Page 2 of 2 FirstFirst 12
Results 26 to 47 of 47
  1. #26
    Join Date
    Jul 2001
    Posts
    520
    I edited the part where I said "This was always my impression with rackshack" as it was wrong, it was the impression that I got through this thread - sorry for the mixup. I made the change BEFORE reading the - amazingly fast - responses.

    Of course I do not think that the host shouldn't / couldn't protect his network, that would be ridiculous.

    I would be the only user so there is no hosting clients to blame either.

    But as pointed out above I already had such a situation which went like this

    a) I noticed the server is getting extremely slow and contacted the host

    b) host told me "someones scanning ports, dos attacking you etc.." - something like that. They weren't very clear about it themselves. Sorry if I don't get it exactly together now, it's been some time now since it happened, and I couldn't do anything about it anyway nor did I understand the whole process (of the attack and the fixing of it).

    c) So I told my host to fix it "somehow" and take whatever measures are necessary.

    Since there are uhmm "hard- and software" involved on the host side that I don't have access to anyway, and since I haven't done anything to "provoke" an attack (whatever that would be) I would indeed expect that the host takes care of me and tries to get me online again as soon as possible, and all this without even going near to accuse me of anything or even assume untill they know better.

    Surely not without considering the protection of the host and it's network itself that's for sure.

    But also not in a way that just about everything concerning the host's own matters has to be triple checked and day after day passes on because the host puts his own issues way way over those of the (not guilty) customer

    Well, pretty much of a "what if" discussion here BUT...

    Basically my point has been answered through Head Surfer already, although I must say I am not 100% whether you really take the point "not guilty untill proven".

    I guess it's something to try out, but then again, my online biz feeds me and my family and I wouldn't like to be offline for days + accused of something I didn't do + payments gone + have to move tons of content + pay for new servers elsewhere = all at the same time.

    Sorry for being a little paranoic here, but I surely took my fair share of hosting nightmares in the past 4 years.

    My impression of rackshack is good so far, but the again, those hefty dos attack etc. incidents appear to happen quite seldom, and there isn't much info/experience posted about how hosts (and rackshack) handle that.

  2. #27
    Join Date
    Mar 2001
    Posts
    154
    Erich, I think the difference is between attacks that come from outside the server and attacks that are started from the server. If I'm reading it right since I don't claim to be a technical genius, HS says they will work to protect the server from outside attacks and work with their people who find that attacks are being started from within the network. Working on attacks that start from within would be better with clients who cooperate and don't try to be abusive toward them.
    My answer to the most commonly asked question on WHT:
    Hosting Matters http://www.hostmatters.com
    FutureQuest http://www.futurequest.net

  3. #28
    Join Date
    Dec 2001
    Location
    Detroit, MI
    Posts
    1,067
    This whole ordeal seems to be a simple misunderstanding caused by apparent language barriers and lack of good communication.

    But then, I might be over simplifying things.
    <!-- boo! -->

  4. #29
    Join Date
    Jul 2001
    Posts
    520
    I think I understood the theoretical/technical part, my main concern was about the general/usual assumptions being made by a host in case of attacks from outside to my server. I was initially under the impression that I would perhaps have to suffer more than reasonable although not guilty, that was basically my concern.

    Not how it technicalls works or whether my language skills are good enough (jeus the second language remark in this thread) but what ATTITUDE a host has in such a situtation. There is a difference between "it will be handled (and we may even bring you online again, if we are really really sure that if etc..." and "it will be handled in a good way and with the customer's concerns regarding uptime being taken very seriously"

  5. #30
    Join Date
    Dec 2001
    Location
    Detroit, MI
    Posts
    1,067
    Erich, I apologize for not making my statement more clear. I was refering to the inital person who started this thread (brashost) in regards to the language barriers. This person seems to be trying real hard to communicate that maybe they don't understand what is being requested, and I am drawing a (presumptious) conclusion that perhaps people might be reading this is an attack where it is really just frustration with trying to get a fairly serious issue resolved.
    <!-- boo! -->

