NextCloud Ruins its Users’ Chances of Home Server Instances – Linux Liaison

NextCloud Ruins its Users’ Chances of Home Server Instances

While often open-source projects are proponents of privacy and security and most-always have the best intentions in mind, sometimes you get bit in the ass anyway. NextCloud recently has learned of this in their latest attempt to alert users of vulnerabilities in their *Cloud instances.

Jürgen under the username jurgenhass posts in the NextCloud forums that he had been seeing some successive scans for NextCloud and ownCloud (from which NextCloud was forked) instances on his network. He found this suspicious as the IPs performing the scans had been listed as abusive under some of the more popular IP reporting websites.

See the scans below:

x.y.z.a - - [16/Feb/2017:09:33:17 +0100] "GET /owncloud/status.php HTTP/1.1" 403 3484 "-" "GuzzleHttp/6.2.1 curl/7.47.0 PHP/7.0.13-0ubuntu0.16.04.1"
x.y.z.a - - [16/Feb/2017:09:33:17 +0100] "GET /oc/status.php HTTP/1.1" 403 3478 "-" "GuzzleHttp/6.2.1 curl/7.47.0 PHP/7.0.13-0ubuntu0.16.04.1"
x.y.z.a - - [16/Feb/2017:09:33:17 +0100] "GET /nextcloud/status.php HTTP/1.1" 403 3485 "-" "GuzzleHttp/6.2.1 curl/7.47.0 PHP/7.0.13-0ubuntu0.16.04.1"
x.y.z.a - - [16/Feb/2017:09:33:17 +0100] "GET /status.php HTTP/1.1" 403 3475 "-" "GuzzleHttp/6.2.1 curl/7.47.0 PHP/7.0.13-0ubuntu0.16.04.1"
x.y.z.a - - [16/Feb/2017:09:33:17 +0100] "GET /oc-shib/status.php HTTP/1.1" 403 3483 "-" "GuzzleHttp/6.2.1 curl/7.47.0 PHP/7.0.13-0ubuntu0.16.04.1"

Machiel under the name mvv_vmd later replies that he had seen similar scans being performed on his instance of ownCloud and that NextCloud was sending his ISP abuse complains because he hadn’t patched the older version of ownCloud that he was running.

Living in Canada, I’ve seen my fair share of injustices from the side of ISPs and I know that if my provider received a similar message to this one, that I’d be asked told within the hour to shut operations down or risk having my internet connection interrupted. Port 80 and some other ports related to email servers are explicitly blocked already.

While I understand the issue from the perspective of the ISP, I don’t understand the irresponsibility from the perspective of a user. If I’m paying for my 30d/10u connection with no data cap, I better well be allowed to saturate that connection 24/7/365! To say that hosting a website or mail server on a home connection is ridiculous and against net neutrality as a whole. My sole purpose to run said server is to evade the privacy risks involved with using third-party solutions. Let me keep my stuff private!

Link to source

Leave a Reply

Your email address will not be published.


*


This site uses Akismet to reduce spam. Learn how your comment data is processed.