Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In with OpenID
Advertise on LowEndTalk.com

In this Discussion

Should I refuse refund for those users who use VPS to attack others' network?

Should I refuse refund for those users who use VPS to attack others' network?

avelineaveline Member
edited July 2012 in Help

As title.

«1

Comments

  • Yes.

    This signature is brought to you by the NSA. Spying on the entire world since 1952!

  • JacobJacob Member

    No, Absolutely not.

    Thanked by 1Randy
  • DamianDamian Member

    Was it the user who signed up who attacked the network? Or was their root password something brain-damaged like 12349876 and their VPS got brute-forced?

    I am no longer affiliated with IPXcore.
    Thanked by 2TheHackBox eastonch
  • DanielMDanielM Disabled

    Depends on the network i guess lol

  • JarJar Member
    edited August 2012

    If they are guilty, keep the money and terminate their service. If there is a misunderstanding or their VPS was hijacked in some way, still probably their fault but I'd refund them if they wanted it. Usually isn't too hard to tell which it is.

    Thanked by 1Randy
  • DanielMDanielM Disabled

    @jarland said: If they are guilty, keep the money and terminate their service

    and if they chargeback what is your defense? Doesnt matter if they broke rules or not u need to refund them. or thats theft

  • JarJar Member
    edited August 2012

    @DanielM said: Doesnt matter if they broke rules or not u need to refund them. or thats theft

    How is it theft if they signed up for your service to violate your terms? I assume @aveline has a proper terms of service in place that doesn't promise refunds to people who intentionally abuse the system. In fact, many providers have a fee in their terms of service for just such a thing. Usually more than the service costs.

    Guaranteeing a refund after abuse is like saying "Hey, use us for a day to do your dirty work and we'll gladly hand the money back to you without a fight." Not on my watch.

    Thanked by 1Ash_Hawkridge
  • bamnbamn Disabled
    edited August 2012

    Ask that one guy on here who runs a hosting company and bought a VPS from another provider to DDoS a user on here about what he thinks. I cannot recall his name

  • DanielMDanielM Disabled
    edited August 2012

    @jarland said: How is it theft if they signed up for your service to violate your terms?

    The fact is. i dont disagree with you but if they did a chargeback and you came out with that they would win. I would typically refund the client the remaining time minus the applicable Service abuse fees.

    Thanked by 1Jar
  • JarJar Member
    edited August 2012

    @DanielM said: The fact is. i dont disagree with you but if they did a chargeback and you came out with that they would win. I would typically refund the client the remaining time minus the applicable Service abuse fees.

    Yeah I'm sure PayPal would give it back to them. I'd still be a jerk about it. Only 24 hours in the VPS business and I've already had abuse. Without being too revealing and still allowing myself to vent... a VPN in NL, address in Alaska, and a PayPal from Nebraska. Really? These people man...lol ...and that was my lesson to enable Maxmind.

  • Just refund if they are using paypal and count it as lesson.

    vpsdash.com - Tips and tricks in life, information and technology news to get things done

    Thanked by 1Shamli
  • InfinityInfinity Retired Staff

    in many cases its better to refund; its easy to say not to do so but in reality it will cause much more of a headache going hard on them..

    我是一个巨魔 (;

  • DanielMDanielM Disabled

    @jarland said: Yeah I'm sure PayPal would give it back to them

    The paypal part you can win (Email me if you need help on this i have a way to gurantee 100% win) Its the banks you should be worried about. and then in turn paypal will fee you.

  • Honestly, if they abused the TOS / AUP I wouldn't refund them, in less of course your TOS / AUP doesn't cover the sort of thing they did, then on the legal side I would have to say, don't make them an enemy, you'll have a big headache then.

  • I terminate on sight and never refund. They threatten to DDoS me quite often, but who cares. None of them has successfully taken our webserver down so far.

  • ZenZen Member
    edited August 2012

    When I ran stuff, I had a strict policy - you break the ToS/AUP - You get terminated on the spot with no chance of a refund. You can chargeback and PayPal will side with me 99% of the time since you agreed to my ToS/AUP. I made exceptions sure, but generally I find being straight up and no-bs works best.

    I've had clients threaten to hack us, hack me personally, attack our website(s) (and actually go through with it, failing), and generally attempt to harass support.

    If you're smart, the "My VPS was hacked" excuse will be easily verified, so I find that excuse to be absolutely useless since most of the people that actively attack from some LEB VPS don't know how to hide their tracks.

    I work for Nodisto.

    Thanked by 2Randy djvdorp
  • No. Same with Phishing and Spam.

    In general the most users don't even care...

    Opinions/Posts are to be assumed my own/personal and not company related unless obvious
    Working @ EDIS and owning some others (and/or parts of) | Available for consulting | http://as198412.net | https://william.si

  • RandyRandy Disabled

    if they abused it no, just keep the money , if its misunderstanding just refund them. after all they did agree to the terms and services of your site/

  • @DanielM said: . i dont disagree with you but if they did a chargeback and you came out with that they would win

    Please elaborate on that. You mean that, if an user breaks the TOS/AUP the payment processor will still give them the money back ? Any chargeback is automatically processed, no questions asked ? Hello free service, goodbye providers... M

    Nobody here.

  • DanielMDanielM Disabled
    edited August 2012

    @Maounique said: Any chargeback is automatically processed, no questions asked ? Hello free service, goodbye providers...

    What i ment was

    Refund them. But only refund the amount that they have not used. And if necessary apply fees for breaking the TOS.

    At the end of the day. Not all clients will try and get a refund. But some will. and unless you know how to get around these things specifically you will loose and it will cost you alot.

