Results 1 to 25 of 34
Thread: Server IPs blacklisted
-
07-14-2008, 08:20 AM #1Newbie
- Join Date
- Jul 2008
- Posts
- 7
Server IPs blacklisted
I ordered a server on Sagonet, a company specializing in renting dedicated servers. Well, after paying 125 euros, I receive a server with dns almost totally blacklisted in my country, Italy. I ask those of Sagonet of risolvermi the problem but they are slow and rude and say that I hosted illegal content on my server. Too bad that my server has only a forum half-empty and no illegal content and they want from me other $60 for control my sites, blackmailing me. So I paid for a service, without being able to take advantage and they . Be careful to Sagonet, a disservice, because people rude and incompetent.
Sorry for my not good english.
-
07-14-2008, 08:30 AM #2Retired Moderator
- Join Date
- May 2004
- Location
- Pflugerville, TX
- Posts
- 11,231
Fraud is a pretty strong word - you've made a criminal accusation here that I hope you're ready to discuss in some detail. If indeed you were victimized, you have my regrets for your situation. If Sago is correct and there was illegal content on your server, you stand to get a very cold reception in this thread from other members.
So let's start from the beginning. What site or sites are you hosting on your server (you can post URLs without linking them), and what exactly did Sago say you were hosting on your server that they found unacceptable?Studio1337___̴ı̴̴̡̡̡ ̡͌l̡̡̡ ̡͌l̡*̡̡ ̴̡ı̴̴̡ ̡̡͡|̲̲̲͡͡͡ ̲▫̲͡ ̲̲̲͡͡π̲̲͡͡ ̲̲͡▫̲̲͡͡ ̲|̡̡̡ ̡ ̴̡ı̴̡̡ ̡͌l̡̡̡̡.__Web Design
-
07-14-2008, 08:33 AM #3Aspiring Evangelist
- Join Date
- Dec 2006
- Location
- Tampa, Florida
- Posts
- 387
Monica,
Without divulging too much of your own information publicly, I will briefly address this post for you.
-Your server was hacked due to a very insecure password on your self-managed server
-We are still trying to work with you currently to help you get your server un-blacklisted. I encourage you to continue to be cooperative with our technical support staff to resolve the issue instead of trying to create negative publicity for you or our company
-The blacklist occurred because the illegal content on your server was rapidly blacklisted in your country
-The $60/hour fee is to offer you advanced technical support to clean off the illegal content and remove any evidence of hacking that has taken place on your server. If you would like to perform these tasks yourself, please do so. Insecure servers are never a desirable thing to have on anyones network and we wish your server to be secured quickly.
Please work with your technical support staff within our ticketing system right away to resolve these matters. Thank you.
-
07-14-2008, 08:34 AM #4Newbie
- Join Date
- Jul 2008
- Posts
- 7
-
07-14-2008, 08:38 AM #5Newbie
- Join Date
- Jul 2008
- Posts
- 7
I have only an empty forum in my server.
-The $60/hour fee is to offer you advanced technical support to clean off the illegal content and remove any evidence of hacking that has taken place on your server. If you would like to perform these tasks yourself, please do so. Insecure servers are never a desirable thing to have on anyones network and we wish your server to be secured quickly.
You are blackmailing me so I (in your mind) will upgrade my plane.
No, i will not upgrade it, no with a blackmail, and my budget, actually, don't permit this.
So you now resolve my problem, otherwise you give me a refund.
Stop.
-
07-14-2008, 08:41 AM #6Aspiring Evangelist
- Join Date
- May 2007
- Location
- italy
- Posts
- 393
As far as I understand from the sago response your server was hacked and some "casino/betting" content putted on, which resulted in the domains being blacklisted as for local laws, here.
It's an awful idea to buy a server abroad if you are not even able to speak the language (I understand from the post you've used an automated translator as some words left untranslated ...): how are you able to understand the problem if you lack both communication and technical skills to handle the problem ?
If you are not even able to manage and secure a server, and moreover you have problems understanding what the technical support says to you, you should bear the consequences.Last edited by Mike V; 07-14-2008 at 11:10 AM.
"I want" never gets ...
-
07-14-2008, 08:45 AM #7Newbie
- Join Date
- Jul 2008
- Posts
- 7
Last edited by Mike V; 07-14-2008 at 11:11 AM.
-
07-14-2008, 09:17 AM #8Retired Moderator
- Join Date
- May 2004
- Location
- Pflugerville, TX
- Posts
- 11,231
If your username and password are easy to guess, then it's entirely possible someone planted whatever they need far below the Webroot of your server. If you're not experienced with server administration (what is your level of technical expertise?), then you'll simply see your empty forum. You won't see where the compromised files reside. Typically, they end up in /tmp, but if someone has full root access, then they could literally put them anywhere they like.
Studio1337___̴ı̴̴̡̡̡ ̡͌l̡̡̡ ̡͌l̡*̡̡ ̴̡ı̴̴̡ ̡̡͡|̲̲̲͡͡͡ ̲▫̲͡ ̲̲̲͡͡π̲̲͡͡ ̲̲͡▫̲̲͡͡ ̲|̡̡̡ ̡ ̴̡ı̴̡̡ ̡͌l̡̡̡̡.__Web Design
-
07-14-2008, 09:18 AM #9Aspiring Evangelist
- Join Date
- Dec 2006
- Location
- Tampa, Florida
- Posts
- 387
Monica,
Please understand that there are MANY ways to gain access to your server when a server is hacked and then host illegal content on the server. I assure you that you are NOT the only person that has had access to the server and that this assumption is what is causing you so much misunderstanding about the problem. I will again request that you refrain from dealing with this issue through a public forum unless you would like the community to explain how a hacked server can cause you so much trouble.
