Does anyone have their server over at Sago Net? I ordered one, and in less then 48 hours after being put online they tell me its been hacked into and I have to pay $100 to reinstall. Does this seem fishy to anyone else? Why would someone hack it after being up for only 2 days when I've bought servers elsewhere and have had them up for months without any problems. But suddenly a new server is bought and someone wants to hack THAT one. Anyone else have a problems with them? What is a segmation fault?

they are saying that the server was hacked and every command results to segmentation faults. What does this mean?

Does seem fishy. They probally gave you a Used IP and reused it.

Originally posted by maxhest
Does seem fishy. They probally gave you a Used IP and reused it.

It is the customers responsibility to secure their box... wether it is 10 minutes or 10 days after they receive their server.

Although I think the DC could help you out with this, ultimately, this is your problem, not theirs.

Once you get the OS reinstalled, you should considering hiring a security firm to harden your box... and definately get different IP's :)

Sirius

This is certainly out of the ordinary. Let me talk to sago and see if there is anything I can do to get to the bottom of your issue. It sounds like more of a hardware issue but without the machine online it would be hard to tell what the problem is. I recently had some hardware issues with a machine at sago on the surface it appeared to be a bad os build then a nic died, etc so it was obviously hardware. Once that was discovered it was replaced promptly. Sago's support is very very good, let me follow-up with them for you :)

I have many many servers at Sago. No problems since I have been with them, as far as hacking issues. However, they charge us like $50 for support (not on general issues) so there is no point of using their support. We only use there support only if we need rdns, otherwise we manage our own servers.

Yes indeed they have good networks, but much improvments can be made, however, I have spoken to various support reps, and executives, and they honestly think that they need no improvments. But, since I am a reseller of Sago, I do not deal with them directly. We have our own Rep there to take care of our server orders, and make sure they are setup correctly with UNUSED IP's and everything, so I really have no issues with them. But if I was to go through them directly, it would be hell.

Hello,

I'd like to explain that it was actually my fault, because I was not aware how easily a server could be hacked and targeted, I neglected to be more cautious and so I’d like to apologize for the rant which was posted mainly out of anger. I’d like to have a mod delete this immediately. The support team at Sago have arranged to have everything fixed, thank you.

WOW!

This is excellent. I want to give Design two thumbs up for showing some real character here. It's not too often that a client will actually admit that they were at fault (atleast partially) and note that the datacenter worked hard to resovle the issue....

Way to go Sago, and nice post Design :)

It's great to hear your problem was resolved!

Originally posted by wiresix-Ryan
WOW!

This is excellent. I want to give Design two thumbs up for showing some real character here. It's not too often that a client will actually admit that they were at fault (atleast partially) and note that the datacenter worked hard to resovle the issue....

Way to go Sago, and nice post Design :)

We need more people like this....

Sirius

I think the segfault isn't a hack - its a redhat bug - last week one of my boxes just suddenly went to seg fault on every command - talk to them - i really don't think it is a hack

Originally posted by The Broadband Man
I think the segfault isn't a hack - its a redhat bug - last week one of my boxes just suddenly went to seg fault on every command - talk to them - i really don't think it is a hack

If you read the entire thread... you will see his issue has been resolved...

Sirius

hehehehehe

It might be your fault for not securing box but it could very easily be the redhat bug im thinking about

Originally posted by wiresix-Ryan
WOW!

This is excellent. I want to give Design two thumbs up for showing some real character here. It's not too often that a client will actually admit that they were at fault (atleast partially) and note that the datacenter worked hard to resovle the issue....

Way to go Sago, and nice post Design :)
of course, it's sago ;)

2 days is quick to be hacked due to lazyness I have left servers that long before starting work on them.

Well, a segfault can result in binarys getting courrpted by an "elf virus" which should be considered odd, did you have any sites on the server? A site could have gotted exploited + old kernel == root compromise. who knows not enough info.

You need to be careful about server security. Better install APF firewalls and chrootkit ...

And this is the first time I have seen someone being so frank at WHT :D ...

Originally posted by Mike_R
You need to be careful about server security. Better install APF firewalls and chrootkit ...

And this is the first time I have seen someone being so frank at WHT :D ...

APF != secure. Most people hide behind firewalls and think their secure. Its not true.

Yes, I know its not completely secure. But its better than nothing ..

BFD is also something that can help.. Also you might consider disabling the protocol 1 for ssh and direct root logins..

Originally posted by thelinuxguy
APF != secure. Most people hide behind firewalls and think their secure. Its not true.

he had defaulted the root password to "password" I'm sure a scanner picked it up and someone walked right in... my boxes get scanned atleast 5-10 tiems daily for week passwords on all the common logins....

Originally posted by wiresix-Ryan
he had defaulted the root password to "password" I'm sure a scanner picked it up and someone walked right in... my boxes get scanned atleast 5-10 tiems daily for week passwords on all the common logins....

one box i watch over gets hit hundreds of times a day =(

Last I checked, Sago's default installs came with old (and rootable) kernels. Surely keeping an up-to-date disc image or installation system wouldn't be too much trouble if they're doing multiple server installs per day.

Sam

Originally posted by SMachiz
Last I checked, Sago's default installs came with old (and rootable) kernels. Surely keeping an up-to-date disc image or installation system wouldn't be too much trouble if they're doing multiple server installs per day.

Sam

I know of several datacenters that include rootable kernels, including ev1.

While that may be true, they simply shouldn't.

Sam