New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
What version of windows was the vps? The last time i checked normally windows server you need to enabled rdp and mostly everything is being blocked by the windows firewall unless you explictly tell it to open these ports for this program. But also i could be wrong.
At this moment all I see is an email that says the VPS is "suspended" and to refer to the ToS, nothing about termination.
see again, the subject: service termination.
and see this: http://i.imgur.com/XwlVDqM.png
i didnt even got a chance to open a support ticket there.
Spam complaints sent to a gmail address generally go to your Spam box. When we send out spam complaints, we first send a normal ticket without the actual complaint and then reply to same ticket with the actual complaint. This way the client gets the first notice in Inbox and can check spam / click on ticket link for the actual complaint.
Ok, but I would rather hear from the provider, you know I am suspicious of everything. Like maybe you replied to the email telling them they are a bunch of ***** and to ***** and ***** so they just dumped you.
Like I say, right now you have no credibility.
I checked spam folder, nothing.
Anyone would do that without any valid explanation, I understand.
You probably missed it, the subject of the email that the OP received is "service termination"
Why didn't you just turn it off if you weren't going to be using it for a week after you ordered it or at least turned off pass auth and used ssh key only.
Correct, no idea how I missed that.
Nice.
@roflmao,
You too should've secured your VPS. Every password is subject to brute force attacks indeed. You so called "security" might have actually been breached and your VPS may have been used in SPAM.
Sure, they should send proof. That's their false. If there is anything that supports their claim, they should prove it as well.
But on the other hand you shan't be thinking one password is enough for brute force attacks.
You should at least look at your log files every once in a while. Then you might see how many bots there are that actually scans for ports ,ready to knock in.
How can i know that it was a compromise issue or not? atleast they should have explained the reason.
Just for funsies I went to their website and checked their ToS
4) Zero Tolerance Spam Policy
We take a zero tolerance stance against sending of unsolicited e-mail, bulk emailing, and spam. "Safe lists", purchased lists, and selling of lists will be treated as spam. Any user who sends out spam will have their account terminated* with or without notice. No refund.
You leave the server unattended for a week, thus having installed nothing yourself. What other scenario is there? It being compromised is the most likely and also the most probable.
With most providers, you can always open a ticket as an unregistered user and ask them to substantiate their claim. As you correctly pointed out, the monetary loss is the least of your problems here. In your shoes, with 9 other boxes potentially at risk, I would try hard to get to the bottom of this before thinking of "warning others" here.
As i said in OP, i hardly utilised it for any purpose. Just installed some basic programs like google chrome & idm, also many sites are even not accessible from the vps, example: sandboxie, and their upspeed was terrible <1mbps
Actually, in your OP you presented a very different version:
And the holes begin to appear...
hmmm
Just curious, why you need sandboxie there?
A thread on this was posted on another popular forum. The story just keeps ending up with more and more holes. one minute it's "I left the password the same" next it's "I had it set to a secure password" either you did or you didn't frankly.
Also it being a windows KVM (Or so you claimed in the other place), they do tend to be a little more vulnerable to compromise. You need brute force protection on RDP.
Just perfect.
nice, people pick up my slightest mistakes and take the provider's side. my both statements have some similarity.
Not really
are u guys aliens? or pretty fucked up high court judges?
Holes are not the point here, the point is about the proof the provider didnt even cared to say.
Slight mistakes in the IT world can open a tin of worms for somebody else. And yes most people are going to be biased towards the provider as your story is inconsistent, we have no idea who you are, and you first posts on 2 separate forums are a "scam review" I believe somewhere in this thread there was a mention of credibility. It's an important thing to have.
I said i never logged in.
my bad because i didnt cared to mention the first login VIA java control panel & not rdp. I logged in first time to check things are ok or not(what u do basically when u purchase a new stuff?), then installed the said programs, never logged in via rdp or java AGAIN.
Yes, they won't care if you won't admit you are at wrong by not securing your server and thus maybe inviting a spammer to your server.
For all people care, you might as well be the spammer trying to get a refund. Examples of that can also be seen.
No, people are not siding up with the provider but people know better that every medal has two sides and the stories differ.
Yes. They should've provided you with a proof of spamming.
Yes, you had to secure your server.
Yes, when you say "I didn't even use it" and after a short while when you say "I only installed basic stuff" that makes you a liar. So you lose credibility.
Somebody once wrote that "consistency is the hobgoblin of little minds". In real life, consistency is king and queen in any dispute, especially one where no proof is provided - by either side. Inconsistency doesn't make you out a liar, but it doesn't add to your credibility either. Accusing someone of scam implies intent, an attempt at fraud, no less. Pretty heavy allegation, man. With no proof? And no consistency to boot? What did you expect, hugs and kisses for a "public service"?
The world of server providers is full of spammers, everyone knows that. The user that reported this is one of the most notorious spammer and server attacker. As a server provider you don't afford to suspend/terminate any server without a good reason. We have sent him clear spam report but as he threaten us you can imagine he will never show it. He opened one single ticket complaining about sandboxie.com and other websites not loading, when we asked him what other websites he forgot the websites...http://i.imgur.com/7sZH7eY.png The only 2 messages we received from him after we suspended the account was DDoS attack and forum scam threats, no further questions. What we usually do is to suspend the client VPS and wait for his reply to SPAM report, if he reply us with good intentions we unsuspend the server and see if the spam reports continues.This was not the case. Anyway here is the message we sent it to him http://i.imgur.com/PVV4CcZ.png, spam report content http://paste.ofcode.org/4SwzL5HsetkqLRVNJkzbUC and threats he sent it to us immediately after we contacted him http://i.imgur.com/WPsj9Ac.png, http://i.imgur.com/23hkxo9.png. Later on the IP was RBL listed. We reported him immediately after to fraudrecord.com http://i.imgur.com/WAfC2lM.png . If anyone knows any other forum this scam is posting about the same fake report please be kind and provide it to me in order to take further actions. Full client details : Shree Raichand, [email protected], A.J.c.bose road, Lane No.3, House no.29, city : Kolkata, Country: India, phone : 8472973214, order IP: 108.162.222.207.
Even so we are ready to refund this client based on his request and maybe some apologies.