I am sure WHT members can verify what I am saying is true for you as well if you do not believe what we are trying to tell you. Thank you.
-
07-14-2008, 09:20 AM #10Junior Guru Wannabe
- Join Date
- Mar 2008
- Posts
- 78
Sorry, but just because you don't have any content doesn't mean you can't be hacked. That empty forum could have been exploited, or your root password could have been guessed. I don't know if you know this, but people "bruteforce" IP ranges all the time. They'll find a weak password, and with that, they'll have just the same access to your server as you.. all of it.
-
07-14-2008, 09:29 AM #11
True. I had a domain with no content except a "Content coming later" home page. One time I did a search for that domain and found it listed at a site where people post about sites that they hacked. I had uploaded a script I was testing and forgotten about it. The script had become outdated, and someone hacked it.
No one would find that page unless they knew the URL to go to or found it in a search like I did. But my site with no content had been hacked.
Lois█ "Do what you can, where you are, with what you have." – Theodore Roosevelt █
-
07-14-2008, 12:10 PM #12the ground beneath my feet
- Join Date
- Feb 2006
- Posts
- 1,107
-
07-14-2008, 01:02 PM #13Junior Guru Wannabe
- Join Date
- Jan 2008
- Posts
- 48
I'm shocked that they're charging her $60/hr to clean files off her server. My host would do that for free.
-
07-14-2008, 01:06 PM #14Web Hosting Master
- Join Date
- Jun 2006
- Posts
- 1,027
-
07-14-2008, 01:11 PM #15Retired Moderator
- Join Date
- May 2004
- Location
- Toronto, Canada
- Posts
- 5,105
-
07-14-2008, 01:12 PM #16Web Hosting Guru
- Join Date
- May 2008
- Location
- FL
- Posts
- 337
The server is unmanaged, so it isn't that unreasonable.
The OP might want to consider going with a managed service if they don't understand how to manage their own server (that goes beyond clicking buttons on a control panel).
Hackers generally will try and hide what they have done. The exception (that I have seen in large quantity) are the frontpage defacers who seem more interested in letting people know they have security issues (which while destructive, is better then the alternative). While your forum may seem fine, there could be a 100 other websites hosted on your server without your knowledge.
-
07-14-2008, 01:24 PM #17Retired Moderator
- Join Date
- May 2004
- Location
- Pflugerville, TX
- Posts
- 11,231
If someone gained root access, there's no telling how deeply embedded the issue is. Also, do you get any admin time with your server? If any degree of management is part of your price, then this makes sense. Otherwise, why should someone not be compensated for providing a professional service?
Studio1337___̴ı̴̴̡̡̡ ̡͌l̡̡̡ ̡͌l̡*̡̡ ̴̡ı̴̴̡ ̡̡͡|̲̲̲͡͡͡ ̲▫̲͡ ̲̲̲͡͡π̲̲͡͡ ̲̲͡▫̲̲͡͡ ̲|̡̡̡ ̡ ̴̡ı̴̡̡ ̡͌l̡̡̡̡.__Web Design
-
07-14-2008, 02:46 PM #18Junior Guru Wannabe
- Join Date
- Jan 2008
- Posts
- 48
-
07-14-2008, 02:51 PM #19Junior Guru Wannabe
- Join Date
- Jan 2008
- Posts
- 48
-
07-14-2008, 02:54 PM #20Web Hosting Guru
- Join Date
- May 2008
- Location
- FL
- Posts
- 337
-
07-14-2008, 02:55 PM #21Junior Guru
- Join Date
- Mar 2008
- Location
- Savage, MN
- Posts
- 220
Well, that would be a poor way of putting it. More like "We can help you, but as your server is unmanaged, we will have to charge you $X."
Do you know how much time can be involved in cleaning this stuff up?
Doing an OS reload would be one thing, and I'd expect that to generally be done for free (or cheap); actually cleaning up a comprimised server is entirely different.-nc
-
07-14-2008, 02:55 PM #22Retired Moderator
- Join Date
- May 2004
- Location
- Pflugerville, TX
- Posts
- 11,231
You can't keep customers happy if you put yourself out of business by paying your techs for their time and not seeking that compensation from your customers. It's a courtesy for customers to recognize the time and expertise that goes into server administration, and to compensate accordingly. $60/hr. is fairly inexpensive for a professional service such as this (I suppose it depends where you go to get it done, but many techs can command prices in the $70-100/hr. range).
Studio1337___̴ı̴̴̡̡̡ ̡͌l̡̡̡ ̡͌l̡*̡̡ ̴̡ı̴̴̡ ̡̡͡|̲̲̲͡͡͡ ̲▫̲͡ ̲̲̲͡͡π̲̲͡͡ ̲̲͡▫̲̲͡͡ ̲|̡̡̡ ̡ ̴̡ı̴̡̡ ̡͌l̡̡̡̡.__Web Design
-
07-14-2008, 03:00 PM #23
If the IPs are blacklisted then there should be dates and reasons on the blacklist. You can use those to tell if it was you or someone before you that caused the problem.
if it was your provider, they should provide you with new IPs and then work to clean the ones that are having issues.
If it was your fault then your provider is well within thier rights to charge you to fix the issue. The PITA factor of getting listed goes far beyond just cleaning off some files.Aaron Wendel
Wholesale Internet, Inc. - http://www.wholesaleinternet.net
Kansas City Internet eXchange - http://www.kcix.net
-
07-14-2008, 03:00 PM #24Junior Guru Wannabe
- Join Date
- Jan 2008
- Posts
- 48
-
07-14-2008, 03:02 PM #25Junior Guru Wannabe
- Join Date
- Jan 2008
- Posts
- 48