Results 1 to 20 of 20
Thread: Stolen Bandwidth
-
01-22-2007, 05:20 PM #1Web Hosting Master
- Join Date
- Dec 2006
- Location
- Cardiff, Wales
- Posts
- 803
Stolen Bandwidth
Hi.
I have a reseller on my server who has set up an about 7 accounts. All of these accounts are active. The Bandwidth is being registered as nothing. its is the 22nd and according to all accounts 0.00megs worth of bandwidth has been used. How do i stop this. I have checked the AWSTATS and the results are coming back, "No qualified records found in log (0 corrupted, 0 dropped)". Is this the result of advance DNS settings done?
I have also noticed that about 1GIG of transfer is uneracountanble, which i guess has been used by this account.
Thanks,
NathanielSIP Trunking and VoIP Lines, Numbering (DIDs and DDIs), Low Cost Minute add-ons, Secure SIP and VoIP. Business and Enterprise Grade Quality, Low Cost and Highly Competitive. Available at: https://www.voipyonder.com/
-
01-22-2007, 05:35 PM #2Web Hosting Master
- Join Date
- May 2006
- Posts
- 560
Maybe he's actually not using any bandwidth? That could be from server updates. How long has the server been running?
-
01-22-2007, 05:39 PM #3Web Hosting Master
- Join Date
- Dec 2006
- Location
- Cardiff, Wales
- Posts
- 803
explain this. If i goto the site and and then update the awstats, nothing happens. if comes up with this information "No qualified records found in log (0 corrupted, 0 dropped)"
SIP Trunking and VoIP Lines, Numbering (DIDs and DDIs), Low Cost Minute add-ons, Secure SIP and VoIP. Business and Enterprise Grade Quality, Low Cost and Highly Competitive. Available at: https://www.voipyonder.com/
-
01-22-2007, 05:41 PM #4Web Hosting Master
- Join Date
- May 2006
- Posts
- 560
Alright, I'll try... Possibly your awstats isn't setup correctly. Check to make sure it's parsing the right logs...
-
01-22-2007, 05:57 PM #5Web Hosting Master
- Join Date
- Dec 2006
- Location
- Cardiff, Wales
- Posts
- 803
Originally Posted by IceCreamManSIP Trunking and VoIP Lines, Numbering (DIDs and DDIs), Low Cost Minute add-ons, Secure SIP and VoIP. Business and Enterprise Grade Quality, Low Cost and Highly Competitive. Available at: https://www.voipyonder.com/
-
01-22-2007, 06:26 PM #6Web Hosting Evangelist
- Join Date
- Aug 2001
- Location
- NE Ohio
- Posts
- 502
Maybe they're accessing their site through http://server.ip.address/~username ?
-
01-22-2007, 08:29 PM #7Disabled
- Join Date
- Dec 2002
- Location
- chica go go
- Posts
- 11,876
Originally Posted by El Nino
-
01-22-2007, 09:03 PM #8Web Hosting Master
- Join Date
- May 2003
- Location
- Florida
- Posts
- 902
Originally Posted by El Nino
If you have accounts that you want to use the ~username function, you can give them permissions on the same page.
-
01-23-2007, 03:03 AM #9Web Hosting Master
- Join Date
- Dec 2006
- Location
- Cardiff, Wales
- Posts
- 803
http://server.ip.address/~username.
Nope. That has been disabled since the server was set upSIP Trunking and VoIP Lines, Numbering (DIDs and DDIs), Low Cost Minute add-ons, Secure SIP and VoIP. Business and Enterprise Grade Quality, Low Cost and Highly Competitive. Available at: https://www.voipyonder.com/
-
01-23-2007, 03:15 AM #10Web Hosting Guru
- Join Date
- Feb 2003
- Location
- L.A. C.A.
- Posts
- 346
Check the size of the apache log file, if its also reporting as 0 you have a problem.
-
01-23-2007, 06:19 AM #11WHT Addict
- Join Date
- Feb 2005
- Location
- Sydney
- Posts
- 140
Also check that the site's apache log is recording the hits..
Damian | i n f i n i x | Are you a hosting refugee?
