Results 1 to 19 of 19
  1. #1

    bad bad bad softlayer!!!

    this is my story:

    I got my new server from softlay on 10/21
    10/22 i got a DDOS aatack with 600-700mbps(be notice I purchaced a 1000mbps ports), they shutted down my server,
    said needs 24-48hours to investigate my server, because they believe that my server is not only a victim but maybe a attack resouce(are they crazy?)???
    then they checked my server long than 3 days(are they expert? I only installed a php+ mysql on the server,nothing else) , now I have been told they can still not release my server..

    I will never be with them any more.

  2. #2
    Join Date
    Feb 2003
    Location
    Kuala Lumpur, Malaysia
    Posts
    4,980
    Have you tried calling them?

  3. #3
    I guess they have full right to deny access to server (or null route) it if it is root cause of DDoS. I think 2nd part of story (SL) is missing here.
    <<Please see rules for signature setup>>

  4. #4
    Join Date
    Oct 2006
    Location
    UK
    Posts
    217
    Did you have "Business Continuance Insurance" with your server?

  5. #5
    Quote Originally Posted by carlgm
    Did you have "Business Continuance Insurance" with your server?
    yes i do have.

  6. #6
    Join Date
    Oct 2003
    Location
    UK
    Posts
    3,590
    Maybe ask for new IPs if someone is abusing the IPs then changing them should fix it, but if the DDOS attacker is attacking a host name, then your outta luck, shame theres no DDOS protection
    The Hosting Heroes Ltd - over 20 years in the UK hosting industry.
    Website Hosting | Reseller Hosting | Cloud VPS Servers | Dedicated Servers | VPS Reseller for WHMCS
    www.thehostingheroes.com

  7. #7
    Join Date
    Nov 2003
    Location
    Newport Beach, CA
    Posts
    2,923
    I wonder what the record is for sprinting to WHT to complain after a NOC issue.

    Seriously though. did you get a response as to the result? that would be the key component to this whole thing.
    Last edited by fastnoc; 10-25-2006 at 08:21 PM.
    Show your reciprocal links on your website. eReferrer

  8. #8
    Join Date
    Oct 2006
    Location
    UK
    Posts
    217
    They do have DDOS protection, but they are not DDOS protection specialists.

  9. #9
    Quote Originally Posted by xiaohuanzi
    this is my story:

    I got my new server from softlay on 10/21
    10/22 i got a DDOS aatack with 600-700mbps(be notice I purchaced a 1000mbps ports), they shutted down my server,
    said needs 24-48hours to investigate my server, because they believe that my server is not only a victim but maybe a attack resouce(are they crazy?)???
    then they checked my server long than 3 days(are they expert? I only installed a php+ mysql on the server,nothing else) , now I have been told they can still not release my server..

    I will never be with them any more.
    have you offend anyone before? Or are you expecting DDOS in the first place ,that's why you purchase a 1000mbps port?
    Affordable Managed Hosting Solutions for Professional & Business since 2001
    Mxhub.com - Global : USA - UK - Canada - Europe - Asia Pacific


  10. #10
    Join Date
    Jan 2002
    Posts
    1,053
    Quote Originally Posted by xiaohuanzi
    this is my story:

    I got my new server from softlay on 10/21
    10/22 i got a DDOS aatack with 600-700mbps(be notice I purchaced a 1000mbps ports), they shutted down my server,
    said needs 24-48hours to investigate my server, because they believe that my server is not only a victim but maybe a attack resouce(are they crazy?)???
    then they checked my server long than 3 days(are they expert? I only installed a php+ mysql on the server,nothing else) , now I have been told they can still not release my server..

    I will never be with them any more.
    Were you were part of the trouble the other day with the massive D(D)oS attack on SL's network?

    Anyways, you need to make sure you secure and harden your server. Its your responsibility to set things up correctly and securely and maintain such.

  11. #11
    Join Date
    Jul 2005
    Location
    here, there, where?
    Posts
    4,101
    Quote Originally Posted by Josh Stein
    Were you were part of the trouble the other day with the massive D(D)oS attack on SL's network?
    That is a good question...

    As noted in their AUP:
    Public Network: The primary purpose of the SoftLayer public network is to transmit information (packets) to and from Customer servers and data storage services. Proper use
    of the public network is to utilize the network in any way so long as you do not violate any local, state, or federal laws or generate harm to the network or interfere with the use of services of other users utilizing the same network. All Customers are granted equal access
    to the public network. Violation, misuse, or interference of the public network will result in a violation of the AUP and shall result in methods of resolution under the acceptable use policy.
    Which, to me, says if you were generating harmful traffic or interference with the network, your server can and will be shut down or null routed to restore and protect services for other customers. As you were indeed (as you stated) a target of a huge DDoS, this is not surprising they null routed or otherwise shutdown your server. It's unfortunate, but they have to protect other customers.

    They noted that they are bringing in the FBI for lawful help with the DDoS that happened that affected a good number of customers. As such, it's likely your server is being held for the FBI to examine and use for evidence against the attacker. If that is the case, they cannot allow you access as that would corrupt any evidence they may gather afterward and any criminal cases would be comprised as such.

    If the above is true, I think Softlayer has done a good job protecting us (customers) and themselves.
    -Steven | Cooini, LLC
    "It is the mark of an educated mind to be able to entertain a thought without accepting it" -Aristotle

  12. #12
    Join Date
    Dec 2001
    Location
    127.0.0.1
    Posts
    3,642
    Quote Originally Posted by Josh Stein
    Were you were part of the trouble the other day with the massive D(D)oS attack on SL's network?
    The dates seem to match up....

  13. #13
    Join Date
    Jul 2006
    Posts
    287
    Last edited by Iwannasite; 10-25-2006 at 11:50 PM.

  14. #14
    Most hosting companies would have shut down your server. That is a huge attack that can put other business down as well.

    And it is for your own safety. The bandwidth bill otherwise could have grown to thousands of $

  15. #15
    Join Date
    Sep 2004
    Posts
    1,909
    Again yet another reason newbie "want to try and learn server admin on my dime" people should not waste other people's time with their complaints from issues that could have been prevented. My guess - they were looking to opening a server management company. HA! Sorry - had to say that.


  16. #16
    Join Date
    Sep 2003
    Location
    UK
    Posts
    345
    Just to add here.

    It may seem like SL are in the wrong but they are only doing what is best for the other thousand odd customers they have.

    Im sure every single web hosting company here would do the exact same thing.
    Centation Web Services
    Bristol based web design
    Offering website design, SEO, website hosting, website development and domain registration.

  17. #17
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,681
    i would love to know how much bw he burned up with that 1000mbit port :-D
    Steven Ciaburri | Industry's Best Server Management - Rack911.com
    Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
    Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
    FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance

  18. #18
    Join Date
    Jul 2004
    Location
    Memphis, TN
    Posts
    1,225
    Me to...I'm very curious


    Can you post your B/W graphs?

  19. #19
    Join Date
    Aug 2004
    Location
    Earth
    Posts
    8,154
    I think any other company would've shut you down since it would be in the best interest of their other customers. Your attack affected their whole network.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •