is probably installed on the computer
that runs your website.

We hope you are happy with it, since we produced it for free and you are
able to use it without paying us ... and are even threatening to have us
arrested for providing to you free of charge.

Please contact someone who does IT for you and show them the page so
that they can configure your apache webserver correctly.

Thanks,
Johnny Hughes,
CentOS 4 Lead Developer

-----------------------------------------------

From: Jerry A. Taylor
To: CentOS Web Site
Subject: www.centos.org - Contact Us Form
Date: Thu, 23 Mar 2006 18:58:31 +0000 (12:58 CST)

Jerry A. Taylor submitted the following Information:
Email xxxxx
Company City of Tuttle
Location Oklahoma
Comments

Get this web site off my home page!!!!!
It is blocking access to my website!!!!~!

-----------------------------------------------

From: Johnny Hughes
To: Jerry A. Taylor
Subject: Re: www.centos.org - Contact Us Form
Date: Thu, 23 Mar 2006 13:45:37 -0600

It is not a website ... it is the operating system.

I would be glad to help you configure your webserver.

Do you own the machine that your web site is on, or is it at a hosting
provider.

If it is at a provider, they need to properly configure their webserver.

If it is on your machine, your apache needs to be properly configured.

I am assuming that you are seeing a page that looks like this:

http://centos.hughesjr.com/testing/noindex_new.html

If so, it tells you exactly what needs to be done to fix the problem.
If your server is at a provider location, they should be able to fix it
if you tell them about the issue.

We didn't DO ANYTHING ... that is what the default apache setup looks
like if you are running our operating system (CentOS). So how your
configuration file has been replaced by the default one ... that is not
something that we can do, it is something that might have been done by
the administrator of the machine.

IF you are not sending these e-mails via the CentOS.org homepage, please
reply to this e-mail so that I will know that.

Thanks,
Johnny Hughes
CentOS-4 Lead Developer

-----------------------------------------------

From: Jerry.Taylor
To: Johnny Hughes
Subject: Re: www.centos.org - Contact Us Form
Date: Thu, 23 Mar 2006 13:54:24 -0600

I do not want this software!!!! This is the City of Tuttle, Oklahoma. Get rid of this software!!!!!
Second notice!

-----------------------------------------------

From: Jerry.Taylor
To: Johnny Hughes
Subject: Re: www.centos.org - Contact Us Form
Date: Thu, 23 Mar 2006 13:58:23 -0600

Johnny,
Unless this software is removed I will file a complaint with the FBI.

-----------------------------------------------

From: Johnny Hughes
To: Jerry.Taylor
Subject: Re: www.centos.org - Contact Us Form
Date: Thu, 23 Mar 2006 14:18:06 -0600

Jerry,

I/We didn't install any software ... I am trying to tell you that.

I am asking you as nicely as I possible can to explain what the problem is.

I have tried to explain to you what CentOS is.

It is an operating system ... a version of linux.

It does not install itself ... it requires someone to install it.

If you will not let me help you, or at least talk to someone who knows
what Linux is, then you will look like an idiot.

Your choice.

Thanks,
Johnny Hughes

-----------------------------------------------

From: Johnny Hughes
To: Jerry.Taylor
Subject: Re: www.centos.org - Contact Us Form
Date: Thu, 23 Mar 2006 14:46:40 -0600

Mr. Taylor,

My name is Johnny Hughes, I am a software engineer and I am a developer
of CentOS. I live in Corpus Christi, Texas.

I have been published in several magazines ... here is my latest
article:

http://www.linux-magazine.com/issue/65

http://www.linux-magazine.com/issue/65/CentOS_4.2.pdf

CentOS is a legitimate operating system ... that is what it is. It is
like Microsoft Windows, RedHat Linux, or Apple OSX ... It is not
possible that it was installed without operator action. I have no idea
what you think has happened, nor what has given you the idea that the
CentOS Project is involved in any way.

CentOS is not spyware, it is not spam. It does not take over websites.

If you will not let me help you, find someone you know who is computer
literate and has heard of Linux to look at your problem. I am trying
very, very hard to save you from great embarrassment.

You may certainly call the FBI if you want. I may call some law
enforcement agency or attorney myself if you don't stop throwing around
accusations and stop threatening me without just cause.

Please, for the love of God, either let me help you or talk to a
computer administrator who can help you with your problem.

