Results 1 to 23 of 23
  1. #1

    Looking for a TURN KEY hands off dedicated host

    I've lurked these threads and over and over recommendation are posted.

    However, I am a business person, I want to run a business and not worry about my server. I am currently hosted at ServerBeach. I am on my second server with them because the first one was hacked. Then I hired an admin that I paid money to apply patches etc and keep the second server up to date monthly…

    My second server is now hacked at ServerBeach. What am I doing wrong? I hire an admin and I still get hacked. It makes me want to quit my business.

    I keep losing this battle with all these people hacking me. Is this so common? People hacking or rooting servers all the time?

    I just want to find a dedicated host that will host my websites I have like 15 websites, I use about 50GB and need about 10Gb of storage a month. My websites are e-commerce and big forum board. I host lots of download files too at the one site is a reference site. I would love to have a remote backup plan too.

    Is there anyone out there that offers a turn key service like this? Maybe I need to get a new admin, if I do, can my current server be cleaned up without re-loading the OS? I hate getting hacked, it takes me the better part of two weeks to transfer all my websites to another server and get them set up to run again.

    Anyone recommend a service like this?

  2. #2
    Join Date
    Mar 2004
    Location
    Smyrna, DE
    Posts
    10
    I currently host at serverbeach and have NEVER had a problem. i admin my own server (win2003) and love it.

  3. #3
    Join Date
    Jun 2003
    Location
    SW FL
    Posts
    88
    Two servers hacked like that seems a bit fishy. Are your sites ones that would attract attention from the hacker community? Also some of the scripts/forum addons etc you may be running may have had some easy exploits.

  4. #4
    Join Date
    Jul 2002
    Location
    St. Louis, MO
    Posts
    1,652
    Maybe you need to take another look at that "admin" of yours.
    Happily hosting @ Dathorn.com (Since 3/2003), Ispeeds.net (Since 2004), & Quadspeedi.net (Since 7/2005)!
    Hosted @ FDC for 9 Years

  5. #5
    Originally posted by bloozie
    I currently host at serverbeach and have NEVER had a problem. i admin my own server (win2003) and love it.

    Never complained about serverbeach, they are self managed how could it be their fault? It's not...it's my responsiblity...also I am trying to run Linux, which seems to be easily hacked...

  6. #6
    Join Date
    Nov 2003
    Location
    Ohio
    Posts
    504
    Maybe this so called "Admin" isn't your best choice. Find a reseller of another Datacenter, and this time don't tell anyone your password. Also, change it regularly - because this sounds a little fishy to me.

  7. #7
    Originally posted by pubenemy
    Two servers hacked like that seems a bit fishy. Are your sites ones that would attract attention from the hacker community? Also some of the scripts/forum addons etc you may be running may have had some easy exploits.
    I didn't know certain sites "attract" hacker. Which would you classify a site that would attract a hacker?

    The biggest site I run is mrplc.com would that be a site that would attract a hacker?

    Where could I learn about script exploits? I think this hacker gained access through gsubc.org a church website I host, my own church website.....

    Any recommendations on that host I asked for?

  8. #8
    Originally posted by cybexhost1
    Maybe this so called "Admin" isn't your best choice. Find a reseller of another Datacenter, and this time don't tell anyone your password. Also, change it regularly - because this sounds a little fishy to me.

    That admin wasn't any part of the first server, I don't suspect him. The first server was a hack to use it as an IRC bot, and this hacker is using it as an IRC file server. "warez"..pisses me off...

  9. #9
    I saw a statistic posted here not long ago that said more than 70% of hacked boxes were not specifically targeted but the results of random scans. In your case the second hack may very well be linked to the first hack if you moved data from the first server to the second..

    To answer your original question, I would suggest you look at ServInt and see what they can do for you. They offer a fully managed server and have some great people that can advise and assist you on specific solutions for your problem.

