Feeds

Oklahoma city threatens to call FBI over 'renegade' Linux maker

Our mistake is YOUR problem

Combat fraud and increase customer satisfaction

The heartland turned vicious this week when an Oklahoma town threatened to call in the FBI because its web site was hacked by Linux maker Cent OS. Problem is CentOS didn't hack Tuttle's web site at all. The city's hosting provider had simply botched a web server.

This tale kicked off yesterday when Tuttle's city manager Jerry Taylor fired off an angry message to the CentOS staff. Taylor had popped onto the city's web site and found the standard Apache server configuration boilerplate that appears with a new web server installation. Taylor seemed to confuse this with a potential hack attack on the bustling town's IT infrastructure.

"Who gave you permission to invade my website and block me and anyone else from accessing it???," Taylor wrote to CentOS. "Please remove your software immediately before I report it to government officials!! I am the City Manager of Tuttle, Oklahoma."

Few people would initiate a tech support query like this, but these are dangerous times, and Taylor suspected the worst. (Er, but only the world's most boring hacker would break into a site and then throw up a boilerplate about how to fix the hack.)

CentOS developer Johnny Hughes jumped on the case and tried to explain the situation to Taylor.

"I feel sorry for your city," he replied in an e-mail. "CentOS is an operating system. It is probably installed on the computer that runs your website. . . . Please contact someone who does IT for you and show them the page so that they can configure your apache webserver correctly."

That response didn't go over so well.

"Get this web site off my home page!!!!! It is blocking access to my website!!!!~!," Taylor responded, clearly excited about the situation and sensing that Bin Laden was near.

Again, CentOS jumped in to try and explain some of the technical details behind the problem. It pointed Taylor to this page, saying it was the standard page for a web server and noted that it provides instructions on how to fix the problem. The CentOS staffer suggested that Taylor contact his service provider or have an administrator look into the issue.

That response didn't go over so well.

"Unless this software is removed I will file a complaint with the FBI," Taylor replied.

Later he added,

"I have four computers located at City Hall. All of these computers display the same CentOS page when attempting to bring up Tuttle-ok.gov. Now if your software is not causing this problem, how does it happen??? No one outside this building has complained about this problem. This is a block of public access to a city's website. Remove your software within the next 12 hours or an official complaint to the FBI is being filed!"

And later,

"I am computer literate! I have 22 years in computer systems engineering and operation. Now, can you tell me how to remove 'your software' that you acknowledge you provided free of charge? I consider this 'hacking.'"

After a few more exciting exchanges, CentOS managed to track down the problem for Taylor. It turns out that hosting provider Vidia Communications is running CentOS on some of its servers and had not configured the Tuttle web site properly. CentOS informed Taylor of the situation, and, a day later, Taylor had calmed down.

"The problem has been resolved by VIDIA who used to host the City website," he wrote. "They still provide cable service but do not host the website. The explanation was that they had a crash and during the rebuild they reinstalled the software that affected our website."

"I am sorry that we had to go through the process and accusations to get the problem resolved. It could have been resolved a lot quicker if the initial correspondence with you provided the helpful information that was transmitted in the last messages. My initial contact with VIDIA disallowed any knowledge of creating the problem."

Er, so despite the fact that CentOS went out of its way to figure out the problem for Tuttle, Taylor still places the blame on CentOS for not fixing the problem - that it didn't create - sooner. In addition, Taylor didn't really start off the whole process on the best foot despite Tuttle being a town "Where People Grow - Friendly!" Grow friendly, threaten to bring in the FBI at the drop of a hat - what's the difference?

As of this writing, one Tuttle web site still had not been fixed, although you can find the charming Tuttle man Taylor over here.

Taylor has yet to respond to our request for comment.

It seems that Tuttle has quite the hacking epidemic on its hands. The Tuttle Times newspaper's web site, for example, has had its Forum section cracked. Click at your own risk to see it or have a peek at our screen grab.

To see the full transcript of the web server war, travel over here. It's classic reading. ®

Top three mobile application threats

More from The Register

next story
Och aye! It's the Loch Ness Monster – but only Apple fanbois can see it
Fondleslab-friendly beastie's wake spotted... OR WAS IT?
Japanese boffin EYES up big bucks with strap-on digi-glasses
AgencyGlass saddles user with creepy OLED display
Sleuths find nosy NORKS drones on the Chinternet
UAVs likely to have been made in the Middle Kingdom
Spanish village called 'Kill the Jews' mulls rebranding exercise
Not exactly attractive to the Israeli tourist demographic
Dorian Nakamoto gets $23,000 payout over Bitcoin invention saga
Maintains he didn't create cryptocurrency, but will join community
Pirate Bay's 10 millionth upload: Colour us shocked, a SMUT FLICK
P2P badboys show online piracy is alive and humping
Teen girl arrested with 70-year-old man's four inch weapon inside her
Charged with introducing .22 snubbie to penile facility. It wasn't firing blanks
Oz bank in comedy Heartbleed blog FAIL
Bank: 'We are now safely patched.' Customers: 'You were using OpenSSL?'
Forget the beach 'n' boardwalk, check out the Santa Cruz STEVE JOBS FOUNTAIN
Reg reader snaps shot of touching tribute to Apple icon
prev story

Whitepapers

Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.