Results 1 to 21 of 21
  1. #1
    Join Date
    Oct 2011
    Posts
    62

    DaCentec Terminate Services DDoS

    Hello everyone,

    Well, last time I was here to talk about DaCentec I was angry about the null-route on my IP because a Stress Test, ok, my fault, I wasn't supposed to test the machine and I m sorry about that.

    But today I noticed that my IP's were getting atacked (The server was slow, and the site was getting CloudFlare Error Page), I used the Netstat command and blocked the Atackers IP, it seemed to have worked, but a few hours later I got this message...

    "Your services have been Terminated due to repeated large scale DDoS attacks."

    Anyone have experience with that?

    Do they provide a Whitelist so you can Backup the files?

    Thank you

  2. #2
    Have you tried contacting them to see if you can get your data?
    ReliableSite.Net LLC - Offering Enterprise Grade Dedicated Servers Since 2006 [New York City metro / Miami, FL / Los Angeles, CA]
    Customers are our #1 priority - Read Our Reviews
    Need epic pricing on 1G and 10G unmetered? We have amazing deals and a 10 minute setup time! Click here to view incredible deals.

  3. #3
    Join Date
    Jul 2001
    Location
    Melbourne, AU
    Posts
    1,392
    If you were being attacked I'm sure they could of just null routed the IP that was being attacked.
    SERVSTRA | THE ENTERPRISE CLOUD SERVER & DEDICATED SERVER SPECIALISTS
    中国优先网络 - 最快到中国大陆
    14 world wide locations to choose from!

  4. #4
    Join Date
    Oct 2011
    Posts
    62
    Servstra,

    They probably did this since my company provides Gaming Servers and in the Gaming Community DDoS are pretty common...

    Unfurtunaly they don't have DDoS services, and I knew that, but I intended to keep my server until the end of the contract, even if I got Null Routed from times to times...

    But to get terminated like this, pretty strange, still waiting for the reply to know if I can backup my data.

  5. #5
    Join Date
    Jul 2001
    Location
    Melbourne, AU
    Posts
    1,392
    Quote Originally Posted by FelipeK View Post
    Servstra,

    They probably did this since my company provides Gaming Servers and in the Gaming Community DDoS are pretty common...

    Unfurtunaly they don't have DDoS services, and I knew that, but I intended to keep my server until the end of the contract, even if I got Null Routed from times to times...

    But to get terminated like this, pretty strange, still waiting for the reply to know if I can backup my data.
    Well most providers will just null route the IP that is being attacked. I wonder if they had another reason to terminate your server immediately?
    SERVSTRA | THE ENTERPRISE CLOUD SERVER & DEDICATED SERVER SPECIALISTS
    中国优先网络 - 最快到中国大陆
    14 world wide locations to choose from!

  6. #6
    Join Date
    Mar 2003
    Location
    /root
    Posts
    23,991
    Quote Originally Posted by Servstra-Sales View Post
    I wonder if they had another reason to terminate your server immediately?
    Because the attack keeps on repeating? I guess the OP didn't do anything despite of the notification from the provider?

    Specially 4 U
    Reseller Hosting: Boost Your Websites | Fully Managed KVM VPS: 3.20 - 5.00 Ghz, Pure Dedicated Power
    JoneSolutions.Com is on the net 24/7 providing stable and reliable web hosting solutions, server management and services since 2001
    Debian|Ubuntu|cPanel|DirectAdmin|Enhance|Webuzo|Acronis|Estela|BitNinja|Nginx

  7. #7
    Join Date
    Jul 2011
    Location
    SriLanka
    Posts
    2,010
    You have to host gaming with ddos protected ( hardware ) server. When your server getting attacks everyday its big issue to DC and fair to suspend / terminate.
    LankaPartnerHost.Com
    Canada Anti DDOS Webhosting, Reseller Hosting, WHMsonic, WHMsonic Resellers

  8. #8
    Join Date
    Jul 2001
    Location
    Melbourne, AU
    Posts
    1,392
    Quote Originally Posted by net View Post
    Because the attack keeps on repeating? I guess the OP didn't do anything despite of the notification from the provider?
    Just null route the IP that is being attacked and advise the customer they have X amount of time to do backups on another IP before the server is terminate. Pretty simple really.
    SERVSTRA | THE ENTERPRISE CLOUD SERVER & DEDICATED SERVER SPECIALISTS
    中国优先网络 - 最快到中国大陆
    14 world wide locations to choose from!

