Results 1 to 20 of 20
Thread: OK so now I'm MAD.
-
06-10-2005, 08:57 PM #1Web Hosting Master
- Join Date
- Jun 2004
- Posts
- 972
OK so now I'm MAD.
I am SICK and TIRED of the people signing up for plans, asking for all kinds of questions, wasting my time to make custom IP's for them, custom this, custom that, wasting my time -- then a week later I see 100mbit being transmitted out of the machines.
I just now finished cleaning off an unbelievable amount of damage caused by someone who:
a) Signed up for Reseller plan, Windows '2003
b) Wasted HOURS of our support's time to help him install a SQL database in our SQL 2000 machine, etc etc, he wanted the database on a separate machine, sure, no problem
c) Wanted custom permissions on IIS for his ASP programming, sure, no problem
d) Wanted a dedicated IP for his site, sure
e) Submitted 15 tickets a day for his sites, how do I do this, how do I do that
Then today at 3 PM CET the Windows box we had him on starts transmitting at over 100mbit.
He had shared his FTP passwords with various scammers, leechers, warez'ers, etc, and was distributing porn, GTA: San Andreas, as well as many other applications throughout the world.
This is happening at least once every 10 days, and it started getting really bad when we began -randomly- calling customers to verify credentials. Back when we called everyone, this never happened.
Now, I am curious, does this happen to you as well?
This is not an issue of us not looking at our servers enough to see what files are there, this all happened within 4 hours of him asking questions regarding MS SQL 2000, the last person we expected was him.
\\x350c-12\h$\domains\ftp\********. %d .lpt1 2.24\ . %d .com4 2.54\ . %d .com4 2.54\ ;[[Scan By [[XtreMe_TeaM]]]];\ ;[[Tagg By ((XtreMe_TeaM))]].;\[[Up By {{XtreMe_TeaM}}]]\[[For ((WwW.bCGp.OrG))]]\Steamboy_JAP_PS2DVD-GANT
And if you're reading this, and are the one responsible (*******), I'm about to go thermonuclear on you.Last edited by EuroVPS/Director; 06-10-2005 at 09:01 PM.
EuroVPS VPS Hosting - Virtual Private Servers | Web Hosting | Dedicated Servers
Providing Reliable Plesk and cPanel Servers since 2004, now offering low priced Xen & VMware VPS in Amsterdam
UK +44.203.355.6681 / Amsterdam +31.208.202.120
-
06-10-2005, 09:10 PM #2Eternal Member
- Join Date
- Dec 2004
- Location
- New York, NY
- Posts
- 10,710
I know *exactly* how you feel...
--GSVMediaLayer, LLC - www.medialayer.com Learn how we can make your website load faster, translating to better conversion rates for your business!
The pioneers of optimized web hosting, featuring LiteSpeed Web Server & SSD Storage - Celebrating 10 Years in Business
-
06-10-2005, 09:14 PM #3Web Hosting Master
- Join Date
- Jun 2004
- Posts
- 972
The problem GSV is that it makes ME look bad when this happens, because then I have DOZENS of eyes looking at me for answers, why is my site down, when will it be back, etc etc, thank GOD I have some GOOD customers that understand this madness:
For example I got this message, that I have to keep re-reading over again as it was like a dream:
Hi Vasili,
Was "unnormally" big DDOS attack ?
Isn΄t there a way of protecting the servers from
these maniacs?
I am very happy about your effort, I know you are by
far the best host I have ever been with.
It is very sad that these things happen.
Kind Regards,
*******
This was sent when we were not sure what was going on yet, DDoS or what not, you see a box with 100mbit you're not sure immediately what to think.
Fortunately, like I said, people like the above exist, and make this all worthwhile.
I think I will change the policy about allowing static IP's for resellers, it has only generated problems for us with them running wild with the FTP's.EuroVPS VPS Hosting - Virtual Private Servers | Web Hosting | Dedicated Servers
Providing Reliable Plesk and cPanel Servers since 2004, now offering low priced Xen & VMware VPS in Amsterdam
UK +44.203.355.6681 / Amsterdam +31.208.202.120
-
06-10-2005, 09:14 PM #4Web Hosting Guru
- Join Date
- Feb 2005
- Location
- Brazil
- Posts
- 307
It really sucks to get these scammers for customers. Maybe you should raise your prices (low prices atract this kind of people) - 16.95 Euro for Win2003 reseller account (10Gb/75Gb) is very low.
Another option would be to ask new customers to fax IDs and do some background check in every new account.
Anyway, suspend first and ask later. Good luck in the future!ACcomunica
-
06-10-2005, 09:21 PM #5Web Hosting Master
- Join Date
- Jun 2004
- Posts
- 972
MRTG on switchport
EuroVPS VPS Hosting - Virtual Private Servers | Web Hosting | Dedicated Servers
Providing Reliable Plesk and cPanel Servers since 2004, now offering low priced Xen & VMware VPS in Amsterdam
UK +44.203.355.6681 / Amsterdam +31.208.202.120
-
06-10-2005, 09:21 PM #6New Member
- Join Date
- Jun 2005
- Posts
- 1
Some hosts now require that you FAX/Mail some form of identification before they will host you [dedicated providers usually] It's a big step, but people are far less likely to do that kind of stuff if you have some kind of confirmation
-
06-10-2005, 09:25 PM #7Web Hosting Master
- Join Date
- Jun 2004
- Posts
- 972
Maybe you should raise your prices
Thanks much,
VasiliEuroVPS VPS Hosting - Virtual Private Servers | Web Hosting | Dedicated Servers
Providing Reliable Plesk and cPanel Servers since 2004, now offering low priced Xen & VMware VPS in Amsterdam
UK +44.203.355.6681 / Amsterdam +31.208.202.120
-
06-10-2005, 11:52 PM #8Junior Guru
- Join Date
- Aug 2004
- Posts
- 187
That has just happened to me recently, i simply suspended the account , banned the wget-ers IPs, and started to have more attencion on new signups...
