OVH DMCA/Abuse Address
Nov 13, 2008Does anyone have the abuse/DMCA complaint email for OVH as I need to file a complaint but cant find it.
View 3 RepliesDoes anyone have the abuse/DMCA complaint email for OVH as I need to file a complaint but cant find it.
View 3 Replieshow i can get in touch with the abuse dept of layeredtech.com and theplanet.com's abuse dept as IPs from these seem to be making a suspected DDoS attack on my server?
View 1 Replies View RelatedIm trying to get abit more information, if the DMCA is a US law/ agreement whats the british version or european version?
View 8 Replies View RelatedFirst off thank you WHT for providing these forums and please forgive me for my first post being a huge rant!
We have contacted ThePlanet multiple times with DMCA requests to have a website remove illegal copies of our software from their website. The website is (*****.com *removed link*), and ThePlanet hosts them.
This issue has been ongoing for over 10 days, our original DMCA from them was ignored.
We resent another on Tue June 2, 2009, that one was responded to. Either no one from ThePlanet bothered to visit the warez website or they encourage warez on their networks because the website is still up; they initially removed links to our software but added new ones hours later.
We contacted ThePlanet again hours later with our email again to be disregarded. We sent another reply last Friday, ThePlanet responded back that our email was not in proper DMCA format; but do not bother to see the entire website is nothing but warez. Do these guys just not care that warez is on their network? I didn't realize the economy has gotten so bad they now cater to warez websites.
Visit the website and see that is has full ISO copies of Windows and other software, has full dvdrip movies and copies of games, as well as crack patches and keygenerators.
Why is it that ThePlanet allows these websites to operate and that their AUP is a total joke? Obviously if you want to distribute warez ThePlanet seems like the best place to do it.
We also hosted our websites on ThePlanet but intend to cancel service with them due to this issue. I encourage anyone that is a software developer and uses ThePlanet to also dump their service.
I contacted HostGator a few days ago in regards to a website being hosted on their network. The blog post had a link to a decompiler that would decompile applications written by a certain program. The responses I received from Richard F. (Network Security Administrator) of HostGator was not what I expected.
At first, Richard F. wants to see the EULA of the software that the decompiler is made for. So, I send him the URL and even quote the EULA. It states, "Neither you nor any third party may modify, adapt, decompile or reverse engineer the Games." In addition, I pointed Richard to the author's blog where the author is not happy about the decompiler as people can use it to steal and ripoff games and applications written with this software. Richard F. then defends the decompiler by stating the following:
"Well, this is a complicated situation. Having the decompiler available is in itself not any violation of the EULA. However, if someone uses it then it's a violation of that EULA. Making the decompiler available solely as a source of information is not in any way infractionary, this has been held up in court cases with companies such as Microsoft."
It seems he is trying to use some alleged loophole of having it available for "information purposes only" does not make it illegal or a violation of HostGators TOS/AUP. I then notify him that it is also a DMCA violation as the only reason for reverse engineering per the DMCA is if the software is no longer available nor the author available. Neither of these conditions are met as the software that is decompiled is still being made and the community that uses the software is active. Richard F. then makes the following illogical analogy:
"Yes it could be seen as a violation of the DMCA. However, again, as an informational source, it is not in any violation. If we wanted to go on a tangent and say that this tool was written in, say C#, we could then hold Microsoft liable for creating both the C# language and an IDE to allow someone to write this tool. But they're not liable for what is created with or done with their tools, they merely provide them. This is where we are in this situation. Simply providing the information is not illegal."
Firstly, no one ever went on any tangent. Next, his analogy makes no sense. The fact of the matter is that the website being hosted on HostGator's network is distributing a decompiler that circumvents security measures in a program. People that use this particular software to compile their games and applications can have their source code revealed by a person simply running this decompiler.
I guess Richard F. is not used to dealing with techniaclly adept people. Therefore, he pulls a bunch of technical BS out of his gator butt and expects me to believe it.
I have forwarded this issue to The Planet as well as to the author that made the software being decompiled. I have notified him of HostGator condoning the use and distribution of this decompiler. I think it's pretty sad when a hosting company starts to defend immoral and unethical activities. And to think, this joker is actually has the position of "Network Security Administrator." He sounds like some kid barely out of high school computer science class.
my host freaked up when getting a letter from a company about DMCA, and quickly shut my site down.
