Feeds

Oklahoma city threatens to call FBI over 'renegade' Linux maker

Our mistake is YOUR problem

Reducing the cost and complexity of web vulnerability management

The heartland turned vicious this week when an Oklahoma town threatened to call in the FBI because its web site was hacked by Linux maker Cent OS. Problem is CentOS didn't hack Tuttle's web site at all. The city's hosting provider had simply botched a web server.

This tale kicked off yesterday when Tuttle's city manager Jerry Taylor fired off an angry message to the CentOS staff. Taylor had popped onto the city's web site and found the standard Apache server configuration boilerplate that appears with a new web server installation. Taylor seemed to confuse this with a potential hack attack on the bustling town's IT infrastructure.

"Who gave you permission to invade my website and block me and anyone else from accessing it???," Taylor wrote to CentOS. "Please remove your software immediately before I report it to government officials!! I am the City Manager of Tuttle, Oklahoma."

Few people would initiate a tech support query like this, but these are dangerous times, and Taylor suspected the worst. (Er, but only the world's most boring hacker would break into a site and then throw up a boilerplate about how to fix the hack.)

CentOS developer Johnny Hughes jumped on the case and tried to explain the situation to Taylor.

"I feel sorry for your city," he replied in an e-mail. "CentOS is an operating system. It is probably installed on the computer that runs your website. . . . Please contact someone who does IT for you and show them the page so that they can configure your apache webserver correctly."

That response didn't go over so well.

"Get this web site off my home page!!!!! It is blocking access to my website!!!!~!," Taylor responded, clearly excited about the situation and sensing that Bin Laden was near.

Again, CentOS jumped in to try and explain some of the technical details behind the problem. It pointed Taylor to this page, saying it was the standard page for a web server and noted that it provides instructions on how to fix the problem. The CentOS staffer suggested that Taylor contact his service provider or have an administrator look into the issue.

That response didn't go over so well.

"Unless this software is removed I will file a complaint with the FBI," Taylor replied.

Later he added,

"I have four computers located at City Hall. All of these computers display the same CentOS page when attempting to bring up Tuttle-ok.gov. Now if your software is not causing this problem, how does it happen??? No one outside this building has complained about this problem. This is a block of public access to a city's website. Remove your software within the next 12 hours or an official complaint to the FBI is being filed!"

And later,

"I am computer literate! I have 22 years in computer systems engineering and operation. Now, can you tell me how to remove 'your software' that you acknowledge you provided free of charge? I consider this 'hacking.'"

After a few more exciting exchanges, CentOS managed to track down the problem for Taylor. It turns out that hosting provider Vidia Communications is running CentOS on some of its servers and had not configured the Tuttle web site properly. CentOS informed Taylor of the situation, and, a day later, Taylor had calmed down.

"The problem has been resolved by VIDIA who used to host the City website," he wrote. "They still provide cable service but do not host the website. The explanation was that they had a crash and during the rebuild they reinstalled the software that affected our website."

"I am sorry that we had to go through the process and accusations to get the problem resolved. It could have been resolved a lot quicker if the initial correspondence with you provided the helpful information that was transmitted in the last messages. My initial contact with VIDIA disallowed any knowledge of creating the problem."

Er, so despite the fact that CentOS went out of its way to figure out the problem for Tuttle, Taylor still places the blame on CentOS for not fixing the problem - that it didn't create - sooner. In addition, Taylor didn't really start off the whole process on the best foot despite Tuttle being a town "Where People Grow - Friendly!" Grow friendly, threaten to bring in the FBI at the drop of a hat - what's the difference?

As of this writing, one Tuttle web site still had not been fixed, although you can find the charming Tuttle man Taylor over here.

Taylor has yet to respond to our request for comment.

It seems that Tuttle has quite the hacking epidemic on its hands. The Tuttle Times newspaper's web site, for example, has had its Forum section cracked. Click at your own risk to see it or have a peek at our screen grab.

To see the full transcript of the web server war, travel over here. It's classic reading. ®

Beginner's guide to SSL certificates

More from The Register

next story
WRISTJOB LOVE BONANZA: justWatch sex app promises blind date hookups
Mankind shuffles into the future, five fingers at a time
Every billionaire needs a PANZER TANK, right? STOP THERE, Paul Allen
Angry Microsoftie hauls auctioneers to court over stalled Pzkw. IV 'deal'
Apple's Mr Havisham: Tim Cook says dead Steve Jobs' office has remained untouched
'I literally think about him every day' says biz baron's old friend
Flaming drone batteries ground commercial flight before takeoff
Passenger had Something To Declare, instead fiddled while plane burned
Cops apologise for leaving EXPLOSIVES in suitcase at airport
'Canine training exercise' SNAFU sees woman take home booming baggage
Oi, London thief. We KNOW what you're doing - our PRECRIME system warned us
Aye, shipmate, it be just like that Minority Report
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.