SoftLayer Major Packet Loss Issues -- Advice Needed
Mar 8, 2008
I recently switched over to SoftLayer for dedicated hosting and the servers are great. However we've been getting hit on and off with massive (50-80%) packet loss, which has been crippling our performance and causing all sorts of problems
I put in a support ticket and they linked me to the Internet Health Report website and said it was due to one of their bandwidth providers (I think Global CrossinG) and not on their internal network and to be patient as it could take time to resolve
Are any other SoftLayer customers going through this? Is this an unusual occurrence? I feel like if it was really one of their partners that it would be affecting a lot of their customers and it would be a high priority issue right?
I'm kind of stuck on what to do; I just invested a lot of energy into moving content onto these new servers and am concerned about whether to wait it out or whether to start finding a new company. This kind of packet loss is really unacceptable...
I have a dedicated windows 2003 server at a colocation facility that i use for game server hosting. Over the past 7 months, packet loss has become horrible with random periods of massive lag. My host says it's something on my end. I use a firewall with SPI enabled. Could that be causing it?
Strange thing is, the first few months my server was at that colo, they only had around 40 other servers on a single OC-192 pipe and i never had packet loss despite having the same SPI firewall. But now they have over 300 servers on the same OC-192 pipe. Could the packet loss be caused by my SPI firewall or them overloading the network with servers?
Basically I registered with a new host. They sent me the details with obviously includes the IP address. I tested the IP address on just-ping.com and it came back with all of them having between 80% to 100% packet loss. Surely this is not normal is it? I havent moved my domain yet but it doesnt look good does it? Should I cancel?
Computer A (GigE) Switch 1 (gigE) Media Converter (Fiber Run) Media Converter (gigE) Switch 2 (gigE) Computer B
We have a cross connect in our data center that uses media converters (fiber) to regular 1000FD on each end.
Each end of the 1000FD handoff is plugged into port 1 of the 3870's (switch 1 and switch 2).
Pinging from Computer A to Computer B we receive a 50% packet loss. Pinging from Computer B to Switch 1, no packet loss. Pinging from Computer A to Switch 2, 50% packet loss.
Looking in the interface, the port 1's on each switch auto negotiate to 1000FD, however flow control shows as off.
We asked our data center to run tests on the media converts and fiber runs and everything comes back 100% fine. Has anyone seen a weird issue like this before with 3com switches not playing nicely with media converters?
I have no clue whats going on and our data center said the fiber run/media converter is fine... [url]
I have smokeping monitoring my game servers and so far in the little time that it has been running all my game servers have been encountering an average of 4 to 10% packet loss. Are there are tweaks i can run on the server computer to reduce packet loss? (registry modifications, etc.)
I downloaded a TCP tweak program called "TCP Optimizer" is it safe to run on a Windows 2003 Server OS?
The colo connection is an OC 192 and i have a 100Mbit ethernet card.
Recently I have been having this problem with two high traffic servers on two different network.
Both servers are Quad-Core Xeons with CentOS 4.5 x86_64 and they are on 100mbps full duplex network. Software configuration is Nginx+Apache+MYSQL control panel is Directadmin.
The servers are serving lots static files and some php scripts.
When the servers start push near or over 30mbps, there will be packet loss when I ping them. around 5% loss, push more bandwidth the more packet loss. I have checked all the log files, I don't see any unusual errors.
Server Load is fine. The NICs were on 100mbps full-duplex mode.
The datacenters claim the networks were fine and all the other servers running on the same switches were fine with no packet loss.
I'm trying to find out why a single interface is causing packet loss on my entire network.
The network consists of four 2924's trunked to a 3550. I have about 20 vlans and a single default route for all traffic my uplink.
The network is perfect until I enable a single server. After I issue a 'no shut' on the interface packet loss is anywhere from 5% to 20% for anything going through the 3550 or even pings from the 3550 to other switches or the uplink.
Here's the statistics/settings of the interface after 1 minute of activity:
a tool that can measure how much packet loss we are having on a given server by looking at the packets being sent from it. I.e, something than looks at all TCP/80 connections and measures how many packets and bytes are being retransmitted vs actual packets and bytes sent.
This documents explains it:
[url]
We need this to measure network performance of different hosts where we have dedicated servers. This would be a good way of measuring performance with the actual data of our users.