  6. #31
    Join Date
    Jul 2001
    Posts
    520
    uhmm, sorry then scott for being a little touchy... hehe

  7. #32
    Join Date
    Mar 2001
    Posts
    154
    In that case, I think you'd have to look around at other information from users for a host and also see if the host would answer it directly. If one of my sites was being attacked from outside for some reason, I would not expect that my hosts would shut down my site. I would expect them to deal with the attack at the network level, since there wouldn't really be anything accomplished by shutting down my site. If someone managed to compromise one of my accounts, I would expect the host to take action, including possibly locking up my account until they could deal with it. Of course, I'd also expect them to notify me and to keep me informed about what they're doing toward resolution.

    The key for me when I decide to take services from someone is how ethically they act in all aspects of their operation, from sales to support for existing clients to cancellation. I also like to see how much communication goes on, usually from the host's forum if they have one. RS has a very active public forum, as do my hosts. A lot of hosts don't have forums at all (or very active forums) or won't let non-customers see them and that's not a good barometer for hosts that are larger than the people just starting out. When all else fails, I just direct questions to the host. If I'm satisfied that they've answered honestly and thoroughly, then I'm usually satisfied that they will act as they say they will and that my site(s) will be in good hands.
    My answer to the most commonly asked question on WHT:
    Hosting Matters http://www.hostmatters.com
    FutureQuest http://www.futurequest.net

  8. #33
    Join Date
    Jul 2001
    Posts
    520
    Peeps, I totally agree, and I still can deal with it if a host needs to take me offline for a short, reasonable time. But as strange things like dos attacks don't happen often I try to beat the bush a little to learn attitudes before I sign up. I don't care if the host has some legit problems etc. and I am surely experienced in having downtimes LOL but if the host doesn't care then a little technical problem that could have been resolved in hours might easily become a 10 day downtime as I once had, and although my biz is runing fairly good, a 10 day downtime is about to kill me, as it all is 100% internet based. I've been burned a couple times, perhaps more often than the average US customer because I am far far away and every host knows NOTHING will happen to them because taking a $10k loss is still cheaper for me than starting a intercontinental legal action. That is why little remarks like death penalty make me nervous as they are a little too archaic and totally uncalled for in a matter where I haven't done anything wrong, and once I have signed up and the servers are online I am totally in the hands of the host and his attitude.

  9. #34
    Erich.

    Please do not take this the wrong way, but I still believe you are not understanding what exactly HeadSurfer is saying happened:

    1. Brashost did NOT GET ATTACKED by DoS etc.

    2. Brashost was the one ATTACKING OTHERS with his server.

    That's why he was shutdown. It seems you keep trying to support the point that if we're the VICTIM of an attack, then we shouldn't be shut-down. I totally agree and as Head Surfer said earlier, they have other ways to deal with that.

    But let's repeat this again: Brashost was ATTACKING OTHERS with his server on rackshack. He was NOT the victim but the ATTACKER. There hardly is a *innocent until proven guilty* thing here because the logs show it was his computer that was being the culprit

    Now I know we can talk about if the server was compromised and stuff and the compromiser initiated the attack without your knowing. That's another story.

  10. #35

    rackshack

    I did not make attack none to no server of rackshack, my server I must have been victim of some hacker



    Uily NEVES

  11. #36
    Join Date
    Feb 2002
    Posts
    848
    2. Brashost was the one ATTACKING OTHERS with his server.
    Do you mean by this that

    1.) Brashost was the actual person launching the attack intentionally (or)

    2.) Brashost was guilty because his server was compromised by an unknown third party?