Does anyone know of a dedicated server hoster who does not jump the gun and shut down sites from a little Cease and Desist letter for around 299 EUR a month?
The site gets roughly in the thousands of hits per day.
(Off-shore hosting is fine too)
I have sent a DMCA notice to softlayer because I saw warez forum thats abusing USA laws and they are giving away lots of hacked rapidshare accounts to its users. So I have made my complaint but I didnt said what infringed my copyrights. And softlayer can see the warez site and decide them selves.
So this what I got in reply after 2 weeks-
Quote:
Please review our DMCA procedures which follow the OCILLA. Also note, the sworn statements and all other information listed on our DMCA page are not only required but mandatory for any DMCA report. This will allow you to specifically identify the intellectual property that you own and is being infringed upon, which is required by law.
There are many verified third party DMCA/COPYRIGHT agencies who act on behalf of the intellectual property holders who can verify and submit these claims on behalf of the intellectual property owners. This will insure that legally, the intellectual property owner and the ISP is protected in the event of an account termination.
Softlayer DMCA information [url]
[url]
[url]
And they didnt took any actions against that site and what I see is that warez site is operating till now on softlayer servers. Looks like softlayer didnt warned the site admins too. 1 month passed after my complaint and its still operating.
We recently discovered another host had stole parts of our page and use it as theirs. Right now we are currently looking to contact it's service provider to submit the DMCA complain. However we have no success of contacting their provider XO. So now we are looking to contact their actual provider (reseller of XO) but we were unsuccessful in finding such info. If anybody here could give us a hand?
The site in question.[url]compare to ours[url]
as you can see the table is identical.
Their IP- 209.31.114.36
XO Communications XOXO-BLK-11 (NET-209-31-0-0-1)
209.31.0.0 - 209.31.255.255
SECURE-24 XOXO-209-31-112-0 (NET-209-31-112-0-1)
209.31.112.0 - 209.31.115.255
# ARIN WHOIS database, last updated 2008-12-05 20:12
Have sent in a claim as instructed on this page [url], but havn't heard a reply yet.
How well does ThePlanet.com handle DMCA complaints?
Recently got shafted by a client for over $30K (3 months of work plus our own out of pocket expenses). To make matters worse, this crook took the PHP source code which my company offers as a hosted solution and installed it on a dedicated server at Theplanet.com.
I have sent DMCA take down notices to theplanet, following their procedure (which is the standard legal procedure) but they have not done anything to the perpetrator. He has managed to spring up 2 websites already, and is no doubt planning to launch more.
Not sure if anyone else has been in this type of situation but I need to get something done about this. I have no doubt in my mind that even if theplanet did shut his sites down, or at least wiped the infringing software from the disks, he would jump over to another host and do the same thing again. My company doesn't have time to waste chasing him around, however the software he has contains a lot of proprietary code that we created and was never intended to be public.
So far both of the domains that he is using have Network Solutions as the registrar. Does Netsol assist with this kind of thing? Hopefully someone with similar experience can chime in with some advice.
I just had the pleasure of having my entire host containing multiple sites,being suspended by Godaddy because someone sent them a notice of infringement. Even though I had resolved the issue with the copyright holder 8 hours before Godaddy suspend the host.
Which brings me to my question, anyone know of a host that's reliable, well priced and not effected by the DMCA?
We run into DMCA problems (Windows Media Streaming) 3-4 times a year and most of these requests come for content that are not even governed by US laws.We currently have Ecatel and they have been good with DMCA but their quality has been a major drawback (Stream buffering big time, even for a dedicated server)
We are looking for a Windows server 2003 streaming server with at least 100Mbps dedicated unmetered connection (will upgrade to 500 or even 1Gbps dedicated if the quality is reasonable).
About: interserver.net
Mods, Please put this in correct section.
There is a website hosted on a server provided by interserver.net. This website is copying lot of data, which is copyrighted information of my client.
I have filed DMCA against the guy who is copying with interserver.net, but they have not responded for 5 days.
The guy running the site has given fake contact information and whois is private. The hosting company is also with some fake contact information.