  10. #10
    Join Date
    Aug 2003
    Location
    Milwaukee, Wisconsin
    Posts
    248
    I suggest contacting www.CheetaWeb.com

    Top Notch Managment, 24/7 phone support.
    Global Datacenter
    Low Cost; Reliable Network; Unmetered Data Transfer
    3Mbit Unmetered, or 10Mbit Unmetered; Direct Admin Control Panel
    www.GlobalDC.com

  11. #11
    Join Date
    May 2003
    Location
    Philadelphia
    Posts
    968
    What precautions are you taking to ensure that your not just transfering backdoors and compromised files to your new server?

    Are you pushing or pulling the data to the new server? ie. Are you pulling the data TO the good/trusted server FROM the compromised server or are you pushing the TO the new/trusted server from the compromised box?

    Are you using the same passwords on both machines?

    Are you forcing your clients to change their passwords when you move them to the new machine? Are you recommending your clients clients (if they are resellers) change their passwords?

    There are a ton of reasons why you *could* be getting hacked again and without more information it will be near pointless to speculate.

    Have you even identified the attack vector they are using to compromise the system?

    One thing a lot of people don't understand is that the vast majority of "admins" these days are very capable of running a machine, compiling apps and keeping a machine online this does not in any way shape or form mean they understand how to secure a multi-user system. Security is a mindset, an attitude if you will, that a great majority of admins don't possess.

    When selecting an administration company you need to ask a lot of questions, but 1st you need to decide what *you* want out of it. If you just want an admin to keep things chugging along, compile software etc then most of the following questions wont apply, however if your after a security solution I'd find out if they can address the following questions in a satisfactory fashion.

    (in no specific order)

    How do you keep a breast of security issues?

    How much experience does the staff have with security (specifically security, not just administration.)

    Do you have an incident response policy? if so what is it/get a copy

    What level of service are you actually purchasing, (monthly maintenance, proactive administration, reactive administration etc)

    Do they install any sort of security software on the system (IDS, file integrity monitors etc)

    Do they have any type of log aggregation (or do they monitor log activity at all?)

    What is the response time on dealing with new threats (new vulnerability, worm etc)

    There are also more questions that would be spawned depending on the answers to the above but that should be enough to get you going.
    http://www.eBoundary.com - Let us help you expand your eBoundaries!
    Fast, Secure and reliable FreeBSD shared, reseller and dedicated hosting.
    FREE Peace of mind with every account!

  12. #12
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,290
    Well, people get hacked day and nite, left and right. Most commonly threw insecure php scripts. When you got hacked did u just copy the stuff over? Did you find the point of entry. Im hoping your admin did that. Thats the first thing that should be done. Finding the point of entry. Hackers usually record thigns they hit for further exploration at a later date. Most hacks are random aswell they go around looking for holes in every server they can find and exploit it.

    for files in /usr/local/apache/domlogs/*; do grep "wget" $files; done;
    im suspecting you run cpanel. You can go and run that script and it will sometimes tell you exploitable scripts you may have on your server. ONe thing to consider, get a security package from a good administration company. soem companys to look into:

    easyservermanagement
    wemanageservers
    rfxnnetworks
    serveradmins.biz
    cheetaweb

    etc
    Steven Ciaburri | Industry's Best Server Management - Rack911.com
    Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
    Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
    FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance

  13. #13
    Join Date
    Nov 2002
    Posts
    2,780
    time you hire thelinuxguy

    http://rack911.com would help you out.

  14. #14
    Join Date
    Oct 2003
    Posts
    192
    Yeah i agree.

    i use rack911

  15. #15
    I e-mailed rack911 for a phone number. Hopefully he will e-mail me back his phone number.

    To try and answer some of the other questions...which really doesn't have anything to do with my original question...but I'll explain anyway...

    On the first hack, the cpanel DEMO account was left open, a hacker used the DEMO ftp hack to upload a PHPSHELL script. On my server PHPSHELL was able to jump out of the current owners directory and it snow balled from there..

