Recently, RackShack cancelled my RaQ because 2 DoS attacks were launched from it by customers of mine. First time, they made no effort to help stop the DoS attacks, they just pulled it offline for an entire weekend to "investigate" and I was told that it would probably result in termination of my Raq because DoS attacks are against their AUP. I neogotiated having the Raq put back online on the conditions listed below. My Raq was pulled shortly after I agreed because of another attack and cancelled. Below is a copy of the terms (pasted from direct email communication with Jeff)

>We will agree to put you server back online under the following
>conditions:
>
>1.This user and his entire directory structure be removed from the
>server
>immediately.
>
>2.Your acknowledgement that any further instances of this type from
your
>server WILL result in the immediate and permanent termination of your
>account with Rackshack.
>
>Once you specifically agree to these terms we will put your server back
>online.


They removed my data without notice and put the server back into their pool for sale.... basically all hope of retrieving the files was lost. I than received an email saying that the contents of the server would be stored for 5 days. After talking with Jeff on RackShack's irc channel, he told me that I would have to pay them $250 by cashiers check to have one of their techs mount my drive in another Raq and make a tarball of my directories.

I know that I should've kept backups of my stuff, but I guess it is a lesson learned. My question is: do any of you have any suggestions about what I should do? Theres no way I could afford the $250.

my question is why didnt you do what they said to do by canceling that user account asap --


second is rachshack has alot of hidden charges that people dont knwo about lol


i will say chalk it up as a lost and move on to another host or server

Originally posted by airtime166
my question is why didnt you do what they said to do by canceling that user account asap

I did... it was 2 seperate users. 1 did it the first time and I deleted his/her account and another did it the second time and I deleted his/her account.

I know that I should've kept backups of my stuff, but I guess it is a lesson learned. My question is: do any of you have any suggestions about what I should do? Theres no way I could afford the $250.

If you want your business to survive, looks like you'll *have to* afford the $250....

Still seems a bit out of order though.... theres no logic in simply turning the machine off!!

Cheers,

How'd they do this DOS?

Shell access? some cgi script?

Ultimately you are responsible for your customers, however I might have handled this differently, it's not like you're condoning or protecting the customers sounds like to me you just had some bad luck seems to me they could at least let you login and download your stuff.

But and someone brought this up before, RackShack honestly has not a lot of incentive to keep you after you pay that big setup fee, but they certainly have a vested interest in collecting another setup fee for that server. That's why I don't like big setup fees, I feel like such a big setup fee really removes a bit of my trust.

I just signed up for a 4th dedicated server and I got a good deal and a very small setup fee however my monthly fee is about $50 more than it would be at Rackshack (same deal as RackShack's $119 Plesk server EXCEPT it's a 300 domain license!) it is now in this new hosts vested interest to keep me around, they won't even make back the Plesk licensing for several months (10 unless they got a hefty discount). So while I'm not about to abuse their service, at least I feel that if something comes up they'll be willing to work with me to keep my business flowing. They have nothing to gain by losing my business. On the other hand, that $400 setup fee is 3 months of my services RackShack can collect in ONE month if they boot me and resell my server to someone else.

Just my thoughts on the matter.

Originally posted by gabeosx


I did... it was 2 seperate users. 1 did it the first time and I deleted his/her account and another did it the second time and I deleted his/her account.

Either there is more to the story or you just have very bad luck with attracting the wrong customer :) I'm sorry for your problems, but to have two different people to cause such serious damage signed up on your server at the same time is just not common. That's one reason I don't activate telnet/ssh access by default on accounts.... especially the low end accounts because someone who pays $5/month for hosting won't care if their account gets cancelled for something they did wrong. I'm not saying I don't offer it at all for low end accounts but when someone asks for it I know who to keep an eye on and who I USUALLY don't have to worry about.

And RS is not to blame, they have to protect their business and their other customers and doesn't need a lawsuit brought by another company for damage caused by their system. They can't just keep on saying 'be careful'. And they are not a multi million dollar corporation just because of setup fees and trying to take servers from people so they can resell them. People think for some reason that all they have to do is pop in a restore cd and 10 mins later there's a new server to resell to someone. It's a lot more work than that.

But hopefully you'll find a solution to your problem... sorry.

Originally posted by rastoma

And RS is not to blame, they have to protect their business and their other customers and doesn't need a lawsuit brought by another company for damage caused by their system. They can't just keep on saying 'be careful'. And they are not a multi million dollar corporation just because of setup fees and trying to take servers from people so they can resell them. People think for some reason that all they have to do is pop in a restore cd and 10 mins later there's a new server to resell to someone. It's a lot more work than that.

This is not the first problem I've had with RackShack. They've had to restore my server 3 times, 2 of which were because Apache wouldn't work (some solution, eh). After I wrote rackshack telling them about my problems, they gleefully responded that "with 2000 customers we must be doing something right". Obviously they don't care about their customers, because if they did, they would have better trained technicians who can do a better fix than restoring a server every time something goes wrong.

Oh, and yeah, they just pop in a restore cd and have a new server, because thats about the time it took from me getting the email to the server having a default raq page and not accepting my logins.

I dont see what the difficult part of cutting off access to everyone except me so I can get my files is.

And no one is going to sue them for causing damage with DoS attacks, if RackShack was seriously concerned about that, they would filter attacks on their network anyway.

True they cant keep saying "be careful," but they could afford me the courtesy of a couple hours to get my files. Thats like if your boss fired you and didnt give you time to take the stuff in your desk and said "if you want it back you're going to have to pay us to bring it over in a moving truck, otherwise we are going to throw it out".

We gave you that opportunity once but you abused that opportunity again.

If YOU or YOUR USERS abuse our network you will be toast. Under our AUP/TOS, we have absolutely NO responsibility to you for your data.

In fact, in our AUP/TOS, as well as the welcome email, you are encouraged, if not directed to make and keep backup copies of your data.

We preserved the drive in question as we now do all restore/resells, and now all restores as well, for 5 days. The $250 is a small price to pay for ALL of our technical resources spent working on what turned out to be YOUR customers on yoru RAQ.

It is YOUR responsibility to monitor, screen, and control YOUR users. Please do not blame me for a problem that was in your direct and personal control.

Access to your data is no problem, all you have to do is pay for our time. We have offered this solution even though we are in no way required to do under the terms of our contract which you agreed to when you signed up for service.

We have, and will continue to, terminate accounts who abuse our network, execute DOS attacks, and who send SPAM.

In this instance, we gave this customer a second chance even though we would have been in the right to terminate him after the first infraction. Yet, when we agreed to once again activate his account, he allowed another user to abuse our network.

While this post may seem curt and rude, my staff has exausted hours working with this customer on his problem even to the point of pointing out who/when/what exactly was happening when his server started pushing 58 megs per second. In this instance, we have gone above and beyond to help this customer.

Robert Marsh
Head Surfer Rackshack.net

I agree with RackShack, its your responsability to keep your users
under control and monitored, expecially after the first time this
happened. Which is another reason that shell access will not be
enabled on user accounts when I get my server, unless requested.
:cool:

Originally posted by gabeosx


I did... it was 2 seperate users. 1 did it the first time and I deleted his/her account and another did it the second time and I deleted his/her account.

OK. Let's get this straight if we're gonna play the public game. After we identified the specific user the first time, you did remove that user/content. However, our personnel had to identify it for you at your request.

On the second go, you did no such thing. Again, our top admin had to go into your box' look around, see what was happening, and then explain it to you.

If you are going to make this public, please at least get the facts straight.

Robert Marsh
Head Surfer Rackshack.net

Just so we are all clear: If you abuse our network or violate our AUP/TOS, you will no longer have a relationship with Rackshack.

HeadSurfer, I apologize for the inconveniences I have cause you. Please feel free to delete the backup now. Lets leave it at this, because I don't feel like getting into a 5 page argument about what you and I did/did not do... its just a waste of time.

Nice to see that for a change.

Originally posted by headsurfer


OK. Let's get this straight if we're gonna play the public game. After we identified the specific user the first time, you did remove that user/content. However, our personnel had to identify it for you at your request.

On the second go, you did no such thing. Again, our top admin had to go into your box' look around, see what was happening, and then explain it to you.

If you are going to make this public, please at least get the facts straight.

Robert Marsh
Head Surfer Rackshack.net

Just so we are all clear: If you abuse our network or violate our AUP/TOS, you will no longer have a relationship with Rackshack.

Heh gotta remember my own advice about "two sides to every story" before opening my trap :D

By request of thread starter...