Thank You,
Johnny Hughes
CentOS-4 Lead Developer

-----------------------------------------------

From: Jerry.Taylor
To: Johnny Hughes
Subject: Re: www.centos.org - Contact Us Form
Date: Thu, 23 Mar 2006 15:15:17 -0600

I have four computers located at City Hall. All of these computers display
the same CentOS page when attempting to bring up Tuttle-ok.gov. Now if your
software is not causing this problem, how does it happen??? No one outside
this building has complained about this problem. This is a block of public
access to a city's website. Remove your software within the next 12 hours or
an official complaint to the FBI is being filed!

Third correspondence to this location.

-----------------------------------------------

From: Jerry.Taylor
To: Johnny Hughes
Subject: Re: www.centos.org - Contact Us Form
Date: Thu, 23 Mar 2006 15:50:33 -0600

Johnny,
This a message to notify you that your webpage has blocked an "Official"
website that is used to provide public information regarding City Council
meetings including notifying the public of the agendas. Failure to provide
the agendas on the City's website is a violation of the open records act of
Oklahoma. You claim no responsibility but the city did not subscribe to your
software and the city did not authorize you to display it when the city's
website is selected.

You have officially been notified and given an opportunity to correct the
situation without legal intervention. The rest is up to you!
Jerry

-----------------------------------------------

From: Johnny Hughes
To: Jerry.Taylor
Cc: mayor of Tuttle
Subject: Re: www.centos.org - Contact Us Form
Date: Thu, 23 Mar 2006 18:34:18 -0600

Mr. Taylor

Stop with the FBI already. If CentOS is on the computers, it was
installed there by someone who controls the computer.

Who installed the operating system on those computers? Who is the
administrator of the computers and have you contacted them?

If the operating system that is installed on the computers is CentOS,
then it was installed by the administrator if the computer.

Are you not understanding what I am writing?

Please talk to the person who controls the computers ... or give me a
name and an e-mail address and I will talk to them.

If someone who is computer literate doesn't take care of this situation
I will be forced to send these ridiculous e-mails to your local media.
I'm sure they will be able to understand what I am trying to tell you.

Please, I have asked you at least 3 times to have your administrator,
the person who installed the operating system on those computers, to
look at them.

Thank you,
Johnny Hughes

-----------------------------------------------

From: Johnny Hughes
To: Jerry.Taylor
Cc: mayor of Tuttle
Subject: Re: www.centos.org - Contact Us Form
Date: Thu, 23 Mar 2006 18:38:46 -0600

We don't display anything ... you have yet to even tell me the name of
the webserver in question.

I am very tired of your threats when you have yet to even show me what
your problem is.

You obviously do not understand what I am trying to tell you, is there
no one on the city council or in your building who understands what an
operating system is.

If you would like me to help the administrator of the computers in
question, I would be happy to. However, we did not install anything,
anywhere.

-----------------------------------------------

From: Jerry.Taylor
To: Johnny Hughes
Subject: Re: www.centos.org - Contact Us Form
Date: Thu, 23 Mar 2006 18:58:24 -0600

Johnny,
I have contacted the City's network administrator wnd he has done nothing to
install your CentOS software. I have contacted our Internet provider and
they know nothing about your software. I am computer literate! I have 22
years in computer systems engineering and operation. Now, can you tell me
how to remove "your software" that you acknowledge you provided free of
charge? I consider this "hacking". I have no fear of the media, in fact I
welcome this publicity.
Just correct this problem and leave this system alone in the future.

Jerry

-----------------------------------------------

From: Johnny Hughes
To: Jerry.Taylor
Cc: mayor of Tuttle
Subject: Re: www.centos.org - Contact Us Form
Date: Thu, 23 Mar 2006 19:08:05 -0600

Mr. Taylor,
Even though I have repeatedly asked you to contact your service provider
or your network administrator, you have persisted to instead harass me.
I have repeatedly offered to help you fix your issue, if you would just
provide me with information. You have chosen neither provide me with
information or contact your hosting provider ... so I decided to see if
I could find some of the information myself.

I found the website that you are having problems with by looking at
http://www.Tuttle-OK.gov/ and I saw an e-mail address of
cityoftuttle.org ... so I went to www.cityoftuttle.org and I see the
problem.

As I tried to explain to you before, that page is displayed when the
webserver in question is not properly configured.

The IP address that is returned from a name lookup of
www.cityoftuttle.org is 65.77.67.7. That is the IP address of your
server.

