I sent an email to paul@venturesonline.com with no reply.

I am STILL having issues. This is my current letter to them:

****

OK - since Friday the site has been incredibly slow. I cannot even load the site with a cable modem it just hangs, so the dial up people are totally screwed. I was told that the VPS package would meet (and indeed exceed) my need. In addition my cpanel is down again.

From 10/28 through the night of 11/5 my service was continually disrupted and I received conflicting messages from people that were obviously not communicating with each other. My site was hacked twice and I did not receive what I feel was adequate support or help to try and track the hackers down. Now from 11/8 through today, no can get into the site. I am VERY upset about this. I am paying $79.95 for my "service" and I feel REALLY shafted.

I want an immediate resolution to my service problems.
I am having to waste a LOT of my time in dealing with this. If you cannot resolve this, I am requesting that your compant help me find a new company that can provide me with the service I wish, and refund every single penny of money I have paid for the VPS package thus far. I will also fully expect for Venturesonline to continue to keep my site up while I deal with moving to a more reliable company.

***

To be very blunt, I do not expect any kind of satisfactory resolution of this situation since this has proven to be the case so far.

threnody

Not suprised :rolleyes:

Oh, I suppose I need to ask is there actually a reliable comapny out there anymore?

threnody

Originally posted by threnody
Oh, I suppose I need to ask is there actually a reliable comapny out there anymore?

threnody

Define Reliable!

What is the definition of "IS"?

Have you submitted a ticket through the help desk? An email to a specific individual such as Paul probably will not get attention as quickly. Doubt that he works weekends.

Sorry but I never received any complaint email till this morning and I am not the one that handles complaints at VO however when I do get them I do respond and forward them to the right person and follow up.


If you have and issue the correct way to get fast support is to put in a help desk ticket we have staff working 24/7 and if they can not resolve the issue they will send it to management that can.

Originally posted by threnody
My site was hacked twice and I did not receive what I feel was adequate support or help to try and track the hackers down.
You don't seriously expect their sysadmins to spend their time in tracking down a hacker, do you?

Originally posted by Aussie Bob

You don't seriously expect their sysadmins to spend their time in tracking down a hacker, do you?

I can't figure out if you are trying to be sarcastic or if this is for real? If a hacker attacked one of our server, I would be on him like a hungry hawk on a rat. Customers come first my friend, if you don't cater to them, then someone else will.

I think an appology is due to VO from the thread starter on this one. Just MPO.

Originally posted by Haze
I can't figure out if you are trying to be sarcastic or if this is for real? If a hacker attacked one of our server, I would be on him like a hungry hawk on a rat. Customers come first my friend, if you don't cater to them, then someone else will.
Thanks for the lesson in customer management. I'll take that under advisement. :)

How do you want the sysadmins to track the hacker? How far do you want them to go. There are limitations, no matter now far you seem to be willing to go for your cleints. How much time would you spend on this issue? Even you with your "hungry hawk on a rat. Customers come first my friend" approach, have limits.

Well Bob, you at least want to close up your hole, make sure everything is all secure again ( which I assume you would be happy to do ), then go after the IP at least. I would personally do whatever I could to ensure that something like that couldn't happen again, otherwise chances are, they would.

Originally posted by Haze
Well Bob, you at least want to close up your hole, make sure everything is all secure again ( which I assume you would be happy to do ), then go after the IP at least. I would personally do whatever I could to ensure that something like that couldn't happen again, otherwise chances are, they would.
You do what you can, but in reality, you're not going to track the hacker down and make an arrest.

Originally posted by Aussie Bob

You do what you can, but in reality, you're not going to track the hacker down and make an arrest.
Doesn't mean you can't pull a Jay and Silent bob and pay a visit :)

"Were you the one who posted ... about Bluntman and Chronic?"

-Matt

Originally posted by Haze


I can't figure out if you are trying to be sarcastic or if this is for real? If a hacker attacked one of our server, I would be on him like a hungry hawk on a rat. Customers come first my friend, if you don't cater to them, then someone else will.

I think an appology is due to VO from the thread starter on this one. Just MPO.

9 times out of 10 when a SINGLE site on a shared server is hacked it's something silly, bug in a forum, plain text passwords that can be read if you know the file name, guessed passwords, etc.

And no I wouldn't spend an inordinate amount of time on things like that.

