New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
How does your datacenter put up with you, @PhotonVPS?
[email protected]
Yeah. What's this have to do with anything? Did you even read my first post? Subverting computer security systems has been illegal in the US since 1984; not sure how this is even something debatable.
@Damian
Best thing for you to do is block and drop packets from Rogue and criminal networks. They are obviously going to say in public they take care of abuse notices but history proves otherwise.
@Damien - We have many legitimate businesses that use us such as government contracts, universities, and bank brokers. We are working on getting these criminals out of our network.
If there is something specific you need address please contact our abuse department.
@Naruto - We are the datacenter we own our facility, support, where we do our own BGP to other network providers. If there is something you need address lets contact our abuse department.
@Yomero/ @Kairus - DDOS outbound is not acceptable - We have a flow server that monitors this and nulls such traffic outbound. No one should be receiving over 50mbit of DDOS from our network its impossible - If they bypass this let us know we will be glad to adjust our flow
@Aldryic - Please re-submit your abuse if our abuse department isn't handling this appropriately then we may need to re-train those that are involved. What subject line did you have? I can definitely get those addressed.
We have an internal project on this as well to detect any scans originating from our network that will alert our technicians to prevent the traffic which will allow better abuse control.
@DotVPS - Not sure who Ecatel is but we work closely with Spamhaus to fight against ROSKO users and spammers. There will be occasional listings but given the nature of how low costs VPS are and how much abuse we can only modify our internal procedures to catch them. One listing on Spamhaus is not an indication of promoting criminal activities and spam on our network.
Check frantech - http://www.spamhaus.org/sbl/listings/frantech.ca is this an indication of a bad provider?
@Hybrdized - If you're getting invoiced for free hosting then why don't you open a ticket to the appropriate brand? We never done free hosting if may be one of our resellers...
3 IPs listed in three years. Other brands our size would kill to get as clean a clientbase.
I do need to follow up with Spamhaus once again on the status of those listings, though.
@PhotonVPS I really have no inclination to go dig up old sentboxes when the issue should've been handled the first time. Out of professional courtesy, I will continue to send in any relevant abuse reports; but we will still enact blackholing the offending IP or subnet until we receive confirmation that the problem has been dealt with.
GOLDEN. Good find, sir.
When I was with @PhotonVPS, the network was slow on all 3 VPSes I had which were on 3 separate nodes. My Apache error_logs were full of 404 errors from Chinese IPs scanning my directories. I blocked China through Cloudflare and still got them, so they did this to my IP. I also couldn't ever get sendmail to work with Hotmail users because the IPs were blacklisted. Then I went to AlienVPS and the network was a lot better, but the nodes died a crapton. That's my story and I'm stickin' to it.
Dafuq!
OMG!
I will host some stuff with PhotonVPS... muahahaha!
@DotVPS - The link to Ecatel tells me nothing there are other providers with much more listings.
In regards to your google search many of those are old and have been addressed some way or other either by terminating the account or suspension.
As mention in our previous post that these are being addressed internally where we have a machine that will be analyzing the flow to avoid outbound scans originating from our network. I appreciate your input in regards to these abuse though.
The phishing link we are bringing this to our abuse team where they will monitor this more actively.
The /27 was banned due to a VPS client spamming which will be suspended. Instead of banning each of the 6 IP a /27 was done since this information was pulled from our rwhois.
@Aldryic We are not bashing you just trying to get others to understand the complexity that can go on when dealing with criminals and abuse. We have many goals for 2012 to get these abuse queries much more automated.
@Naruto - 404 are not scans of your directories. They were probably an old VPS used by a Chinese client who simply didnt pay their bills. Terminating their account with old traffic on them will result in a scan like behavior. This can result in slow response to your VPS.
Anyone else having some trouble making sense of this?
Raising hand
This... Trying to excuse with "we are addressing it asap" ¬¬
Not that I care but for the sake of comparison they are in hosting business way longer than most of you.
