As many of you may have noticed, we have been experiencing some issues with Cacti.net over the month of October.
On October 17th the server that was use to run Cacti.net was compromised and root access was gained. The intrusion was discovered on October 24th and the server was immediately powered down.
If you downloaded Cacti 0.8.7b from the Cacti.net website between Oct 17th and Oct 29th please re-download. There was a poor attempt to introduce a cross site scripting vulnerability on the login page. Yes, shame on us for not catching it, there is no excuse, but the code was faulty and did not work, as some users have experienced. All Cacti related data has been restored from an off site backup take prior to the intrusion.
Cacti.net is now running thanks to the quick work of Ian Berry, Tony Roman and Netwurx. We would like to thank Netwurx
for providing us with Co-location and bandwidth on such short notice.
Over the next 2 months Cacti.net will experience some outages as we work to have multiple hosting sites for our websites and code repository. In the coming weeks we will be asking the community to help us out, as we will be in the market for some hardware and potentially some Co-Location space. If you are interested in donating hardware or Co-Location space to the Cacti Group, please email Tony Roman at firstname.lastname@example.org
The Cacti Group