Slashdot Mirror

← Back to Stories (view on slashdot.org)

GoDaddy Wants Your Root Password

Posted by samzenpus on from the seems-fair dept.

Johnny Fusion writes "The writer of the Securi Security Blog had an alarming awakening when a honeypot on port 22 on a GoDaddy-hosted VPS recorded login attempts using his GoDaddy username and password and even an attempt to login as root. It turns out the attempt was actually from within GoDaddy's network. Before he could 'alert' GoDaddy about the security breach, he got an email from GoDaddy Demanding his root login credentials. There is an update where GoDaddy explains itself and says they will change policy."

4 of 236 comments (clear)

  1. They physically own the box by SpazmodeusG · · Score: 5, Insightful

    You already trust them 100% if you let them have access to your box

    /That sounded wrong somehow

  2. Re:Feature, not a bug. by Neil+Blender · · Score: 5, Insightful

    Why not just create an alternate account with sudo for them? Why give them root?

  3. I'd have thought it was obvious, but... by straponego · · Score: 5, Insightful

    Pro tip: never trust your domain or your business to a company who got its name from a Thrill Kill Kult song and advertises its services with soft-core porn.

  4. Re:Feature, not a bug. by lymond01 · · Score: 5, Insightful

    Why not just create an alternate account with sudo for them?

    If I had mod points, I'd bump you up. Your password is your password. Who knows what else a person uses that password for...trying to gain access by using it is tantamount to a phishing scheme. Get your own damn password.