Just sayin'
Not sure how that makes ignoring abuse complaints justified.
@Aldryic I didn't say that! You are putting words into my mouth.
Apologies then sir. I simply do not see the relevance between being in business longer than other companies and ignoring abuse complaints (even from registered/respected sources).
That's because you have selective mind and pull my post out of context :P I responded merely to QUOTE which was similiar relevant to thread than my response. Ah, nevermind...
@Spirit Nah, I read your post. The /27 in question was from a single listing anyways, not over time. So established time as a company is irrelevant for that scenario.
If I continue from here it will look like I defending psychz net which I am not, but we will see... we will see spamhaus record of 10 years lifespan of other lowend vps companies with own IP range. Things can easily go wrong even with best and most careful companies that's why I am saying that size of spamhaus records list isn't really argument which should be used to prove own right and @DotVPS posted irrelevant nonsense comparisation which caused my "comparisation" reply.
So once again - I replyed only on this what I quoted and it's not related to potential ignoring abuse complains.
@Spirit
Totally agree.
But the other point is about the rumors regarding of ignoring the complains and allowing bad stuff from their network, which is ridiculous
@yomero yeah.
(but I can't comment that as I don't have experience with them - I was their irc shell client some decade ago but this wasn't psychz like we know today)
Aaah, I see what you were getting at now. Apologies for misunderstanding you.
I understood what was being relayed very easily. Old customer did not pay bill, terminated, @Naruto gets same IP and receives traffic meant for old client.
To be fair I think that is just one of the many possibilities. Well unless @Naruto managed to dig and show the log we won't know the truth.
Anyway directory scanning activities looking for some sort of exploits are not uncommon in VPS, hence I'm not sure why PhotonVPS denied that fact despite "they are in hosting business way longer than most of you".
Pulled these from an old ticket where I showed them:
[Wed Dec 21 04:38:37 2011] [error] [client 89.106.245.180] File does not exist: /var/www/html/admin
[Wed Dec 21 04:38:37 2011] [error] [client 89.106.245.180] File does not exist: /var/www/html/admin
[Wed Dec 21 04:38:38 2011] [error] [client 89.106.245.180] File does not exist: /var/www/html/admin
[Wed Dec 21 04:38:38 2011] [error] [client 89.106.245.180] File does not exist: /var/www/html/db
[Wed Dec 21 04:38:38 2011] [error] [client 89.106.245.180] File does not exist: /var/www/html/dbadmin
[Wed Dec 21 04:38:38 2011] [error] [client 89.106.245.180] File does not exist: /var/www/html/myadmin
[Wed Dec 21 04:38:39 2011] [error] [client 89.106.245.180] File does not exist: /var/www/html/mysql
[Wed Dec 21 04:38:39 2011] [error] [client 89.106.245.180] File does not exist: /var/www/html/mysqladmin
[Wed Dec 21 04:38:39 2011] [error] [client 89.106.245.180] File does not exist: /var/www/html/typo3
[Wed Dec 21 04:38:40 2011] [error] [client 89.106.245.180] File does not exist: /var/www/html/phpadmin
[Wed Dec 21 04:38:40 2011] [error] [client 89.106.245.180] File does not exist: /var/www/html/phpMyAdmin
[Wed Dec 21 04:38:40 2011] [error] [client 89.106.245.180] File does not exist: /var/www/html/phpmyadmin
[Wed Dec 21 04:38:41 2011] [error] [client 89.106.245.180] File does not exist: /var/www/html/phpmyadmin1