  9. #9
    I bet they just shutdown the server or just null routed the ip address lets just hope.. I'm interested to see the outcome of this
    Mrgeekchris.com ~ It's not just a job It's a passion
    "Mistakes are proof that you are trying"

  10. #10
    Join Date
    Aug 2010
    Location
    Belgium
    Posts
    657
    You're always supplied with information on why and how. If the attacks persist it's your obligation to track them down and stop them from happening.

    If you do not with to deal with these then you'll have to get DDoS protected gear.
    AssetGateway
    █ Skype da_arco

  11. #11
    Join Date
    Jan 2014
    Posts
    94
    ooh sad to hear, Company only terminate your services not Data go a head and ask for data they will surely give you the data, many companies suspend and null ips when ddos injected ,to save bandwidth, always select server from good reputed company having good assest and well regulatory , If you are using Linux server use CSF firewall , CSF handle small attacks easily and banned attacker ip , Use hardware firewall of Cisco and Juniper to stay safe from ddos attack.
    Best of Luck....

  12. #12
    Join Date
    May 2013
    Location
    USA
    Posts
    931
    Quote Originally Posted by Servstra-Sales View Post
    If you were being attacked I'm sure they could of just null routed the IP that was being attacked.
    Resolving a denial of service attack isn't always as simple as null-routing a single target IP.

    It's becoming increasingly common to see DDoS attackers hit several IPs within the range at once or target the peering IPs on switches and routers further upstream.

    Even with a simple null-route, there's still time from when the attack starts and the null-route is applied that other customers are potentially affected. If it occurs after-hours, then the host might need to page a network administrator to setup the appropriate null-route. There are costs associated with any DDoS attack.

    If your host doesn't offer a DDoS-protected, then it's not surprising that they are moving to terminate your service.
    ▄▀▄ Brian Harrison, Lead Engineer - Reprise Hosting (AS62838)
    ▄▀▄ Deals on cheap dedicated server hosting. IPMI included! Unmetered bandwidth.
    ▄▀▄ Website migration, 24/7/365 support, basic server setup, 15 day money back.
    ▄▀▄ Looking for DEALS on self-managed cheap VPS hosting? Visit VPSHostingDEAL.com

  13. #13
    Join Date
    Oct 2011
    Posts
    62
    Quote Originally Posted by Biz hoster View Post
    ooh sad to hear, Company only terminate your services not Data go a head and ask for data they will surely give you the data, many companies suspend and null ips when ddos injected ,to save bandwidth, always select server from good reputed company having good assest and well regulatory , If you are using Linux server use CSF firewall , CSF handle small attacks easily and banned attacker ip , Use hardware firewall of Cisco and Juniper to stay safe from ddos attack.
    Best of Luck....
    Really hope you are right, waiting for their response

    I don't really mind about the termination, my only problem is my data... Most of my clients own pretty big servers, and being off-line they are losing money.

    My last ticket was escalated to a Network Administrator 9 hours ago, but not answered yet... I created another one hoping to get a return.

  14. #14
    Join Date
    Dec 2011
    Location
    Germany
    Posts
    1,180
    If you know that you're under risk of receiving DDoS attacks, you should not host your website without a proper DDoS protection. It's normal that providers without it nullroute your IP as a counter-measurement to make sure the attack doesn't affect parts of their network and therefore other clients. I suggest that you ask them for a new IP and to remove the current one and then bring your site back online *only* with a remote DDoS protection infront of it, so the new IP stays hidden and protected and you don't experience such issues anymore.
    Inbound Marketing & real SEO for web hosting providers
    ✎ Get in touch with me: co<at>infinitnet.de

  15. #15
    Join Date
    Oct 2011
    Posts
    62
    My server is acessible again!!

  16. #16
    Join Date
    Jun 2009
    Posts
    446
    Quote Originally Posted by net View Post
    Because the attack keeps on repeating? I guess the OP didn't do anything despite of the notification from the provider?
    What are you suppose to do against a ddos attack. If you give me the persons who is doing it's address I can handle it with a bat, but besides that I mean if your hosting a gameservers not much you can do. OP just find a provider that is willing to help you with these kinds of issues.
    Remember when ordering a server from a new company use a Credit Card. Paypal will not refund your money if you get scammed.

