OVH Community, your new community space.

Anti-Hack ?


heise
11-11-2014, 01:19
Well did you find the reason, why it was blocked the first time? If you have a old software package and you reinstall it, then understandably it will be hacked again.

server-hr
10-11-2014, 23:00
Server backuped and reinstalled before two days (i have about 3 days downtime because of this and NOW before 1 hour i got message that is my server suspended for ANTI HACK ?

AGAIN ?

THIS HAVE NO SENSE!

server-hr
07-11-2014, 21:55
Im backuping files already it has about 300 GB... I bought server from kimsufi.com

heise
07-11-2014, 18:34
How shoud i backup it i when i dont have where to backup it ???
Get a temp server, like a GAME-1 that is available now, or anything bigger like a OVH server for a week.

server-hr
07-11-2014, 17:53
How shoud i backup it i when i dont have where to backup it ???

I have 5 TB of backup on soyoustart service but i can access that only from server IP ...

heise
07-11-2014, 14:10
What's the problem. Take another server in the internet with fast connection and sftp your data to that other server. Please note I am talking about sftp not ftp. Then reinstall OS and copy back.

server-hr
07-11-2014, 13:50
But that's useless because i have just FTP access to server...
I cant access to backup storage by FTP...

Criot
07-11-2014, 11:27
Quote Originally Posted by server-hr
I ask them to start my server because i cant backup my server with FTP i cant acess my backup disks from other IPs

Also i cant backup openVZ servers with ftp i need SSH...

Regards.
Very unlikely that will happen, if you can't backup your server via the backup FTP you shouldn't be offering VPS Services to clients really.

Dani
07-11-2014, 10:56
Hi

You need to authorize additional IP for the FTP backup storage. This is done within your manager.

Danny

heise
07-11-2014, 10:54
Hi,

use search function and you will see, that is not going to happen. You are lucky, that they didn't cancel the contract, in which case you would not even be able reinstall your server.

If you see, I wrote, you should use sftp to backup your server.

server-hr
07-11-2014, 10:19
I ask them to start my server because i cant backup my server with FTP i cant acess my backup disks from other IPs

Also i cant backup openVZ servers with ftp i need SSH...

Regards.

heise
07-11-2014, 09:35
What did you ask them? You have to backup your data, reinstall server and move data back, while leaving out the virus/malware/etc.

server-hr
07-11-2014, 09:18
Im waitng about 20 horus for response to my email..

Still nothing

K.Kode
07-11-2014, 00:16
I'm sure if you ask for additional details (IE which IP) you can find out which of your containers is the cause.
Could be hacked, could be rented to someone using it for hack attempts etc.

heise
06-11-2014, 23:54
Maybe some of my clients used it as bootnet but then they shoud just block single IP from my range...
Well, if a server is "compromised" - since there are many ways of setting it up - blocking an IP could lead that the virus/bot/malware/etc. on your server starts using a different IP. They have - I am afraid - a simple policy. Boot server in a special "rescue mode", which lets you backup your data via sftp. The virus/bot/malware/etc. is then definitely inactive. Once you copied your data, reinstall the server and copy the data back.

It does not matter, that the openvz server belong to your clients. For OVH they are yours and you are responsible for them. Contact me if you need help.

server-hr
06-11-2014, 21:27
i only have few openvz servers 2 - 3 is my client's servers...
and other is mine i dont use them as bootnet im using them as web hosting and game hosting...

Also why no warning about that ?

Maybe some of my clients used it as bootnet but then they shoud just block single IP from my range...

Rift
06-11-2014, 19:47
Hmm so strange, are you sure your server isnt a part of a botnet network or similar?

server-hr
06-11-2014, 17:10
ear Customer,

As your server ------- is presenting too great a threat to our network,
we had no choice but to place it in 'rescue FTP' mode. An email
containing a username and password has been sent to you so that so you can
easily retrieve any data still located in the storage space.

Please do not hesitate to contact our technical support so that this
situation does not become critical.

You can find the logs brought up by our system below which led to this alert.

- START OF ADDITIONAL INFORMATION -

Despite our legal communications about serious abuse-criminal concerns sent to the administrative contact of the account, you refused or neglected to respond to our notice and/or to apply corrective measures, (which constitutes a breach of contract).

We have decided not to terminate the contract but to give you the opportunity to retrieve your data and reinstall the server (since we have received information showing the server is compromised and you have not been responsive).

You will receive another email explaining how you can retrieve the information hosted on the suspended product. The server can be reinstalled through your manager.

Our actions in this case do not constitute a decision in your favour or in favour of the third-party complainant, but simply an application of the terms and conditions of the service.
----------------------------------------------
Please investigate, fix and answer Abuse Case #21333

What is Abuse Case #21333 ?

My server is suspended without any warning or information.... My customers are getting angry, i cant use my backup space to copy data and reinstall server... What shoud i do ?