Saturday, July 31, 2010

Cloud Computing Gotchas

I've been using Rackspace cloud for testing some server builds and ESB solutions and recently ran into a "gotcha". First off, it looks like maybe the machine was compromised... I HOPE it was an inside job by one of my developer "friends" who happened to know the userid/password. If not, that means the default install of ubuntu 10.04, apache tomcat6, apache2.2, and servicemix is able to be compromised in less that 3 days when left out on the internet.

In any event, that particular problem notwithstanding, I now have a different problem... That is, rackspace has suspended my account and I cannot access my server, nor create another one until Monday. Thank god I was only using this machine to test things, I can't image what I would have done if I was actually depending on it to be running.

Another problem I'm finding is that I cannot find any reference on Rackspace's web site about acceptable use. They suspended the account for outbound ssh activity which is pretty silly considering any sane server admin uses ssh for EVERYTHING. I'm a little concerned because without ssh capability, I don't really have a good secure option to connect to any other server.

Worse yet, I cannot access my log files, server images, or any other information to try and discover what happened. While they claim "fanatical customer service", I'm a bit disappointed that I have to wait 48 hours to get information about a problem with legal implications. It seems like it would be pretty simple to let me see at LEAST my log files as well as get some information about WHO thinks I'm hacking. As it stands it sounds like all I need to do is call rackspace and complain and they will disable an account.

Wish me luck on Monday, I'm really curious about what actually happened here.

3 comments:

kr8tr said...

Mike, While I can't speak to the specifics of your account in a public nature like this (and don;t know the specifics, honestly), I did want to point you to the AUP and Terms of Service documents.

I'll see what I can do about this situation, but it may very well have to wait until tomorrow.

Rob La Gesse
Chief Disruption Officer
Rackspace Hosting
210-845-4440

kr8tr said...

Link didn't stick, so here it is again - http://www.rackspacecloud.com/legal

Rob

Cloud Hosting India said...

Hello,
Through cloud hosting, an organization can avail cost effective servers that are completely secure and possess load balance feature.

cloud hosting india