Does anyone know of such tool? I.e, something that can say
2532 packets/second - 132 retransmits/second (4.8%) 25.43Mbps/sec total traffic - 24.84 Mbps/sec actual data sent - 0.59Mbps retransmits
Even better if it can then break it out on IP prefixes. like
root@server [~]# tail -f /var/log/messages Jun 10 14:14:49 server kernel: printk: 56 messages suppressed. Jun 10 14:14:49 server kernel: ip_conntrack: table full, dropping packet. Jun 10 14:14:54 server kernel: printk: 59 messages suppressed. Jun 10 14:14:54 server kernel: ip_conntrack: table full, dropping packet. Jun 10 14:14:59 server kernel: printk: 85 messages suppressed. Jun 10 14:14:59 server kernel: ip_conntrack: table full, dropping packet. Jun 10 14:15:04 server kernel: printk: 90 messages suppressed. Jun 10 14:15:04 server kernel: ip_conntrack: table full, dropping packet. Jun 10 14:15:09 server kernel: printk: 58 messages suppressed. Jun 10 14:15:09 server kernel: ip_conntrack: table full, dropping packet. Jun 10 14:15:14 server kernel: printk: 70 messages suppressed. Jun 10 14:15:14 server kernel: ip_conntrack: table full, dropping packet. Jun 10 14:15:19 server kernel: printk: 193 messages suppressed. Jun 10 14:15:19 server kernel: ip_conntrack: table full, dropping packet.
Anyone know what this is about?
Using Centos / Cpanel
Linux server.domain.com 2.6.9-67.0.15.ELsmp #1 SMP Thu May 8 10:52:19 EDT 2008 i686 i686 i386 GNU/Linux
I'd like to go with 1and1, using ASP.net and MS SQL Server, and the ability to setup lots of databases, websites and URLs, but I'm not keen on maintaining the server, updates, backups etc. I'd also like to access the web space and upload files, from any computer.
I am planning on launching an mp3 site for a music studio. the problem now is, i dont know what type of bandwidth usage to expect from users and i dont want my client to think its my fault. (some of them dont really want to know the technical basics) To give a hint of the advice i am looking for,: say i have 300 different mp3 files at 3.0 mb per size what size of hosting and bandwidth should i look for that can cater for upwards of 100,000 users who will listen to up to 6 hrs of music on the site.
I'm looking to host my own website(s), money isnt really an issue, but I'd like some advice on which package would be most suitable. I can't upgrade to different platforms, so I need to get the right package from the start.
I like the sound of the dedicated server, but my experience of supporting servers isn't great, so I'm wary of getting this option.
The VPS looks good, could anyone please tell me how this works? What the difference between thi sand a dedicated server? Do you need alot of server support experience to use this?
Would the normal MS hosting package be suitable? I take it its not very flexible.
After 7 years with Rackspace I have decided to leave for better and cheaper service elsewhere. The final straw (after a couple of years of tolerating increasing prices and decreasing support) was a ridiculous quote from them for adding 1Gb of RAM.
I have read in the Forums about people having similar feelings, and there is advice here about where to go to instead. But I am a *total layman*, needing as many support services as possible (rebooting, backing up, etc.) so that I don't have to worry about anything really. So a lot of the advice here is over my head! Can anyone suggest where I should take my business?
I have been having a very hard time tracking down the source/cause of this surge in email. My server has been sending out thousands of spam emails under the nobody account. So far I have done the following:
Created a spam_log to monitor php/cgi mail scripts Secured firewall and setup monitoring & automatic ip ban of dictionary attacks in exim Secured the /tmp folder Updated server to latest STABLE version of cpanel Scanned server with rootcheck kit
Here is a sample email that is getting bounced back. I have nearly 60,000 bounced emails in the queue with similar messages.