-
01-23-2007, 01:42 PM #12Web Hosting Master
- Join Date
- Dec 2006
- Location
- Cardiff, Wales
- Posts
- 803
its recorded no activirty. I have just done a whois and no information of my server comes up. This Person has privite Nameservers set up and this server, But the funny thing is they are using the shared IP. This person does no have privite ips for his name servers account.
Thanks
NathanielSIP Trunking and VoIP Lines, Numbering (DIDs and DDIs), Low Cost Minute add-ons, Secure SIP and VoIP. Business and Enterprise Grade Quality, Low Cost and Highly Competitive. Available at: https://www.voipyonder.com/
-
01-23-2007, 02:22 PM #13Web Hosting Master
- Join Date
- Apr 2003
- Location
- San Jose, CA.
- Posts
- 1,624
One issue with shared hosting and providing crontab and shell access is that you have to be able to eat the costs of how much bandwidth and traffic users will be using through their shells.
Typically, A user can SSH in and do wget's (or many other things) all day which is attributed to your bandwidth transfers, but without it being attributed to them.
-
01-23-2007, 05:11 PM #14Web Hosting Master
- Join Date
- Dec 2006
- Location
- Cardiff, Wales
- Posts
- 803
Light wave. Could you please explain what you mean
Thanks,
NathanielSIP Trunking and VoIP Lines, Numbering (DIDs and DDIs), Low Cost Minute add-ons, Secure SIP and VoIP. Business and Enterprise Grade Quality, Low Cost and Highly Competitive. Available at: https://www.voipyonder.com/
-
01-23-2007, 07:44 PM #15Junior Guru Wannabe
- Join Date
- May 2004
- Posts
- 63
Originally Posted by logikstudios
-
01-23-2007, 07:57 PM #16WHT Addict
- Join Date
- Feb 2005
- Location
- Sydney
- Posts
- 140
A follow-on to bgaNET's post: customers can also push or upload data "from" your server using tools like rsync, this will also not be attributed to the customer in your traffic usage tool.
Damian | i n f i n i x | Are you a hosting refugee?
-
01-24-2007, 02:50 AM #17Web Hosting Master
- Join Date
- Dec 2006
- Location
- Cardiff, Wales
- Posts
- 803
Users accounts do not have ssh access
SIP Trunking and VoIP Lines, Numbering (DIDs and DDIs), Low Cost Minute add-ons, Secure SIP and VoIP. Business and Enterprise Grade Quality, Low Cost and Highly Competitive. Available at: https://www.voipyonder.com/
-
01-24-2007, 04:53 AM #18WebHosting Master
- Join Date
- Dec 2006
- Posts
- 4,151
Then does the reseller have SSH access?
-
01-24-2007, 07:26 AM #19Web Hosting Master
- Join Date
- Apr 2003
- Location
- San Jose, CA.
- Posts
- 1,624
Oh, I was going by the things offered according to the website in your .sig
In any case, it really doesn't matter whether it's done through SSH, crontab, or many other functions.
It'd be just as easy to upload a php or cgi application which uses gigabytes worth of your bandwidth but isn't attributed to their web usage. It's not that they are necessarily doing anything wrong. As I mentioned, it's just part of the cost you'll have to eat unless you can actually attribute processes/commands to a specific user and identify them as malicious or somehow breaking a terms of service.
-
01-24-2007, 12:08 PM #20Web Hosting Master
- Join Date
- Dec 2006
- Location
- Cardiff, Wales
- Posts
- 803
The reseller does not have SSH. Accounts have to ask us to enable ssh. Any way. I looked under his dns settings. His names servers are setup with Ips that we dont have. Our range is 85.0.0.0 his is 207.0.0.0 etc. so NS1.domain.com and NS2.domain.com are set up with ips that do not belong to the server.
It looks like it is done via advance DNS but i cant figure it out?
Thanks,
NathanielSIP Trunking and VoIP Lines, Numbering (DIDs and DDIs), Low Cost Minute add-ons, Secure SIP and VoIP. Business and Enterprise Grade Quality, Low Cost and Highly Competitive. Available at: https://www.voipyonder.com/