Validus

Hello together, I received an e-mail from Webair today saying that my server was used to DoS somebody. Strange thing is, I haven?t logged into the system for at least a month and aside from 1 other company; Webair is the only one with access to the box.

Has anybody else had this happen?

I contacted Webair, and I suppose, it is being investigated; just wondering if somebody else had something similar happen to them.

Nookster

webair harbors spammers...not surprised.

__________________
The Best Affiliate Software, Ever.

Validus

To be honest, who does what with their server? it isn?t any of my business. But, I am confused how my server was used for a DoS attack. Would be nice to see if there are others who had a similar "surprise"?

KuKluxKlan

doesn't surprise me from webair.. they are no saints... you can expect anything...

Spudstr

how secure is your box? you just might be victom of an exploit and was used for bad things.... you don't happen to use awstats do you?

__________________
Managed Hosting - Colocation - Network Services
Yellow Fiber Networks
icq: 19876563

Pete-KT

Never had a Problem with Webair been with them for over 3 years and have 5 dedicated boxes

Validus

To be honest, I don?t know really what is on that box. WebAir does almost all of the admin stuff on the box. I just don?t know enough to do much on there.

I am sure Webair is going to take a look at what is on the box. Maybe I did put something on there that is bad, not sure though.

Pure Evil

is it a dedicated box or virtual account?

__________________
I am the fourth Horseman.

Validus

Hey Pete, I have never had problems with Webair either; I don?t consider this issue to be a problem either. Just needs to be resolved. Aside from that nasty e-mail, which I didn?t really like, Webair is top notch.

Antonio

not with webair but with another well known hosing company - first I got an email telling me that I should stop mailing from the server or they'll cancel the box. When I replied to them that nto a single email had been sent form there it turned out it wasn't my box, they just sent the warning to the me instead of the other guy.

then about 15 days after Icancelled the box they emailed me again with some complaint forwarded - some dudes said that I'm using that server to probe for open ports or something of the sort...

hostcentrex

This happens all the time. That is why a lot of hosting companies use applications like snort to monitor all of the network traffic they harbor.

Myself as a hosting company owner, we have had DoS attacks from customer's servers before, generally because an update or packet wasn't made. But rarely is it the customer's fault. I would allow Webair to do their work. And I am sure that you will be up and running again in no time.

If it was one of their other customers, that person is going to be in a world of trouble. At least they would be on my network. I hate loosing a customer, but I have no issues with cancelling someones service if they are putting my other customers at damager.

__________________
RackEngine LTD -- www.rackengine.com
[email protected]
Colocation Starting at just $79.00/monthly with your first 2 months free!
ICQ: 612250276

madawgz

thats not surprising, sometimes boxes get rooted....and are used for drones...

__________________
TAEMDLRMSKRJIXMRLSMRJ.

Supz

Is the server managed? might it be hacked?

bdld

they should've investigated first before sending off a nasty email to a paying customer.

minusonebit

Was your root password "god" or "sex"?

Sometimes?

Validus

Well, I will have to wait for Webair to ... finish their "looking".... strange stuff!

Webby

Never has spam problems from a host Validus - worst was a "well-known host" who could not read English and had the communication skills of a critter in hibernation.

The initial "complaint" was hosting of copyrighted material belonging to some celeb. Duh? Asked WTF they are talking about - and getting nowhere.

The server was then pulled for almost a week with constant email and phone calls to their legal person and network guy. Pointless.

In the end, we found of some detail and it was an "infringment" - but not on our box, nor on their network, but stuck in an entirely different network in another country.

Obviously it was time to move hosts from that area of incompetency - despite "hot deals" to stay

__________________
XXX TLD's - Another mosquito to swat.

ronbotx

If you don't lock your server up tight as a drum, there are many people out there who will hijack your server, steal your bandwidth, and then let YOU deal with the repercussions. Spammers don't just broadcast millions of unwanted messages, they steal and hijack workstations and servers.

If you have an un-managed server, then I believe you are responsible. If you pay Webair maintain and manage the server, I'm not sure how they can bitch.

MaddCaz

I havent seen the phrase TOS in some time

__________________

BigCocks.com -
MatureWomen.com -
Tranny.com -
DrunkGirls.com -
TeenGirls.com -
MonsterCock.com and
many more... Click
here to see them all!

ronbotx

As a side note, I always thought Webair's "abuse" address was sent to /dev/null

Validus

Yea, Webair takes care of my server, but I blaming them isn?t? or wasn?t what I was after. I haven?t heard back from them, so it obviously can?t be that big of a deal.

WiredGuy

Did the message you get specifically say it was a DoS or that you had a TOS violation. The TOS violation email is rather generic and in my case didn't specify exactly what the reason was but lists possible reasons.
WG

__________________
I play with Google.