-
06-10-2005, 11:59 PM #9Newbie
- Join Date
- Jun 2005
- Location
- Ohio
- Posts
- 6
I've seen this happen many times. I suggest exactly what Spaceh did. Good luck, keep those morons out of your servers.
-
06-11-2005, 01:58 AM #10Web Hosting Master
- Join Date
- Aug 2002
- Location
- Atlanta, GA
- Posts
- 1,114
Some hosts now require that you FAX/Mail some form of identification before they will host you [dedicated providers usually] It's a big step.
Like it or not I think this is going to be standard for hosting in the next year or two. I don't really care if a potential customer does not like it. I'd rather make sure my current clients have some protection from scammers.SiteSouth
Atlanta, GA and Las Vegas, NV. Colocation
-
06-11-2005, 04:15 AM #11Web Hosting Master
- Join Date
- May 2005
- Location
- Sydney, Australia
- Posts
- 876
If you provide a good product and service people won't mind providing credentials. And if you have a good name and supply a quality service, you ought to charge a higher rate - word will get around and there are a lot of people prepared to pay more for a better service.
-
06-11-2005, 09:26 AM #12Web Hosting Master
- Join Date
- Apr 2001
- Location
- Pittsburgh, PA
- Posts
- 1,306
I'm by no means a Windows person, but how can you be certain this user didn't have a script exploited? I don't see why he would go to the trouble with his other requests, if he intended to operate a warez site.
I assume you mean < 100 Mbps, since it looks like a Fast Ethernet port
Kevin
-
06-11-2005, 09:33 AM #13Web Hosting Master
- Join Date
- Feb 2005
- Location
- Northern VA
- Posts
- 1,582
Wow. Very informative post. Sometimes it helps to rant when people are doing things that are making your life difficult. You really have to love this industry to put up with the frustration that some customers can cause.
Rich
Husband, Father, Retired Marine, Geek
-
06-11-2005, 09:33 AM #14Web Hosting Master
- Join Date
- Feb 2002
- Location
- Australia
- Posts
- 24,027
Originally posted by RaDay
Some hosts now require that you FAX/Mail some form of identification before they will host you [dedicated providers usually]
How can you authenticate the "identification"? WLVPN.com NetProtect owned White Label VPN provider
Increase your hosting profits by adding VPN to your product line up
-
06-11-2005, 09:46 AM #15Web Hosting Master
- Join Date
- Jun 2004
- Posts
- 972
sigma
I assume you mean < 100 Mbps, since it looks like a Fast Ethernet port
DevilDog
Sometimes it helps to rant when people are doing things that are making your life difficult
Also, about the script exploit, no, the password was out in the open. Could have been found in any number of ways. In any event this is the end of static IP's for resellers. It's just not neccessary.
Vielen Dank
VasiliEuroVPS VPS Hosting - Virtual Private Servers | Web Hosting | Dedicated Servers
Providing Reliable Plesk and cPanel Servers since 2004, now offering low priced Xen & VMware VPS in Amsterdam
UK +44.203.355.6681 / Amsterdam +31.208.202.120
-
06-11-2005, 09:48 AM #16Invented the Internet
- Join Date
- Feb 2001
- Location
- West Michigan, USA
- Posts
- 9,687
Originally posted by Aussie Bob
What stops the scammer from photoshopping some kind of fake "identification"?
How can you authenticate the "identification"?
We noticed a big difference in fraud signups when we started voice verifying orders and requiring ID and signed contract for larger/dedicated/colo orders.
--Tina||| 99.999% Uptime SLA!!!
Plenty of space and bandwidth to fit your needs!
www.AEIandYou.com - - (WP Friendly - Premium Reseller Hosting and Cheap Dedicated Servers)
-
06-11-2005, 10:56 AM #17Web Hosting Master
- Join Date
- Feb 2002
- Location
- Australia
- Posts
- 24,027
Originally posted by AH-Tina
It doesn't, but it definitly cuts down on fraud signups. Why? Because rather than go through all the trouble of photoshopping ID, etc...they'll just move on to the next host that doesn't check these kinds of things. Fraudsters are lazy...thats why they don't have real jobs. WLVPN.com NetProtect owned White Label VPN provider
Increase your hosting profits by adding VPN to your product line up
-
06-11-2005, 12:51 PM #18Junior Guru Wannabe
- Join Date
- May 2005
- Location
- Helmond
- Posts
- 40
Do you all ask payment in advance for new signups?
-
06-11-2005, 12:59 PM #19Web Hosting Master
- Join Date
- Jun 2004
- Posts
- 972
Obviously!
EuroVPS VPS Hosting - Virtual Private Servers | Web Hosting | Dedicated Servers
Providing Reliable Plesk and cPanel Servers since 2004, now offering low priced Xen & VMware VPS in Amsterdam
UK +44.203.355.6681 / Amsterdam +31.208.202.120
-
06-13-2005, 08:14 AM #20Junior Guru Wannabe
- Join Date
- Jun 2005
- Posts
- 47
If you are so mad.. Why not checkout all your new costumors every now and then. Old costumors ussually dont do the leeching and scamming and ussually pay up. If you want to be safe and all... Make sure you have legal document info on the persons you deliver to.
It was a known bug back in the old ages to store everyones details but today its a must for every webhoster out there.