    I see a big difference between the two. Obviously even #2 will involve costs to cover any damage done, but if the person is not intentionally causing harm and was not directly to blame (other than not being smart enough to insure his box was secure) the host should be willing to help the client recover as much as possible and get back on their feet as quickly as possible, provided the client can pay for the time and effort involved at a resonable rate and make assurances that he will make every effort to prevent this from happening again, but of course even the latter would require cooperation from the host as without being able to access the server and logs or a clear satement of why the box was taken off line, how is the client to know exactlly what was compromised and if he did something wrong or neglected somthing, or if he was just a one in a million victim?

  12. #37
    Headsurfer specifically mentioned that brasshost's server initiated the dos attack or spam. His server did not receive it or become victimized by it... rather it caused the problems....

  13. #38
    Join Date
    Feb 2002
    Posts
    848
    I know it was his server, but did Headsurfer mean that he himeself was committing the attack (a criminal) or simply that his server had been compromised and a thrid party was using it to launch the attack? In either case obviously the server would be taken offline, but if he himself wasn't the criminal I would expect that the host would still communicate with the customer and try to resolve the situation, recovering data if possible if the customer were willing to pay for the service, and helping the customer (who was a victim, even if it were partially his fault for not keeping the server secure) get back on their feet as quickly as possible.

    I'm gessing that everyone's server may at one time or another be compromised even if they make every effort to keep it up to date and secure. The chance can be reduced, but not eliminated, so one would like to think that a host will work with someone in a bad situation not simply write them off and not help them recover from being victimized.

  14. #39
    He means one of his users on the server is doing the attacks. They wouldn't consider keeping a customer who was commiting the attacks. (At least I hope not.)

  15. #40
    Join Date
    Apr 2001
    Location
    UK - Wales
    Posts
    2,170
    Hi, after reading this thread it seems it is not actually going anywhere.

    The prime concern of this is to get the server up and running or cancel the clients account, neither has been done.

    We must choose from the following:

    1) The Client (server owner) is attacking other servers, maybe it is from one of the clients (server owner) customers, if this is the case then the server should be brought back up in a restricted mode and the log files checked, unless it is the actual server owner committing the offense.

    2) The Clients server has been compromised and the hole must be fixed, if this is a managed server maybe it should have been fixed by rackshack.

    3) The attack is coming from an external source and should be blocked or traced.

    4 The Client (server owner) cancells the server with rackshack and goes elsewhere.

    ---

    Ok, so the client does not have good english, no matter where this person is from I believe it is not right to criticise people based upon how good their english is.

    Can we wrap this thread up with further discussions form the two parties involved or maybe it is time for them to discuss it privately and come to a suitable resolution for both parties

    ---

    For anyone experiencing problems in translation i would suggest using the translator on www.altavista.com
    www.microsolder.uk - Microsoldering Services in the UK

  16. #41
    Join Date
    Dec 2001
    Location
    Detroit, MI
    Posts
    1,067
    Sometimes typing things out they seem to come out worse than they are intended. I meant no criticism by bringing up the language barriers, and if it came across that way I sincerely apologize. I honestly think Rackshack should be trying harder to get their message across and to help Brashost understand what is happening so he isn't left in the dark as he appears to be.

    Again, sorry if I came across as criticizing, that really wasn't my intent!
    <!-- boo! -->

  17. #42
    This is an issue between RS and Brash and should be handled as such. I would not mind hearing about the outcome but this is not the forum to resolve these issues.

    Brashhost do you have an email address or phone number for RS? I am sure that would be a better way of handling this problem.

    Please reserve your postings here for usefull discussions. How about a poll for who would like to host brashost if he leaves RS.

    I vote NO

    My $.02

  18. #43
    Join Date
    Mar 2002
    Location
    SFO,MIA,ATL,AMS
    Posts
    650
    I beilieve that the posibility for another party contolling the server and launching the attack is posibility.
    No one is stupid enough to launch these from his own server.
    Also it is common MO to hijack a server to do this,
    I cannot but wander why he was not asked, but it was decided unilaterally that he was the attacker.
    Servers do get hijacked, everiday day,
    I was seriously considering getting myself a couple of servers in rackshack, but I sure would like to know operational procedure
    on situations like this.
    Also if one of my clienst launches the attack, I think I should be giving the chance to kick him out, not me.
    I , nor anyone can control what clients do, just take meassures when they do it.