Now a server-wide compromise, that's the stuff week long forensic disembowlments of gigs of log files is made of.

I agree with Gary.
The thing that needs to be clarified with 'hacks' are was it just the one site or the entire server compromised? Most times someone either has incorrect permissions set, improper passwords or something else. So it is just that one account that is defaced and not really a server hack.

If a server was truly hacked, then yeah its the SA's job to track down the vulnerability and plug it. Look into where it came from and prevent it from happening again.
Too often people get caught up in teh media and idea of 'hacking' that if their site gets defaced or something, they are screaming that they have been hacked and it's the hosting companies fault. The same applies to dedicated clients who are convinced that if they get a firewall solution, that it will stop them from being 'hacked'.
It's not always the hosting companies fault, and so a little patience from the 'hoster' is always recommended while the situation is evaluated. And as always, make sure they always have a backup of their site in case something happens.

Originally posted by Dixiesys
Now a server-wide compromise, that's the stuff week long forensic disembowlments of gigs of log files is made of.
I get a sneaking feeling that you like that kind of stuff anyways. ;) :D

Originally posted by Aussie Bob

I get a sneaking feeling that you like that kind of stuff anyways. ;) :D

The best fun is when you call them at home after an "incident" to ask to speak to their parents so we can confirm the address to send our bill to for server downtime and network tech labor wasted tracking down the punk :D

Then sometimes you get "0wn3d" by someone with a clue and that is a humbling feeling :(

I can understand if it was a piece of software that got hacked, but it was my understanding that the persons account got hacked and it was affecting the users account, and no doubt others on the server as well. Of course every incident must be looked at on a case by case basis. If a user is using an older piece of software that is unsecured, they are asking for it, and its hardly worth the time tracking the party or parties involved.

The guy seems to have a valid complaint.

One - the host should be curious and be willing to help you investigate any hacker attempts, even if the hack may have been due to a security hole in a perl script, etc. However, you shouldn't expect them to fix your scripts.

Two - the email went to Paul when it should've gone to the helpdesk. However, Paul as head honcho of VO should IMHO have his email forwarded, and try to respond to it within 24 hours, 24/7/365.

Chris I am not the head honcho at VO I am not sure where you got that info but I only own shares of VO and now have very little to do with day to day operations other than sales.

As for the hack it was only this one account not server wide.
Yes the techs did investigate and they always do. The so called hack was somebody using their admin login, the customer was offered and given what logs existed.

Tracing hacks for the most part is a waste of time any real hack will go thru many servers and getting all the server admins to send you logs is just about impossible but you do get lucky at times.


The customer has opend a ticket now and is being taken care of.

Sorry, Paul. I was mistaken. I was under the impressions you were the main boss at VO.

Yes, if the hack is limited to just one person, it's probably something they did. I also agree that you cannot spend hours investigating a hack when you need to be answering suport tickets, etc.

Dont get me wrong we have people that all they do all day is security related issues but most real hacks lead to dead ends in Asia with some ISP that could care less, it's like talking to a wall.

Originally posted by Dixiesys


9 times out of 10 when a SINGLE site on a shared server is hacked it's something silly, bug in a forum, plain text passwords that can be read if you know the file name, guessed passwords, etc.

And no I wouldn't spend an inordinate amount of time on things like that.

Now a server-wide compromise, that's the stuff week long forensic disembowlments of gigs of log files is made of.

gary is hitting the nail on the head. site side problems are the clients which just require a quick 5 minute fix or a few days ( never had one that just took 10 minutes always 1 day of reading installs LOL )

anyway there is a point, server breachs require restorations and kicking in the SLA ..... while a site breach is just the basic, fix the script up. Client must understand that if they install it it's thier issue. that's why you have to look at the contract.

when we offer servers to our clients there they are always under the term's of managed if we installed it and or signed off on the install <--- key point. this is the way we protect ourselves from liablility. if I install something I did it to the best of my skills, I get paid the monthly fee for that on the server rental, client wants something added, they have to issue the work order to me, then I do it based on what the install instructions say. if the client wants it thier way then I don't have to sign off on the job and just bill an install charge per hour.

I wish you luck and hope your system get's back into order soon.

Mike

Also Venturesonline oversell space, because they measure disk space quotas, not acutal ussage.