need help, vps suspended by letbox because of port scanning.

letbox

@Xei said:

@key900 said:

@uptime said:

@cybertech said:
Ask them to secure for u

I dunno ... do they claim to have "uncompromising support" ...?

If so then yes certainly fair to ask them to "uncompromise" it for you, LOL ...

Otherwise, maybe not so much.

EDIT2:

(Unless iyour LetBox was sold as a "managed" or even "semi-managed service. Otherwise it would be @key900 doing you a favor to go beyond the call of duty. This time. But probably will be wasted effort on his part if you don't study better security practice.)

We always do our best to help as we can even thought we are unmanaged, the client issue has been fixed, Hopefully don't got cracked again.

How often do VPS's get compromised? Is it ever due to the configuration of the base OS template / image? Do providers have time to investigate or do they just destroy the VM?

Hello,

Why do you feel that we are the reason? We have nothing to do with any client VPs or have access to the client services. We always alert the client if there is any abuse we don’t terminate or take down anyone without alert. And our preinstalled are home made come with default configuration.

letbox

@AlwaysSkint said:
@poisson I've used Letbox @key900 for almost a year. Excellent value and good Support. So much so, I changed to another package from them last month (an upgrade, for my needs.)

Thanks you

@poisson said:

@key900 said:

We always do our best to help as we can even thought we are unmanaged, the client issue has been fixed, Hopefully don't got cracked again.

Wow. I am going with Letbox for my next VPS when I need one. Incredible service (and they actually own their data centers so that's a great bonus). Plus they have good speeds to Asia from my testing of their looking glass (LA if I don't remember wrongly).

Happy to help anytime and thanks for your kind words

Xei

@key900 said:
Hello,
Why do you feel that we are the reason? We have nothing to do with any client VPs or have access to the client services. We always alert the client if there is any abuse we don’t terminate or take down anyone without alert. And our preinstalled are home made come with default configuration.

I definitely don't think you are at fault. Also, if a VPS is involved in abuse I think provider should email client and suspend it ASAP. A repeat offender I personally think should be terminated and added to a provider blacklist, just my opinion -- need a global registry for abusive customers that can integrate with most provider solutions as an additional check (I assume something like that exists).

letbox

@Xei said:

@key900 said:
Hello,
Why do you feel that we are the reason? We have nothing to do with any client VPs or have access to the client services. We always alert the client if there is any abuse we don’t terminate or take down anyone without alert. And our preinstalled are home made come with default configuration.

I definitely don't think you are at fault. Also, if a VPS is involved in abuse I think provider should email client and suspend it ASAP. A repeat offender I personally think should be terminated and added to a provider blacklist, just my opinion -- need a global registry for abusive customers that can integrate with most provider solutions as an additional check (I assume something like that exists).

It really depends on case to case maybe alerted and got suspended if effecting other clients, I agree with you but we cannot jumping over and reported everyone who got abuse it’s not fair some of them have no idea how is happening like got hacked etc.

AlwaysSkint

Resurrecting, to relay the flip side to this story...
I re-opened a Ticket that complains about "noisy neighbours". Other VPS users on the same subnet, unwillingly or not, set their servers to broadcast packets and port scan for services. Plex port scanning appears to be the latest trend.
I'm seeing them saturating my server logs, during the course of getting blocked.
Response from "Support":

Hello,

Check your VPs sir your VPs seems to be compromised!

If you have any questions please do not hesitate to Contact us.
Thanks

FFS. Would setting my firewall to reject, rather than drop be interesting? Grr.
EDIT2: pinging @key900
EDIT3:
Putting this into context, since yesterday there have been over 54k packets. When was the last time you checked your /var/log/messages? (rhetorical)

AlwaysSkint

This stops the ignorant b'stards but should be tackled at source, IMHO.

iptables -I INPUT 1 -s 185.xxx.xxx.0/24 ! -d 185.xxx.xxx.my_ip -m comment --comment "Noisy neighbours" -j INVDROP

letbox

@AlwaysSkint said:
Resurrecting, to relay the flip side to this story...
I re-opened a Ticket that complains about "noisy neighbours". Other VPS users on the same subnet, unwillingly or not, set their servers to broadcast packets and port scan for services. Plex port scanning appears to be the latest trend.
I'm seeing them saturating my server logs, during the course of getting blocked.
Response from "Support":

Hello,

Check your VPs sir your VPs seems to be compromised!

If you have any questions please do not hesitate to Contact us.
Thanks

FFS. Would setting my firewall to reject, rather than drop be interesting? Grr.
EDIT2: pinging @key900
EDIT3:
Putting this into context, since yesterday there have been over 54k packets. When was the last time you checked your /var/log/messages? (rhetorical)

Please send me the information i can take a look once back to office?

Thanks

blade88

yes, its been resolved, the support is very great.

@Janevski said:
@blade88 It appears that you are a hakor and you should stop haxoring peoples.

Either that or some of them free hakors done haxored your box and now utilizes it to hak tex worlds.

Anyhow, it's your responsibility to secure your machine.
Reinstall from scratch and don't screw up on security this time.

PS: This too.

base on username?
you make me search base on that, and there About 5,130 results. and it not my personas, as i'm is not a gamer.