    B.

  19. #44
    Join Date
    Sep 2001
    Location
    Houston, TX
    Posts
    213
    Brashhost was placed back online and allowed to pull his data off of his harddrive after a restore, we dont allow compromised servers back on the network and we gave good faith that Brashhost was compromised as opposed to doing it himself.

    Re: no one's stupid enough to launch an attack from their own server?
    Guess again.

  20. #45
    Originally posted by doug357
    This is an issue between RS and Brash and should be handled as such. I would not mind hearing about the outcome but this is not the forum to resolve these issues.
    It is amazing to me how often I see someone post a bash over at RS's MB and then within minutes of that message, they are over here doing same. Like this will get their problem solved quicker?

    I strongly suspect the motives sometimes when I see this as I have seen proven incidences of "ringers" who make waves and who are actually "shills" for "competitors" who are watching their new customer base not growing while their existing base migrates to RS.

    I'm not saying this is the case here, it just appears yet another case of airing one's dirty laundry in public, rather than handling it within the proper means..

    Shortz

  21. #46
    Originally posted by shortfork
    It is amazing to me how often I see someone post a bash over at RS's MB and then within minutes of that message, they are over here doing same. Like this will get their problem solved quicker?

    I strongly suspect the motives sometimes when I see this as I have seen proven incidences of "ringers" who make waves and who are actually "shills" for "competitors" who are watching their new customer base not growing while their existing base migrates to RS.

    I'm not saying this is the case here, it just appears yet another case of airing one's dirty laundry in public, rather than handling it within the proper means..

    Shortz
    The real sad thing about this whole situation... is that he had to come to a public forum to get some sort of resolution! 34 hours of trying in the RS forum/irc and no success... i know i would go to a public forum let off some steam! Amazing how it was soon resolved as soon as it went into the public eye.

    Im disappointed at the RS team, and also ashamed at the harsh discrimination he had to go through here, just because english is not his native language... very sad.

  22. #47
    Originally posted by Magic
    The real sad thing about this whole situation... is that he had to come to a public forum to get some sort of resolution! 34 hours of trying in the RS forum/irc and no success... i know i would go to a public forum let off some steam! Amazing how it was soon resolved as soon as it went into the public eye.

    Im disappointed at the RS team, and also ashamed at the harsh discrimination he had to go through here, just because english is not his native language... very sad.
    I don't agree with discrimination due to language barrrier but I also think your statement is an oversimplification of this particular issue.

    His box was doing something bad on the network. I'm on that same network. If my box was owned or had a client who was up to no good or, I personally was up to no good with it personally, I'd fully expect to be jerked off line.

    He seemed unwilling to accept that something bad was happening on his box and RS had to take it off line until he did something about it, or at least accepted there was something going on with it.

    From a quick re-read of this, he was totally unaccepting that there was anything going on with his box and what is RS to do? put it back on line and let it/whomever continue doing whatever it was that caught their attention and caused them to take the box down in the first place?

    The legal owner of that box was very likely careless in either his management of security of it or, careless in his monitoring of client activity or both. It is not up to an unmanaged host to do anything more than take that box off line if they find that something bad is happening.

    The language barrier obviously played a part in this not getting resolved but I can almost guarantee that proper private messaging or emails to the right people at RackShack, the most compentent of which have their emails right in their signature files and seem more than willing to solve problems privately.

    I seriously doubt this particular client did any of that emailing to the right people. Instead, he came here and ranted in public about resolution of a problem that was HIS responsiblity in the first place.

    My pocketfull of change on the issue
    Shortz

Page 2 of 2 FirstFirst 12

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •