Anyone know if it is possible to stop IP hijacking from another user. We just have 40 IPs got hijacked by someone else whiich is causing 4 servers unaccessible. We have contacted our network provider. They are working on it. How does everyone deal with such situation.

You mean another client in the datacenter taking your ips? I know another host here had that problem. As for what you can do, I think that all comes down to the datacenter, I do not see any protection that you yourself can do, of course I could be wrong.

Not much you can do, other than contact your data center. It should be a fairly easy task for them, just locate the offending box/boxes, unplug their ethernet cable, and clear the arp cache on the routers.

I'd personally hope (and you should ask) that your provider has something to prevent this, or rather, to monitor it to know if someone bind's an IP they ought not to, otherwise this could happen again and we all know the outcome until it's resolved.

Tim,

What kind of things might a provider have in place to prevent / monitor these things? I am just curious, and think this would be really cool! :D

Originally posted by mpope
Tim,

What kind of things might a provider have in place to prevent / monitor these things? I am just curious, and think this would be really cool! :D

route your subnet in your own VLAN

yeah

i think some hosts have pretty good control over their ips, and then there are some that don't... like lately, whats been irritating me is rackshack has this problem where they cannot seem to keep control over their ips

they'll assign you an ip, one-two days later you realize that someone else is using that ip

next thing you know your websites are loading other people's websites

its ridiculous

idealy shouldnt the IP's be locked down to the given servers MAC address and the arp table on the routers secured to prevent arp poisoning ?

As well i have encountered problems with rackshack too - i assigned a static ip to one of my users, and he kept complaining that his site was loading to someone elses every few hours. Took awile for me to figure out what was going on but finaly i found that the IP was dirrecting traffic to another chumps server on my subnet.

Originally posted by rfxn
idealy shouldnt the IP's be locked down to the given servers MAC address and the arp table on the routers secured to prevent arp poisoning ?

As well i have encountered problems with rackshack too - i assigned a static ip to one of my users, and he kept complaining that his site was loading to someone elses every few hours. Took awile for me to figure out what was going on but finaly i found that the IP was dirrecting traffic to another chumps server on my subnet.

exactly!!!!

worst part is even if the ip is free to you

someone else can use it, and then the problem happens again. how sad.

If their routing ips correctly you can assign subnets to single ports through vlans which allows only you to utilize ips in thats subnet (ideally providers will only provide BLOCKS of ips which can be routed directly through a vlan to a port, but most of the time providers throw several people on the same subnet), the problem is if you only have a couple of ips and you multiply that by 100's of customers with a couple of ips, thats hundreds and thousands of subnet and vlans etc, it could become unmanagable. The provider should be able to find the mac address utilizing those IPs and track down the server.

yeah

but the thign is

i don't like the idea of someone just being able to interfere with me, or my server because they felt likeusing the ip

or they "didn't know that they arent suppose to use this" or whatever..

i mean i sent in a support ticket to rackshack saying please do something because we need this ip, and what do they do?

contact the guys who run the name server of the domain that's dns'ing to our ip

they waited 2-3 days, place didnt respond.

so they closed the ticket telling me to deal with it.

yeah ok.

Doesnt sound like a very good solution to your problem, sorry to hear about that, perhaps if you contact headsurfer directly he will take a more personal customer oriented approach to dealing with the problem in a timely manner.

Good luck towards the resolution of your problem.

yeah

i was going to run name servers too off the rackshack server. but now i am scared that if i run name servers, since rackshack has no control over what ips they assign their customers, what will happen if someone jacks my ns1 and ns2? :eek: :eek: :eek: :eek:

i will see if i can talk to headsurfer.