    Thanked by 1Maounique
  • flyfly Member
    edited August 2012

    no.

    full refund, cancel as fraud.

    it's possible that they are fraudulent orders paid for with stolen cards.

  • @DanielM said: Refund them. But only refund the amount that they have not used. And if necessary apply fees for breaking the TOS

    Thank you. I am not a provider but it seemed a highly biased approach from the payment processor's part. I have never asked for a chargeback, I prefer to lose the 3 $ or something, not even when my order was cancelled as fraud without a refund or even an attempt to setup the box. M

    Nobody here.

  • No, as I assume this is a breach of the TOS, as long their VPS wasn't cracked or hijacked.

    Linux noob willing to learn.

  • GaryGary Member

    @Alex_LiquidHost said: None of them has successfully taken our webserver down so far.

    Someone, somewhere will see that as a challenge...

  • ZenZen Member

    @Gary

    Good luck to whoever does, if LiquidHost went down I'de make sure it went straight back up. Magic :)

    I work for Nodisto.

  • JarJar Member

    I make it a rule not to taunt people, encouraging attacks against you is encouraging attacks against your clients.

  • @jarland said: I make it a rule not to taunt people, encouraging attacks against you is encouraging attacks against your clients.

    So if someone buys 10 VMs from you, uses 10TB of BW on attacking multiple targets and at the end reqeusts a refund, you will kindly refund him?

  • JarJar Member
    edited August 2012

    @Alex_LiquidHost I believe there was miscommunication there. I mean taunting hackers by bragging that they haven't succeeded to bring you down yet ;)

    I'm all about standing up to them, but challenging them should be considered for it's potential effect on your clients.

  • @jarland said: I believe there was miscommunication there. I mean taunting hackers by bragging that they haven't succeeded to bring you down yet ;)

    Oh, I see now.

    Well, everything has it's weak point :)

  • ZenZen Member
    edited August 2012

    Hackers != Hackers

    You just need to know who you're taunting. 99% of 'Hackers' are 13 year old's running skidtools. (that's if you're taunting them, technically we're just stating that we won't stand down to asshats abusing our service)

    I work for Nodisto.

  • JarJar Member
    edited August 2012

    Just saying, a DDOS can effect clients too. It's not just between you and the kids. Clients caught in crossfire are not happy. I'd prefer their uptime to my ego.

  • Issue a full refund and terminate his machine. He will not be a loyal client regardless and will cause problems for you.

    StyleX Networks Cloud VPS on Xen & OnApp - FREE AnyCast DNS

    Thanked by 1n0my
  • JeffreyJeffrey Member
    edited August 2012

    Of course you shouldn't refund them, just be careful though. I have had many PayPal disputes from people abusing VPS's, but I won of course. Only refund orders used from stolen PayPal accounts and such.

    [email protected]
  • Personally I'd refund them if they were within a month of starting their account. The fee you'll retain just isn't worth any additional hassle!

    HTTP Zoom - httpzoom.com
  • Do whatever your TOS says you will do.

  • If I was you, I would terminate the client immediately, gather up IPs, commands used, installed programs and names/aliases of that client. Print them out and put it in a file cabinet for the time being (Being just in case you, the owner, get a visit). I would also not refund as in violation of your terms of service and Acceptable Use Policy.

  • everything @Derek says, I agree.

    More than likely, you'll get a call :P

    Catalyst Host - Pie Approved!
  • You Must Suspend Them And Send Them A Warning First If They Still Do The Same Then You Terminate Them

  • @ whoever said paypal would give it bakc to them

    Thats not accurate. Hosting is an intangible service. Paypal will not refund intangible services.

  • @Alex_LiquidHost said: None of them has successfully taken our webserver down so far.

    Be careful with what you say...

  • @Brandon said: Be careful with what you say...

    Damn, this sounded like a threat :D

  • @wrhoton said: Hosting is an intangible service. Paypal will not refund intangible services.

    Pay close attention to the funding source when viewing a transaction

    Hostigation High Resource Hosting - SolusVM OpenVZ/KVM VPS
  • Depends on your ToS... There are some DC's that wouldn't care much if there is an attack initiated from their network, so in case it didn't make any special troubles for you, I guess you should work it out with the customer...

    Regards, Tony

  • AlexBarakovAlexBarakov Member
    edited August 2012

    @Tony_offshore said: Depends on your ToS... There are some DC's that wouldn't care much if there is an attack initiated from their network, so in case it didn't make any special troubles for you, I guess you should work it out with the customer...

    Regards, Tony

    cough ecatel cough

    Also, I am not sure if I udnerstand you correctly, but do you actually tollerate DDoS attacks, as long as you do not get DC notice?

  • JackJack Member
    edited August 2012

    @Alex_LiquidHost said: cough ecatel cough

    image @Alex_LiquidHost

  • They can sue you for posting this out, according to the text in the end of the email. And they actually do allow spoofind on gige servers as well.

  • Alex_LiquidHost,

    I do, on selected DC's... Since our company only resells bandwidth+IP space (and sometimes hardware) from certain DC's, it is not our business to restrict certain activities that are OK both from the DC and the customer's point of view...

    P.S. you're cough was correct ;)

  • JackJack Member
    edited August 2012

    @Alex_LiquidHost said: They can sue you for posting this out, according to the text in the end of the email. And they actually do allow spoofind on gige servers as well.

    I highly doubt Ecatel would take any legal action.

    Also FYI It wasn't the email to me someone showed it me :)

  • @Jack said: I highly doubt Ecatel would take any legal action.

    Also FYI It wasn't the email to me someone showed it me :)

    I was joking :P

Sign In or Register to comment.