Doing more research, I have found that the site in question is hosted by
Vidia Communications. If you look at this page

http://uptime.netcraft.com/up/graph/?host=www.vidiacom.com

you will plainly see that Vidia Communications uses CentOS as the
operating system for their server.

So, though I have told you again and again that you need to contact your
service provider and tell them of your problem, you obviously would
rather threaten me and my group.

Now, for the last time ... contact your web server provider, Vidia
Communications, and tell them that they have a misconfiguration on the
server that they are hosting your website on.

While you are at it, why don't you ask Vidia Communications why it is
that they choose CentOS to host your webserver on.

So you see Mr. Taylor, you ARE using my free operating system to run
your website, you are doing so by choice, it is a configuration error by
the person who choose to install the software and if you would have done
what I asked you to your website would have been up by now.

Let me conclude by saying that it is very hard for me NOT to send this
e-mail and all the other correspondence between you and I to
http://www.tuttletimes.com/

I will not do so, even though I really do want to.

Thank you,
Johnny Hughes

-----------------------------------------------

From: Johnny Hughes
To: Jerry.Taylor
Subject: Re: www.centos.org - Contact Us Form
Date: Thu, 23 Mar 2006 19:20:11 -0600

Mr. Taylor,

If there are other servers besides the one I already found ... If you
provide me the names, I'll be happy to tell you who the provider is for
them as well.

Johnny Hughes

-----------------------------------------------

From: Jerry.Taylor
To: Johnny Hughes
Subject: Re: www.centos.org - Contact Us Form
Date: Fri, 24 Mar 2006 11:36:42 -0600

Johnny,
The problem has been resolved by VIDIA who used to host the City website.
They still provide cable service but do not host the website. The
explanation was that they had a crash and during the rebuild they
reinstalled the software that affected our website.

I am sorry that we had to go through the process and accusations to get the
problem resolved. It could have been resolved a lot quicker if the initial
correspondence with you provided the helpful information that was
transmitted in the last messages. My initial contact with VIDIA disallowed
any knowledge of creating the problem.

Jerry

-----------------------------------------------

From: Johnny Hughes
To: Jerry.Taylor
Subject: Re: www.centos.org - Contact Us Form
Date: Fri, 24 Mar 2006 11:49:15 -0600

Jerry,

I asked time and again for the name of the web server administrator or
the website so that I could help you.

I did the extra research on my own to figure it out for myself when I
was not provided any of that information by you.

I also tried very hard to convince you that the problem had to be caused
on the web server and that CentOS could not possibly be installed by
accident or in anyway take over a website.

You will notice that in my first and second e-mails, I spell out exactly
how to fix the problem and who should be contacted.

Any administrator should have been able to use nslookup, dig and whois
to figure out the problem, which had absolutely nothing to do with
CentOS.

I am glad that you got the problem fixed.

Thanks,
Johnny Hughes

Be Sociable, Share!

Categoría/s → Freestyle, Seguridad

6 comentarios
  1. 27 marzo 2006

    Y eso que el tal “Jerry Taylor” tiene 22 años de experiencia con ordenadores, que si no…

  2. 27 marzo 2006

    Por cierto, comentan el tema en Barrapunto también, me di cuenta después de publicar el post:

    http://barrapunto.com/article.pl?sid=06/03/27/120234&mode=thread

    Felipe, ¿estás de huelga en tu blog? Veo poco movimiento en tus RSS …

  3. 28 marzo 2006
    Jocker permalink

    Hubiera sido más curioso aún que el tío buscase por internet… a ver cuántas réplicas de su página se encontraba :D

  4. 28 marzo 2006

    Ultimamente tengo muchísimo trabajo. Entre los cursos, y una migración que estamos llevando a cabo para un cliente de Windows a Linux, casi no me queda casi tiempo para nada :-(.

    Tengo un par de cosas pendientes por escribir, aunque no están relacionadas con la seguridad, como la instalación de Cyrus IMAPD y su integración con Postfix :-) A ver cuándo saco un hueco y escribo.

  5. 28 marzo 2006

    Esto me recuerda a lo que le pasó al desarrollador de thttpd XDDD

    http://www.acme.com/software/thttpd/repo.html

  6. 2 abril 2006

    Si es que hay cada uno por ahí suelto… XD

Escribir un comentario

Note: XHTML permitido. Tu email nunca será publicado.

Suscribirse a los comentarios via RSS