156P Received: from mailnull by whm.mav-hosting.com with local (Exim 4.63) id 1Hndfh-0001A4-0G for nobody@whm.mav-hosting.com; Mon, 14 May 2007 11:45:17 -0500 039 X-Failed-Recipients: beyp@ttnet.net.tr 029 Auto-Submitted: auto-replied 063F From: Mail Delivery System <Mailer-Daemon@whm.mav-hosting.com> 031T To: nobody@whm.mav-hosting.com 059 Subject: Mail delivery failed: returning message to sender 052I Message-Id: <E1Hndfh-0001A4-0G@whm.mav-hosting.com> 038 Date: Mon, 14 May 2007 11:45:17 -0500 Data spool file 1Hndfh-0001A4-0G-D This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:
beyp@ttnet.net.tr SMTP error from remote mail server after RCPT TO:<beyp@ttnet.net.tr>: host ttfarm.ttnet.net.tr [212.175.13.134]: 550 Invalid recipient: <beyp@ttnet.net.tr>
------ This is a copy of the message, including all the headers. ------
Return-path: <nobody@whm.mav-hosting.com> Received: from nobody by whm.mav-hosting.com with local (Exim 4.63) (envelope-from <nobody@whm.mav-hosting.com>) id 1HnaLG-0007Jz-CX for beyp@ttnet.net.tr; Mon, 14 May 2007 08:11:58 -0500 To: beyp@ttnet.net.tr Subject: Interaktif Bankacilik Hesabiniz From: Ak Bank <acc@akbank.com.tr> Reply-To: MIME-Version: 1.0 Content-Type: text/html Content-Transfer-Encoding: 8bit Message-Id: <E1HnaLG-0007Jz-CX@whm.mav-hosting.com> Sender: Nobody <nobody@whm.mav-hosting.com> Date: Mon, 14 May 2007 08:11:58 -0500
**CONTENT OF SPAM MESSAGE REMOVED**
I removed the content of spam so it's not posted on the forum
Hey everyone, I've been a loyal customer of 1and1 for a few years now, however some circumstances have come up that require me to upgrade to something with unmetered bandwidth with some better hardware specs, simmilar in the fashion that 1and1 in Europe does (dedicated 100mbit for 2TB or so, then downgraded to 10mbit that can be reset to 100mbit manually for no extra cost). So I was looking at 1and1.co.uk's Buisiness III server ( order.1and1.co.uk/xml/order/ServerRoot ), and I figured i could cut some corners here and there to snag me an account even though I'm in the US, but I realized that their price plus VAC makes them a bit less competitive in terms of price. I was wondering if anyone would know of some place that can offer the freedoms 1and1 offers (basically, "here's your server, here's our ToS, have a blast"), with simmilar and/or better specs as that specific package, and possibly deals internationally?
I've given the foums a good once-over (I've lurked for several years now), and have gotten a general idea, but I figured I'd ask just to get a better idea.
I am need a VPS plan which is good enough for handling such CPU intensive programs. I had already read reviews about solarvps,wiredtree and Hostv. I really liked offers from solarvps, but I am a noob when it comes to servers so please advice me hosting talk members. Plus I need full transfer support for my website from hostgator they are ridiculously expensive.
Paypal started sending me notices that it was unable to connect to my IPN (I'm using modernbill v4) yet I used it without a problem for 3 years.
The sent this message in response to my support inquiry:
I have had the IPN logs checked and show that, on recent transactions, your Web server returned an HTTP 200 OK on some of the transactions. Transactions were pulled from:
Date: Fri, 04 Jan 2008 15:00:09 GMT and Date: Thu, 03 Jan 2008 22:20:48 GMT
The reason that you are receiving the E-mail in question is due to your server not responding with an HTTP 200 OK rsponse. When this happens, the PayPal system attempts to resend the IPN POST for up to four days at which time the E-mail in question is generated to inform the merchant of issues with the IPN script.
This issue is not a PayPal issue, but is rather caused by your server's response to IPN POSTs sent to the IPN Script.
I have been in online business for about 5 years, but only this morning found out what DDoS is. Shame on me.
Our site was attacked this morning and the host (shared hosting) has switched off the dns connection so our site is currently down along with email. We are a small firm and we are absolutely getting killed by this right now.
The tech support in this hosting company (icdsoft com) is absolutely phenomenal based on previous experiences and here is what they said throughout the day:
"Your site gets approximately 60 hits/second. Unfortunately there isn't much that can be done in such situation. We already blocked the most active IP addresses in our firewall, but this does not help, as the attack comes from many sources "
About an hour later they tried again and the following was said:
"Unfortunately we do not know how long this attack will last. At the moment there are more than 1100 requests/second towards your site."
about an hour after that the following was said:
"The attack is still going on. Currently, the incoming rate is 8MBit/sec. We will enable your site, and we will notify you when the attack is over."
My questions are the following and I will appreciate any advise as I am absolutely clueless about this:
1. What should I do at this point? Should I move the site to a dedicated server and if so, will this solve the DDOS problem?
2. Should I purchase anti DDoS package? They are extremely expensive it appears.
3. If I move to a new dedicated host, which one should i choose? we are a small site, with about 10,000 uniques per month and do not have massive budget so cost is a big factor.
4. How long will this current attack likely last? I know it's impossible to answer, but approximately how long do these things last and is it likely to repeat in the future if we leave things alone?
Any knowledgable advice on this matter will be greatly appreciated as we are hurting badly due to this and even 1 day loss of income for us is extremely serious and hurtful.
Can anyone recommend a well-established VPS provider with facilities at a major EU connection point, preferably TheNetherlands? I need a small account for secondary DNS and MX, plus some caching experimentation. Might turn into an unmetered dedicated mega-server at the same location if things go as planned, so if you only have experience with dedi or colo at a certain host, feel free to chime in.