And, the server provider doesn't respond.
if any one knows of an abuse bot for web hosting companies that will automatically detect phishing, spam, etc.
I know that this isn't a huge issue for paid hosting providers but it is somewhat problematic for free hosts.
Last week my VPS hosting provider has suspended my server because of a SPAM petition made by spamcop.com.
The problem is that the incriminated spam message was not sent from any IP adress of my VPS, or a domain hosted on my VPS. Still this, my ISP has suspended my server without sending me any warning e-mail.
Only guilt that i have is that the spammer found some e-mail adresses in one webportal hosted by my server and he mentioned this on the last 2 lines of the message: "This message was sent to you be cause we found your e-mail adress on a public website and this website is....www.somewebsite.com.
The admins of my ISP didn't asked me about the potential fraud and closed my VPS for almost 24 hours without warning me. I was in vacantion for 10 days and i didn't know about the fact that my clients are in trouble.
Now i'm asking you: Does the ISP made a right thing suspending my VPS only because on of my hosted domains was mentioned in the spam message, and no IP adresses or domains names of my VPS were in the X-Originating-IP header lines?
Apparently smtp servers from other countries are using our email addresses in the 'reply to'. Because of this much failed messages replies (message is blocked; user doesn't exist) are returned to our email accounts. Is there a way to handle abuse like this? We aren't an open relay but for some reason all the mail is coming back to us. Is there a way to combat this?
View 5 Replies View RelatedI'm a web programmer with little knowledge of server maintenace, tasks, configurations, etc.
I run a website hosted a dedicated box with godaddy. It appears my MAX SMTP limit (25,000) is reached at times. I know for a fact my subscribers are not generating this many emails.
1) Is there a way I can see a log file all of the email messages that were sent using my SMTP qmail account?
2) I've entertained the possibility that someone has "hijacked" my qmail account and is using it send out spam messages?
Any help in being able to get to a log for qmail or to run some other kind of diagnosis to figure out what's exactly going on with my server and why my max smtp limit is reached constantly.
I was wondering what other people did to prevent their networks from being used as platforms for network abuse. I just setup an inward facing snort server, myself- But I was wondering what other providers (especially other low-cost VPS providers)
View 2 Replies View RelatedI got Abuse issue Tickets from FDC today, Which i have install new OS few days ago, only have 2 website i know they would not send out any spam email or anything..
Due to the below email, their is an abuse issue with your server. You have 24hrs to respond on how you will correct this issue before we null route the ip. Further complaints, without action may result in deactivation of your server.
Thanks for your cooperation.
--begin disclaimer
You are receiving this message because you are listed as contact of
one of the networks or domains involved in this incident. If you are
not the correct contact please ignore this message.
--end
Dear Mr,
Please investigate the incident described in the following partial log,
giving the treatment as your AUP permit, reporting the measures to all
recipients of this message.
In case of non acceptable treatment or reincidence, it will be taken
restrictive measures to protect .BR registry.
Info---------------------------------------------------------------------
Timezone: GMT -2:00
The port in question was 10000 - registered in IANA[2] for: Network Data
Management Protocol
The e-mail contact it was gotten by the following consultation:
whois -h whois.lacnic.net 66.90.101.xxx
Whois-----------------------------------------------------------------------
% Joint Whois - whois.lacnic.net
% This server accepts single ASN, IPv4 or IPv6 queries
OrgName: FDC Servers.net, LLC
OrgID: FDCSE
Address: 141 West Jackson Blvd, Suite 1135
City: Chicago
StateProv: IL
PostalCode: 60604
Country: US
NetRange: 66.90.64.0 - 66.90.127.255
CIDR: 66.90.64.0/18
NetName: FDCSERVERS
NetHandle: NET-66-90-64-0-1
Parent: NET-66-0-0-0-0
NetType: Direct Allocation
Comment:
RegDate: 2003-08-18
Updated: 2004-02-26
OrgAbuseHandle: ABUSE438-ARIN
OrgAbuseName: ABUSE department
OrgAbusePhone: +1-312-913-9304
OrgAbuseEmail: abuse@fdcservers.net
OrgNOCHandle: NOC1402-ARIN
OrgNOCName: Network Operations Center
OrgNOCPhone: +1-312-913-9304
OrgNOCEmail: abuse@fdcservers.net
OrgTechHandle: PKR5-ARIN
OrgTechName: Kral, Petr
OrgTechPhone: +1-630-729-0228
OrgTechEmail: abuse@fdcservers.net
# ARIN WHOIS database, last updated 2008-01-22 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.
Logs-----------------------------------------------------------------------
Jan 22 11:51:08.961984 66.90.101.xxx.59733 > xxx.xxx.2.8.10000: S [tcp sum
ok] 1684154077:1684154077(0) win 65535 <mss 1460,nop,nop,sackOK> (ttl
117, id 47077, len 48)
Jan 22 11:51:08.962002 66.90.101.xxx.59733 > xxx.xxx.2.15.10000: S [tcp sum
ok] 2112584473:2112584473(0) win 65535 <mss 1460,nop,nop,sackOK> (ttl
116, id 54111, len 48)
Jan 22 11:51:08.962018 66.90.101.xxx.59733 > xxx.xxx.2.11.10000: S [tcp sum
ok] 784051742:784051742(0) win 65535 <mss 1460,nop,nop,sackOK> (ttl 117,
id 34960, len 48)
Jan 22 11:51:08.962043 66.90.101.xxx.59733 > xxx.xxx.2.16.10000: S [tcp sum
ok] 188686613:188686613(0) win 65535 <mss 1460,nop,nop,sackOK> (ttl 117,
id 8194, len 48)
Jan 22 11:51:08.962057 66.90.101.xxx.59733 > xxx.xxx.2.10.10000: S [tcp sum
ok] 1829533742:1829533742(0) win 65535 <mss 1460,nop,nop,sackOK> (ttl
117, id 26158, len 48)
Jan 22 11:51:08.962080 66.90.101.xxx.59733 > xxx.xxx.2.12.10000: S [tcp sum
ok] 1559560773:1559560773(0) win 65535 <mss 1460,nop,nop,sackOK> (ttl
116, id 4558, len 48)
Jan 22 11:51:08.962093 66.90.101.xxx.59733 > xxx.xxx.2.9.10000: S [tcp sum
ok] 60930635:60930635(0) win 65535 <mss 1460,nop,nop,sackOK> (ttl 117, id
551, len 48)
Jan 22 11:51:08.965238 66.90.101.xxx.59733 > xxx.xxx.2.3.10000: S [tcp sum
ok] 1935758257:1935758257(0) win 65535 <mss 1460,nop,nop,sackOK> (ttl
How do you handle your postmaster and abuse addesses for each of your shared hosting accounts? I obviously dont want to receive them all as root and i dont have catchall accounts enabled. I was thinking about setting up aliases to point to their cpanel username account, but i dont know about you, but i hate those accounts and i highly doubt my clients are going to ever check them. These addresses seem to be high targets for spam as well. I have an anti-spam solution, but high volume targets still let a bit of spam through.
View 1 Replies View Relatedin the last 2 weeks has increased the spam mail to external users using our mail accounts.
So a user receives spam believing that it is sent from our sites.
I think the best method is to create a txt file in dns but I have many doubts about how to proceed.
Looking at one of the e-mail back to our mail server I see that emails are sent via outlook.
This is an example of the emails: ...
One of the sites I help run has 1.5 million pages of parts that can be ordered and information about those parts. We started seeing a ton of hits at around 20-30 pages per second over the past couple days.
There is no information about them on the internet and they are also masking as GoogleBot.
Be on the lookout as I am pretty sure they are trying to steal content and post it up for search results. They are using Amazon EC2 servers to do it also.
This is how they are identifying themselves:
Mozilla/5.0 (compatible; Adtuitionbot/1.0; +http://www.google.com/bot.html)"
Offending IPs: 174.129.155.59, 72.44.52.93
In a 24 hour period, we blocked 408,821 requests from them.
Recently we received reports of spam being sent out in massive amounts from an old IP address we had with DedicatedNow/FortressITX, apparently the IP still has reverse DNS setup for our domain name for some reason and we are still receiving spam reports.
I have sent them two emails/tickets, which were logged into their ticket system and have had no response from them in regards to this. They have not taken any action because I am still receiving spam reports from the same IP address, surprising they have not taken any action towards spam on their servers.
I have also requested that they remove the reverse DNS entry, no response to that as well.
Emails were sent with the spam reports from junkemailfilter.com.
Perhaps this will get their attention and they will look into the problem and put a stop into the spam issue.
As known, we should provide our credit card information to pay hosting costs.. two questions arise here...
1) What stops a hosting company from stealing or abusing your personal information?
2) What if I want to pay hosting invoices month by month (manually), is it possible and what should I do to go this way?
I have a client on my server from ThePlanet. That client sends a newsletter once a week to about 50,000 recipients with a program that i built. The list was purchased from a company that sells targeted directory listings.
Each email has a very clear opt out link, and one click takes them off the list. There is also a direct link to the contact form, as well as the information of the company sending the mass emails (me). This should satisfy all regulatory requirements to comply with existing laws.
Now, these emails have been sent once a week for about a month now. Today, ThePlanet issued a support ticket entitled "Abuse: Spam Source". It seems that there was a problem from aol, and one of the emails was redacted.
Reading through ThePlanet terms of service, it seems that they only allow closed system mass mailings. So now I am faced with a problem, because I have a client who expects to send out emails next week with a system i built, and I have a hosting provider that is demanding some sort of "proof" that these emails are solicited.
For the record, this newsletter isn't junk spam like selling viagra or pumping a stock. It is a free weekly summary of significant new york appellate cases, and it has been very well received by the attorneys on the mailing list. There have been ridiculously few opt outs ( < 2%), and there have been literally *hundreds* of emails coming back to show their gratitude for the free service. Not even one comment has been negative.
So what can I do now? A significant number of attorneys on this list are expecting the newsletter, but it cant be sent due to this problem.
The best that I could come up with so far is to send an "Opt in" mass email, where users must click the link to opt in, and everyone else would be removed from the mass email. I could then use the unique keys used for opt ins as "proof" for ThePlanet that the emails are solicited.
We have server in limestonenetwork for couple months, everything good until several abuse issues to our IP for several times recently. Based on instruction from Ryan A., Abuse Department Manager, I have suspend/terminate the suspected accounts in timely manner, each time there's abuse issue.
But today surprisingly, they terminate our server immediately without prior notification. I fully understand that this is my fault not to watch our hosting client for abuse issues.
I only need to get the data back for several hours so I can move the data to other server. Based on their tos limestonenetworks.com/service_info/tos.html I did not see any about temporary data restore so I think we still have right to get our data back.
question
is it true that I can not have my data back at all based on their tos ? since I can not find this matter mentioned on their tos.
I am trying to get a hold of the abuse department of Layered Technologies. They host a splog which is continually ripping my content - takes the content down after a complaint - just to publish it again after a few hours.
I only have sales@layeredtech.com - and even so they promise to forward the request - the latest rip is from yesterday evening and still on the other site.
I really like to have this resolved.
Usually, I won't start a thread. But this time, I think I will share my 1-year experience, so people will know how Singtel EXPAN (HK) network/abuse department works.
Firstly, their network is extremely good most of the time. I only made a few complaints about network (3-4 minor problems... except the one caused by the earthquake)
So, I am a happy customer for first 10 months. However, my nightmare starts 2 months ago:
1. Early Feb, the abuse/network team received a phising scam (AOL) complaints against a site on a dedicated server customer (which sold hosting as a part time job). So, a technican has forward us the email and then phoned me about that. I immediately forwarded it to my customer.... After 30 minutes, the technican phoned me again and told me that they had blocked the IP since I didn't fix it.
Finally, this customer cancelled next month. [EWM ticket #3143589]
2. After 10-20 days, we got a new customer that want to send mailing list. I said as long as you responded to all complaints and the rate isn't high, you can use the server for mailing list. Within 20 days, we got few complaints via email (in standard template) ... so I forward them to my customers and they removed them promptly. Then, one day, a technician phoned me and told me they will block the IP at 5:00pm... but they phoned me at 2:00pm... So, I begged them to extend the deadline to 24-48 hours because the customer come from US... After a day, another spam complaint (from this customer's previous HK provider )... so, I turned off the switch port of his server immediately.
This time, I really appreciate the extended deadline. However, after this incident, their patient were all gone.
3. Last week, Microsoft privacy team reported that one of the site is linking to privated copy of Windows Vista (which is hosted in Radidshare.de) and providing license key/ key generator.
So, the technician phoned me and give me 30 minutes. I said the site is a popular forum with 130K+ members and 10K+ members online... sometimes, somethings may be overlooked. This time, no extended time.... Luckily, the forum owner is online in MSN. So, he deleted the thread immediately and I reported it to Microsoft and Singtel. Microsoft Anti-privacy team did reply and thank us while Singtel kept silent. [MS Ref. 878XX]
4. 2 days ago, someone "complained" about "Spam Activities" on 1 server. The complains are about 2 URLs in a server were redirecting to a sites that was infected by virus/ was hosting virus. Again they phoned me and told me to fix within 30 minutes or they suspend my network.... This time, I can't contact the owner and we don't have access to the server... so I suspended this server. [??No email ticket reference??]
5. Yesterday, a technician phoned me again and told me to fix a spam complaint within 30 minutes. But, this time, the complain is so short that I can paste it here:
--------------------------------------------
Subject: UNDER ASSAULT BY SPAM!
XXX.XXX.XXX.XXX has been assaulting my formmail script for
days. Please make it stop!
--------------------------------------------
Since my skill level is too low, I can only think of 1 solution..... [EWM ticket # 3188660]
---- personal opinion -----
Singtel EXPAN DC (Shatin) has a good infra-structure and helpful onsite technicians. But, their abuse/ network department is a joke. (Just like an over-budget police department in SimCity. ) That make, their colocation is not suitable for any hostings/ dedicated server providers. It is not recommended to anyone that doesn't sit next to the phone 24 hours a day.
So we have a single Layered Tech box hitting our server with around 90 MBit/s for almost 12 hours straight now, resulting in over 400 GB excess traffic so far. An abuse report was sent about 4 hours ago (Ticket-ID: XZP-97559-339) with evidence included, but so far there was 0 reaction besides the auto-reply.
A phone call to the number listed on their website resulted only in a message that there is no one available at extension XYZ. I didn't try repeat calls since playing international phone tag is not quite my idea of fun.
I realise that it was/still is early in the morning at their location, but nonetheless, I'd expect a company their size to respond a lot faster to reports such as this.
My customer has an external facing Apache server that is acting as a reverse proxy to two internal applications. They have:
- external addresses for each app which resolve to different ip addresses, so app1.their_domain.com and app2.their_domain.com resolve to 77.3.170.10 and 77.3.170.11 respectively.
- the Apache server has two network interfaces with ip addresses 192.168.10.10 and 192.168.10.11
- the external ip addresses resolve to the above internal addresses
- the firewall between the Apache server and the internal app servers is configured to allow traffic from 192.168.10.10 to reach app_server1, and traffic from 192.168.10.11 to reach app_server2, both using port 7777.
I have configured a virtual host in httpd.conf for each ip, i.e.
Code:
<VirtualHost 192.168.10.10:80>
...
ProxyPass /app http://app_server1:7777/app
ProxyPassReverse /app http://app_server1:7777/app
RewriteRule ^/$ /app/app1 [R,L]
...
<VirtualHost>
and
Code:
<VirtualHost 192.168.10.11:80>
...
ProxyPass /app http://app_server2:7777/app
ProxyPassReverse /app http://app_server2:7777/app
RewriteRule ^/$ /app/app2 [R,L]
...
<VirtualHost>
This works fine in that the external address are being routed to the correct application, however the firewall is blocking requests to the second app as it appears the requests are coming from the Apache servers 'primary' ip address 192.168.10.10 instead of 192.168.10.11.
Is it possible to send requests using the ip address from the relevant VirtualHost?
Windows server 2008
Apache 2.2
I am using virtuozzo firewall to secure access.
I enter 58.27.175.211/255.255.255.0 for Source Address and Netmask for port 22.
But still I can connect using 58.181.103.217 or 58.27.151.120.
Second is it possible to enter two different ip address in source address?