New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
SolusVM Audit Update
ShardHostSarah
Member
in General
Internal audit will be completed Monday. On Monday it is my understanding an external audit will begin with an aim to attain certification.
Comments
"no news is good news" really? I was hoping for lots of news of lots of fixes.
As we all know, there is no evidence of any vulnerability in solus code, they write perfect code, nothing changed.
Nothing to worry about then.
Wow this is taking too long. I know its hard but im sure they have the funds to speed it overtime.
I feel bad for all of Solus' customers.
Silly me thinking this was an external audit.
External audit is meant to be starting Monday with a view to get the code certified
Sure taking there time
They're just making sure everything's okay so this won't happen again, patience guys.
Who has faith?
They have far too large of a client base to make more mistakes and these things take time. While they now have a diminished reputation, I think they will get back on track soon enough.
Certified by who?
An external security audit sounds all good and everything, but it doesn't fix bad programming and stubbornness.
They sell a product and have decided to audit it.
Can you dead horse kickers just wait for the audit to come out before resuming kicking the dead horse?
I think the horse is still alive @doughmanes
Many providers anxiously await additional information.
Would you even trust their audit? I wouldnt
@bdtech which is why they are doing one and then an external one is being done from what I heard.
So, as I said, this whole saga might bring something good:
1. Users will think of backups more often;
2. Hosts will have more efficient disaster recovery plans;
3. Solus will think of starting to sell a better product and perhaps whmcs/hostbill will do the same while dropping a few PR/marketing guys which screw up badly, at least in the case of hostbill and will not be able to save anything with denials like in the case of solus.
Is there any real competitor to Solus at this point in time? I know there are now countless homebrew panels underway, but what could actually be used today?
Nothing really. From that thousand panels, we will be lucky if even a single one is atleast partially usable as well.
@Fliphost just like the big corporate auditors, who's paying the bill? Solus is not trustworthy
@bdtech I would assume solus is paying them to audit it.
@Fliphost yep, it'll be a formality
For all those hosts who pulled their solusvm offline.
Have you provisioned vm orders manually or are they remained pending until this is fixed?
You can go middle way, make it online but accessible only to billing panel(s) and your IP.
This way provisioning and a few functions in the billing panel are available.
Because if i provision it, it will cause some errors with solusvm when its already fixed.
As I said, you can make solus available to the billing panels to provision themselves through solus and your admin IP.
Block everything else with iptables and you are done. Dont forget IPv6 if there is access over IPv6 too.
Ohh thats a good idea, we actually had our whole lighttpd shutdown
Will do
lol @ "SolusVM isn't trust worthy!!!"
Lemme know how HostBill or "donate to my rent/pizza fund/lifestyle choice" control panels are doing
Cloudmin comes to mind. It's a really solid panel. Prometeus uses it for their Atom plans. It supports OpenVZ, Xen, KVM, LXC and I believe more. It's well-tested, has a free and paid version (free version is only Xen/KVM, though) and, when using the paid version, support. The user interface is "clean" but not as simple as SolusVM, which could hold people back. But hey, you can change it yourself.
I'm really surprised Cloudmin isn't used by many providers. It's really undervalued and underestimated IMHO.