  17. #17
    Join Date
    Dec 2011
    Location
    Germany
    Posts
    1,180
    Quote Originally Posted by Violent Injection View Post
    What are you suppose to do against a ddos attack. If you give me the persons who is doing it's address I can handle it with a bat, but besides that I mean if your hosting a gameservers not much you can do. OP just find a provider that is willing to help you with these kinds of issues.
    Well, he could get a remote DDoS protection for his game servers to not take the chance of his provider's network and clients being in danger?
    Inbound Marketing & real SEO for web hosting providers
    ✎ Get in touch with me: co<at>infinitnet.de

  18. #18
    Join Date
    Oct 2011
    Posts
    62
    Quote Originally Posted by infinitnet View Post
    Well, he could get a remote DDoS protection for his game servers to not take the chance of his provider's network and clients being in danger?
    They can always reverse-dns from inside the servers and get the machine real IP...

    I already use CDN and Proxies on my client servers.

  19. #19
    Join Date
    Dec 2011
    Location
    Germany
    Posts
    1,180
    Quote Originally Posted by FelipeK View Post
    They can always reverse-dns from inside the servers and get the machine real IP...

    I already use CDN and Proxies on my client servers.
    Could you elaborate on what you mean by "reverse-dns from inside the servers"? You can always change DNS zones, so I'm not sure I understand what exactly you're talking about.

    How is a CDN related to your game servers? A CDN is for websites and web content and also there are a few "vulnerabilities" that attackers could use to find out your real server IP, that all have to be taken care of. A DDoS protection provider would provide a tunnel or proxy IP especially for game servers that you could then use in public, keeping the real server IP hidden and protected behind it. How is that related to rDNS? If your server was attacked directly, you're clearly doing something wrong with the proxies/CDN you use.
    Inbound Marketing & real SEO for web hosting providers
    ✎ Get in touch with me: co<at>infinitnet.de

  20. #20
    Join Date
    Oct 2011
    Posts
    62
    Quote Originally Posted by infinitnet View Post
    Could you elaborate on what you mean by "reverse-dns from inside the servers"? You can always change DNS zones, so I'm not sure I understand what exactly you're talking about.

    How is a CDN related to your game servers? A CDN is for websites and web content and also there are a few "vulnerabilities" that attackers could use to find out your real server IP, that all have to be taken care of. A DDoS protection provider would provide a tunnel or proxy IP especially for game servers that you could then use in public, keeping the real server IP hidden and protected behind it. How is that related to rDNS? If your server was attacked directly, you're clearly doing something wrong with the proxies/CDN you use.
    What they usually do is to connect to the GameServer and when they are inside, Scan the network to find out the Main IP.

    What the CDN and Proxies do in my case, is provide a tunnel for the IP.

    But once they are Online on the server, they simply do a netscan and find out the real IP (the FO IP), from there they simply atack all IP's on the block.

  21. #21
    Join Date
    Dec 2011
    Location
    Germany
    Posts
    1,180
    Quote Originally Posted by FelipeK View Post
    But once they are Online on the server, they simply do a netscan and find out the real IP (the FO IP), from there they simply atack all IP's on the block.
    Even if they're connected to the game server, it should be impossible to find out your server IP, as every packet should appear to come from the protected IP and not your server's IP. Most likely there is something wrong with the proxies you use then.
    Inbound Marketing & real SEO for web hosting providers
    ✎ Get in touch with me: co<at>infinitnet.de

Similar Threads

  1. When to suspend / terminate services
    By ptimo3 in forum Running a Web Hosting Business
    Replies: 32
    Last Post: 07-08-2012, 02:13 PM
  2. DDoS Mitigation Services- need alternatives to DDoS Defend
    By VN-Ken in forum Hosting Security and Technology
    Replies: 25
    Last Post: 03-23-2012, 10:58 PM
  3. Replies: 11
    Last Post: 06-29-2011, 05:14 AM
  4. Advanced DDoS protection services. Anti-ddos site protection services.
    By stop-ddos in forum Other Web Hosting Related Offers
    Replies: 0
    Last Post: 01-20-2011, 04:17 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •