New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
+1.
I'm sure they do. @mikmak do you have a full log rather than just the observium graph, may clean some points up?
Lol, I still think there is something @Fatboy (or his client) isn't sharing and @bene_online doesn't want to share due to privacy.
Sure, support are stern on their stances but they don't hide anything when I have spoke to them, they actually are pretty black and white with little grey area.
@wych
I wouldn't necessarily expect that every VPS/dedi provider runs a full IDS.
But how about a simple firewall rule that comes down to "Log every packet from any IP to the core with a frequency above x packets/s"?
Would that be too burdensome for someone talking about taking their infrastructure very seriously?
Pardon me, but what's the meaning of "taking infrastructure very seriously" when even a simple fw/logging combination isn't in place? Does that mean then something like "Whenever some technicians balls swing more the left and he feels like it, a client gets shot down"?
Funny that in a business area where 10ms more latency is of serious concern, demanding "attack logs" that are at least in minute-resolution seems to be beyond "taking infrastructure very seriously" .
@wynch, you are just an untrusting bugger aren't you
Everything I have said to date is what is happened, I didn't start this thread as a mud flinging competition just a simple ask. Its online.net and @bene_online that have made things murkier than it should of got with their BS reasoning that has changed three times.
Now as Onlne.net cannot be bothered to give a straight up answer and hide behind graphs that not only I can can't get to grips with (which to be honest isn't a surprise with me, but you guys seem to know your stuff) I went delving and to be transparent I will carry on the story:
I suspended all accounts on the server, stopped apache, cpanel etc and took off the Dropbox software. I then ran clamav and maldet - it has detected 4 malware instances across two accounts. The list given in the logs were:
{HEX}php.cryptophp.pnginclude.378 : /home/account1/public_html/wp-content/plugins/go_pricing/go_pricing.php
{HEX}gzbase64.inject.unclassed.15 : /home/account2/public_html/helpdesk/inc/footer.inc.php
{HEX}gzbase64.inject.unclassed.15 : /home/account2/public_html/helpdesk/admin/admin_main.php
Now, if that is the problem then fair enough. Just after deleting the injected code in the helpdesk software I realised I should of kept a copy!
However, if Online had thought it was a compromised account then instead of stonewalling and giving BS reasons they could of given us access to check the accounts.
Like I said, what I have said is straight down the line and even giving up the malware I found - it still doesn't excuse the crap we have had from Online.
Yeah, but don't take it personally!
Yeah I'd want more than just a graph; but as you said I am untrusting.
Was only yanking your chain @wych, hope I didn't offend
No worries; not offended!
It doesn't matter if the customer is actually a kiddy which tried to use the server for a botnet or if it's a legitimate customer, online.net's reponse is just not acceptable.
Not only did they take a shitload of time to respond to tickets, they also failed on the technical level.
For a company that claims to have DDoS protection on every service this is just weak. You have an automatic logging system in-place for inbound DDoS and you can't even show the customer any logs for outbound DDoS? Guess in your little world boxes never get hacked and there are no people that maybe sell services to others using your servers?
I once had an issue where one of my boxes got compromised at RamNode and was sending out attacks, the issue was resolved in 50 minutes and they provided me SolusVM logs, logs of the attack and further advise on what may have caused the compromise making it very easy for me to resolve the issue. That's how you handle such a situation without putting you to shame.
That is what I have been trying to say, you seem to have put it a lot better. Also a good recommendation for RamNode, someone who appears to want to work with their customers!
Latest reply to my request for logs:
"Hello, I can not say anything more than my previous colleagues. I invite you to close this ticket. Regards, -- Etienne K."
You wont get anywhere with them, bottom line you cant prove the server was not compromised, they are not interested in helping any further.
Just move on with your life.
I had a server with them, went to order a second about 3 months later they said my account needed to be validated and would not let me order despite me pointing out they already had my details on file (passport etc from the first server) literally zero logic, you don't win against morons.
These companies can only afford to hire dog shit support staff to deal with end users, I am having similar issues with a company in the Netherlands right now and have finally decided just to buy my own equipment and IP space, dealing with these bottom of the barrel clowns and companies like them has knocked years off my life.
move on.
You got the same problems and you are a provider - a mere user like me stands no hope then
We have moved on luckily, I just want to see their proof though.....just so they are not just making it up.
Good luck with your own kit and IP space!
You wont get it, I have been waiting 4 days for a disk to be replaced, they cant find a single disk in the whole DC that passes a smart test, then I found out they don't actually have any staff on site and the guy I am dealing with is 100km away and the response to me asking them if they think that is acceptable was:
This is a company I have spent close on $100,000 with over the past 4 years and this was the straw that broke the camels back, I asked for escalation, he literally refused.
And online.net is about 500% cheaper again so really, just move on, I thought my head was going to explode today, the problem is stupid people do not know they are stupid so you literally wont ever get what you want.
Quick Edit: this was sort of a rant but my underlying point being, the world has gone to crap in terms of service because no one wants to pay for quality and as a result most of the quality that used to exist is gone, trying to find it will drive you mad.
It's just part of these companies that are working like supermarkets that should be opened only on banking days and during business hours, as if the Internet was being shutdown on weekends and at night.
You are all right and we have moved on and because of this answer to my request for logs:
"Hello, sorry but i've not your log, i can not say anything more than my previous colleagues. Regards, -- Julien M."
I have requested they issue a full refund for the lack of service provided and the lack of proof of their accusations.
You are right - they are useless, a cheap cattle shop in the hosting world where if they mess one person around they won't lose sleep. However hopefully this thread will point out how useless they really are and if they are that desperate for money to keep their shop afloat then I hope people get backups and get out as soon as possible.
This is why people should put more business into small businesses, including the so called 'one man shops' who get a bad rap usually. Compared to the likes of Online.net and @bene_online, I would rather go for the one man shop.
Comes to something when they actually confess to having absolutely zero proof of throwing someone off of their network.
Well done Online.net and @bene_online, you have shown yourselves to be the most unhelpful and unsupportive providers I have ever had the misfortune to cross paths with.
Now just refund the guy and save a little face.
There are things that online.net do well, and some others are horrible.
You could never expect something fully honest when you know who is behind Iliad. Xavier Niel and his friends are very creative when it comes to developing new tricks.
Recently they opened a free school to make junk coders and Apple fanboys, they gave it a fancy name to attract lusers "42".
At the presentation they pretended that the school was promoting free softwares, and then it ended up like this:
The purpose is to hide the horrible commercial practices by giving Iliad the aspect of a charitable organization so that the low quality and money remain behind the curtain.
Just to keep this up to date and, as long as they follow through with what they say in the ticket, its the end for me. Hopefully this thread will show up Online.net for what they are.
Anyway, last few replies after me continuously asking for proof and them telling me they provided proof in this thread, didn't actually have any and then saying they did but I would have to write to them or fax them. The other point I found quite amusing was it took about 12 hours to get answers until you start talking money and refunds and then they reply within a few hours:
Hello, You already got answers. You did perturbated services for every customer on the same switch. We won't pursue this argue as it won't lead anywhere. You are responsible of your server's usage. We won't unlock it, ever. You'll have to order servers from another provider. I'm now closing this ticket as answer was already provided. Regards, -- Sébastien F.
Ticket created on 2015-02-20 14:59:26, not read yet
Online - Jonathan
Hello Mr Cross, Refund is done and will be credited on your account in 10 days, Regards, -- Jonathan L.
Ticket created on 2015-02-20 14:24:38, read on 2015-02-20 14:46:28
stevenjx
And as you can see from your 'proof' given by people who have not confirmed with LET that they are actually Online employees, it was shot down in flames by a lot of people. You still haven't told me (or LET if you want to keep going there) the type of 'attack' you are accusing me of or provided anything worth while that can determine anything. So I call BS on your 'evidence', in line with the rubbish that Bene is saying on LET (3 different reasons for the suspension to start with) So at the moment, you, going on what people are saying about European contract law, are actually in a sticky situation for not providing proof that cannot be questioned and not refunding. So, I repeat yet again - SHOW ME THE PROOF OF ANY ATTACK I HAVE STARTED. Perhaps looking up the definition of 'proof' will help you out as well. As I have said before, the longer this goes on the more tarnished your 'reputation', although its quite low anyway, will become.
Hello, AS we said proof was given by our network team on low end talk discussion, and we trold you where to find it, so, if you waana more informations i give how to ask, refund will not be posssible, you break the ToS, Regards, -- Jonathan L.
Ticket created on 2015-02-20 12:44:10, read on 2015-02-20 12:54:44
stevenjx
Hang on - you just told me that you didn't have anything, now you are saying if I send you a letter or a fax you will suddenly find some evidence? Make your mind up - do you have some evidence of your accusations or not? Please just pass this to your billing team and get a refund sorted as soon as possible - the faster I get away from your pathetic substandard 'business' the better and I will stop bothering you asking for something you either don't have, never had or just can't be bothered to find.
Just hand it over to the police and to the eu consumer protection. Let them try their stupid games with a district attorney.
Important: Send them in formal writing (letter or fax) a request to either show tangible and credible proof of what you alledgedly did (hacking or whatnot) or to immediately and fully refund you.
No matter which, you should also demand compensation for any damage (incl. reputation!) or work or expenses incurred by their illegal actions.
It should be obvious by now that any discussions or attempts to amicably settle this issue is bound to fail. They are obviously begging for a bleeding mouth.
To be honest, as long as that refund comes through I don't care anymore. The guy gets his money back and I still have the pleasure of knowing they were wrong and couldn't prove anything if their lives depended on it. Telling the truth seems quite difficult going on this thread
They say refund has been processed and take up to 10 days - lets see if thats just another chunk of BS or not.
10 more days for them to make up more bullshit. You are too generous.
How much money are we talking?
TLDR: Brand new server gets pwned. Pwnage causes troubles for other customers. Server gets terminated by provider. OP feels but hurt.
We have seen this same story over and over before (in many variations).
The only thing that remains is whether the OP receives his refund. If he should be entitled to it is another discussion...
jus sayin
@deadjoe
You "missed" a decisive detail: "pwned" is a deduction, not a fact. And the whole view is based on nothing but the providers assertion - which he did not at all prove.
welcome back in this thread after 8 months complete silence
The OP failed to prove anything either.
The graphs show excessive outbound traffic for a fresh server... typical for pwnage.
Uhm, the OP must not prove anything. It's the provider who terminated service needs to prove he had solid reason to do so.
It's called law.
@Mark_R - generous is my middle name
@AnthonySmith - a single server, so not a lot really, especially compared to you
@deadjoe - guessing you can't read or just like talking about asses, everything is in the thread so perhaps you should re-read before fantasizing any further about anal problems. Not judging you, if thats your thing crack on sunshine.
To everyone else who gave advice thanks, been a strange old week.
Fair enough. I'll be sure not to be using online.net's services from now on. If they pretend to be a "large" operation but don't have any staff on site, it's a clear sign to avoid them.
@Fatboy - I hope your receive your refund, however I still believe my summary is somewhat true. Online had to boot you to protect their existing customers, regardless if you were at fault or not.
Friday the 13th is unlucky for some.
I'm not sure ant was referring to online.net then...
@Fatboy will receive a full refund for his server
@wych / @mpkossen This comment was related to another provider, not to online
Anything else has been said in this thread
That is not online.net I was just drawing a comparison to the host I use in NL