[Wed Dec 21 04:38:43 2011] [error] [client 89.106.245.180] File does not exist: /var/www/html/phpmyadmin2
[Wed Dec 21 04:38:44 2011] [error] [client 89.106.245.180] File does not exist: /var/www/html/pma
[Wed Dec 21 04:38:45 2011] [error] [client 89.106.245.180] File does not exist: /var/www/html/web
[Wed Dec 21 04:38:45 2011] [error] [client 89.106.245.180] File does not exist: /var/www/html/xampp
[Wed Dec 21 04:38:46 2011] [error] [client 89.106.245.180] File does not exist: /var/www/html/web
[Wed Dec 21 04:38:46 2011] [error] [client 89.106.245.180] File does not exist: /var/www/html/php-my-admin
[Wed Dec 21 04:38:46 2011] [error] [client 89.106.245.180] File does not exist: /var/www/html/websql
[Wed Dec 21 04:38:47 2011] [error] [client 89.106.245.180] File does not exist: /var/www/html/phpmyadmin
[Wed Dec 21 04:38:47 2011] [error] [client 89.106.245.180] File does not exist: /var/www/html/phpMyAdmin
[Wed Dec 21 04:38:47 2011] [error] [client 89.106.245.180] File does not exist: /var/www/html/phpMyAdmin-2
[Wed Dec 21 04:38:47 2011] [error] [client 89.106.245.180] File does not exist: /var/www/html/php-my-admin
[Wed Dec 21 04:38:48 2011] [error] [client 89.106.245.180] File does not exist: /var/www/html/phpMyAdmin-2.2.3
[Wed Dec 21 04:38:48 2011] [error] [client 89.106.245.180] File does not exist: /var/www/html/phpMyAdmin-2.2.6
[Wed Dec 21 04:38:48 2011] [error] [client 89.106.245.180] File does not exist: /var/www/html/phpMyAdmin-2.5.1
[Wed Dec 21 04:38:49 2011] [error] [client 89.106.245.180] File does not exist: /var/www/html/phpMyAdmin-2.5.4
[Wed Dec 21 04:38:50 2011] [error] [client 89.106.245.180] File does not exist: /var/www/html/phpMyAdmin-2.5.5-rc1
[Wed Dec 21 04:38:50 2011] [error] [client 89.106.245.180] File does not exist: /var/www/html/phpMyAdmin-2.5.5-rc2
[Wed Dec 21 04:38:50 2011] [error] [client 89.106.245.180] File does not exist: /var/www/html/phpMyAdmin-2.5.5
[Wed Dec 21 04:38:57 2011] [error] [client 89.106.245.180] File does not exist: /var/www/html/phpMyAdmin-2.5.6-rc2
[Wed Dec 21 04:39:00 2011] [error] [client 89.106.245.180] File does not exist: /var/www/html/phpMyAdmin-2.5.7
[Wed Dec 21 02:50:26 2011] [error] [client 222.189.237.7] File does not exist: /var/www/html/admin
[Wed Dec 21 02:50:26 2011] [error] [client 222.189.237.7] File does not exist: /var/www/html/admin
[Wed Dec 21 02:50:26 2011] [error] [client 222.189.237.7] File does not exist: /var/www/html/images
[Wed Dec 21 02:50:27 2011] [error] [client 222.189.237.7] File does not exist: /var/www/html/images
[Wed Dec 21 02:50:27 2011] [error] [client 222.189.237.7] File does not exist: /var/www/html/images
@Naruto that's typical internet background noise.
http://claw.d3vm.net/botlogspam.txt - searching for "admin" in nginx logs from just 1 of my webservers
No excuse for the slow connection then.
@photonvps: This is how abuse notifications work.
Here's one received literally 5 minutes ago.
(names and IPs removed because they don't need to be shown. there were many more log lines given, but Vanilla has a character limit on posts)
So I took a look at what the VPS container associated with that IP was running. Returned this:
(there were about 120 of these)
Which is grounds for instant termination under the AUP/TOS that they agreed to when they signed up:
Annnnd complete. Whole thing over in 9 minutes. No DMCA crap, no making up excuses about government clients or arbitrarily suspending accounts or whatever. Problem solved, and we can move on knowing we're Good Human Beings for cleaning up our trash. Don't Be Evil.