    On the second server, demo ftp was turned off. The admin was hired to do updates to the server. All software was up to date. The admin had not told me yet how the hacker got into the server. The uploaded IRCBOT in the /var/tmp/lib/lib folder. I looked myself for transfer and ftp logs of an upload. I did find something strange in the church account. I am not sure how it got there. I couldn't find a transfer, log of the file it was a debug.cgi script. It looked harmeless, maybe it was changed at a later date.

    When I changed over to the second server the passwords were changed for each account and root passwords. All MySQL passwords where changed. Everything I could think of was changed. I am not a HOSTING company, I have a big website that cosumes alot of traffic, so that's why the need for a dedicated box.

    I just want to be able to run my business and website without having to worry about all this.

    eBoundary: Those are very good questions and vaild responses to my issues, but I don't want to deal with them anymore.

    I do have alot of scripts on the church website. Maybe on of those is insecure. How to I know? Where do I check for this?

    I talked with SerVINT for about 45 minutes on the phone, and they recommended a VPS account. I sounds like a good plan for me. I might just do it. I would like to talk to rack911, so hopefully Steve will e-mail me back his phone number.

  16. #16
    Join Date
    Feb 2002
    Posts
    3,727
    Sounds like you'll be back sailing smoothly if you go with thelinuxguy _and_ ServInt. Double managed protection on a top quality network.
    Have you Floble'd today?

  17. #17
    Join Date
    May 2002
    Posts
    44
    Why don't you go virtual?

  18. #18
    That's what ServInt suggested...a REALLY BIG VIRUTAL account...I thought about it too...I think your right and that's where I am headed..back to virutal and away from dedicated. The only reason I ended up dedicated is because I had some host talk me into it since I have a high traffic website (30GB) per month...

  19. #19
    Join Date
    Mar 2002
    Location
    UK
    Posts
    458
    My judgement would be that you would be better off with a *quality* administrator and a dedicated server than with a VPS. I can't see where VPS is gaining you anything. With your own server you are in control (through your admin).
    Chris at TDMWeb.com
    Windows & Linux hosting and fully managed dedicated servers with great customer service!
    UK-based but serving the world...

  20. #20
    Join Date
    May 2002
    Posts
    44
    Why not 15 virtuals?

    I mean if you have a couple of domains that are BIG ... get custom plans for them or the best you can find.

    If the other domains may fit into an all-purpose virtual plan you would get what you need, probably for the same price and with a lot less headaches.

    Nice regards.

  21. #21
    Whatever you end up doing. Research it. Rushing never helps anything. If you go back to virtual, be careful where you go! I've seen numerous horror stories about hosts offering "40gb/mo" and then problems arising when the client actually uses it all.

    /shrug. I'm not saying that there aren't hosts out there that offer this kind of bandwith, just warning you about the possibilities.

    Best of luck to you though.
    Having your own server is quite the luxury though
    Cameron
    HostCaters Web Services
    http://www.hostcaters.com

  22. #22
    Originally posted by chakorules
    That's what ServInt suggested...a REALLY BIG VIRUTAL account...I thought about it too...I think your right and that's where I am headed..back to virutal and away from dedicated. The only reason I ended up dedicated is because I had some host talk me into it since I have a high traffic website (30GB) per month...
    Heh. A _big_ virtual account is right. My site consumes 70gigs of bandwidth a month, got a 100gigs vps from dinix and now it's having memory problems from too many hits.

  23. #23
    Originally posted by chakorules
    That's what ServInt suggested...a REALLY BIG VIRUTAL account...I thought about it too...I think your right and that's where I am headed..back to virutal and away from dedicated. The only reason I ended up dedicated is because I had some host talk me into it since I have a high traffic website (30GB) per month...
    I agree with ServInt's suggestion. You can't possibly need a dedicated server to push just 30 gigs of transfer unless the scripts you are running are just awful.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •