OVH Community, your new community space.

about vps and ovh support !


ivanbarayev
04-04-2016, 17:31
Quote Originally Posted by alvaroag
That's because you ignored the first chance, when your vps was put into rescue mode because it was compromised. By now, you should have received an email with the FTP Rescue login details. You should now pull all your files out of your VPS and reinstall it.
deear alvaroag I understood the situation.
bu I angry for support answer back time is too late.
I called this num 0044 203 384 2356 and wait a bit. talk with a personel then this person said me "please call this number 2033183832" !
later I called this number then again said me another person "plase call this 003531637...." and call it but I could not reach anyone

now I'm asking
OVH one of biggest company in europe, must be carefull for this support subjects
right or not ?
alvaroag
04-04-2016, 14:27
That's because you ignored the first chance, when your vps was put into rescue mode because it was compromised. By now, you should have received an email with the FTP Rescue login details. You should now pull all your files out of your VPS and reinstall it.
ivanbarayev
04-04-2016, 10:07
hi to everyone I have a problem about my one vps.
my vps attacked by somebodies in only 17mb
I sent 3 ticket about 8hours ago and 1 mail but still I'm waiting an answer
what can I do for this issue ?

by ovh support team send me a mail like this

"
Dear Customer,

Abnormal activity has been detected on your VPS vps116273.ovh.net.

As your VPS poses too greater threat to our infrastructure, we had no choice but to put it in FTP rescue mode. This mode enables you to access the data on your VPS. An email containing information on FTP rescue mode has been sent to you.

Actions can no longer be carried out on your VPS via your Manager/API. Only the following actions are possible:

- Reinstallation of your VPS.

Please do not hesitate to contact our technical support team so that this situation does not become critical.

You will find the logs brought up by our system below, which led to this alert.

- START OF ADDITIONAL INFORMATION -

Attack detail : 40Kpps/17Mbps
dateTime srcIp:srcPort dstIp:dstPort protocol flags bytes reason
2016.04.03 15:29:48 CEST 5.196.225.38:57184 173.245.59.207:53 UDP --- 59 ATTACK: DNS
2016.04.03 15:29:48 CEST 5.196.225.38:57184 173.245.59.207:53 UDP --- 59 ATTACK: DNS
2016.04.03 15:29:48 CEST 5.196.225.38:57184 173.245.59.207:53 UDP --- 59 ATTACK: DNS
2016.04.03 15:29:48 CEST 5.196.225.38:37214 173.245.59.207:53 UDP --- 55 ATTACK: DNS
2016.04.03 15:29:48 CEST 5.196.225.38:57184 173.245.59.207:53 UDP --- 59 ATTACK: DNS
2016.04.03 15:29:48 CEST 5.196.225.38:57184 173.245.59.207:53 UDP --- 59 ATTACK: DNS
2016.04.03 15:29:48 CEST 5.196.225.38:37214 173.245.59.207:53 UDP --- 55 ATTACK: DNS
2016.04.03 15:29:48 CEST 5.196.225.38:37214 173.245.59.207:53 UDP --- 55 ATTACK: DNS
2016.04.03 15:29:48 CEST 5.196.225.38:57184 173.245.59.207:53 UDP --- 59 ATTACK: DNS
2016.04.03 15:29:48 CEST 5.196.225.38:37214 173.245.59.207:53 UDP --- 55 ATTACK: DNS
2016.04.03 15:29:48 CEST 5.196.225.38:37214 173.245.59.207:53 UDP --- 55 ATTACK: DNS
2016.04.03 15:29:48 CEST 5.196.225.38:37214 173.245.59.207:53 UDP --- 55 ATTACK: DNS
2016.04.03 15:29:48 CEST 5.196.225.38:57184 173.245.59.207:53 UDP --- 59 ATTACK: DNS
2016.04.03 15:29:48 CEST 5.196.225.38:57184 173.245.59.207:53 UDP --- 59 ATTACK: DNS
2016.04.03 15:29:48 CEST 5.196.225.38:37214 173.245.59.207:53 UDP --- 55 ATTACK: DNS
2016.04.03 15:29:48 CEST 5.196.225.38:57184 173.245.59.207:53 UDP --- 59 ATTACK: DNS
2016.04.03 15:29:48 CEST 5.196.225.38:37214 173.245.59.207:53 UDP --- 55 ATTACK: DNS
2016.04.03 15:29:48 CEST 5.196.225.38:57184 173.245.59.207:53 UDP --- 59 ATTACK: DNS
2016.04.03 15:29:48 CEST 5.196.225.38:37214 173.245.59.207:53 UDP --- 55 ATTACK: DNS
2016.04.03 15:29:48 CEST 5.196.225.38:37214 173.245.59.207:53 UDP --- 55 ATTACK: DNS

- END OF ADDITIONAL INFORMATION -

OVH Customer Support.
Regards,