I'm already a colo-host and a cPanel distributor myself, so I don't need management or a control panel, just a minimal-install CentOS 5 VPS. (I'll be installing cPanel DNSonly) Here's the kicker though, like most USians, I only speak English (and some would say badly), so the host has to speak at least enough to get the account set up. (preferably has a site in English). The real deal-breaker is that they MUST have their own merchant account and accept credit cards for recurring billing. I will not use Paypal, Moneybookers, or any other 3rd-party processor that requires a registration or manual payments. That almost always indicates an amateur operation in someone's basement. Looking for something along the lines of ThePlanet, but in Amsterdam. (AmsterNet? PlanetDam? )
to move one of my sites from 1-st dedicated server to 2-nd dedicated server.
Of course i have shell access on both servers. As site is huge one (60gb space and 99% of files in one folder) going to tar -czvf this folder and move it.
or may be mput all files.
the only problem that i have ... is, that i need SSH commands advice.
if i type [mput *] i must keep window opened. but as u understand 60gb is can be transferred during ~10-15 hours. that's why need to know, is there any command that i must type (with mput *) and close window. So, don't be online all this time and/or keep shell window opened during this tranfer.
I'm having a serious problem with Apache 2.0.54. I'm running Debian Sarge (3.1) and I cannot upgrade Apache (easily) so I am stuck using 2.0.54 (2.2+ are not supported on Sarge). I have been trying everything with config changes and different tweaks but Apache is giving me lots of trouble. Whenever I run "apache2ctl restart" Apache will crash and will not start. But when I run "apache2ctl start" Apache will run and in the log, it simply puts "[warn] pid file /var/run/apache2.pid overwritten -- Unclean shutdown of previous Apache run?". I get nothing else before or after I run those commands. Running "apache2ctl graceful" starts messing with it giving me "apache2 <defunct>" errors and "apache2ctl configtest" gives me nothing except "Syntax OK."
Here is my "apache2.conf" file:
Code: # Based upon the NCSA server configuration files originally by Rob McCool. # Changed extensively for the Debian package by Daniel Stone <daniel@sfarc.net> # and also by Thom May <thom@debian.org>.
# ServerRoot: The top of the directory tree under which the server's # configuration, error, and log files are kept. # # NOTE! If you intend to place this on an NFS (or otherwise network) # mounted filesystem then please read the LockFile documentation # (available at <URL:http://www.apache.org/docs/mod/core.html#lockfile>); # you will save yourself a lot of trouble.
ServerRoot "/etc/apache2"
# The LockFile directive sets the path to the lockfile used when Apache # is compiled with either USE_FCNTL_SERIALIZED_ACCEPT or # USE_FLOCK_SERIALIZED_ACCEPT. This directive should normally be left at # its default value. The main reason for changing it is if the logs # directory is NFS mounted, since the lockfile MUST BE STORED ON A LOCAL # DISK. The PID of the main server process is automatically appended to # the filename.
LockFile /var/lock/apache2/accept.lock
# PidFile: The file in which the server should record its process # identification number when it starts.
PidFile /var/run/apache2.pid
# Timeout: The number of seconds before receives and sends time out.
Timeout 300
# KeepAlive: Whether or not to allow persistent connections (more than # one request per connection). Set to "Off" to deactivate.
KeepAlive On
# MaxKeepAliveRequests: The maximum number of requests to allow # during a persistent connection. Set to 0 to allow an unlimited amount. # We recommend you leave this number high, for maximum performance.
MaxKeepAliveRequests 100
# KeepAliveTimeout: Number of seconds to wait for the next request from the # same client on the same connection.
# prefork MPM # StartServers ......... number of server processes to start # MinSpareServers ...... minimum number of server processes which are kept spare # MaxSpareServers ...... maximum number of server processes which are kept spare # MaxClients ........... maximum number of server processes allowed to start # MaxRequestsPerChild .. maximum number of requests a server process serves <IfModule prefork.c> StartServers 5 MinSpareServers 5 MaxSpareServers 10 MaxClients 150 MaxRequestsPerChild 0 </IfModule>
# pthread MPM # StartServers ......... initial number of server processes to start # MaxClients ........... maximum number of server processes allowed to start # MinSpareThreads ...... minimum number of worker threads which are kept spare # MaxSpareThreads ...... maximum number of worker threads which are kept spare # ThreadsPerChild ...... constant number of worker threads in each server process # MaxRequestsPerChild .. maximum number of requests a server process serves <IfModule worker.c> StartServers 2 MaxClients 150 MinSpareThreads 25 MaxSpareThreads 75 ThreadsPerChild 25 MaxRequestsPerChild 0 </IfModule>
# perchild MPM # NumServers ........... constant number of server processes # StartThreads ......... initial number of worker threads in each server process # MinSpareThreads ...... minimum number of worker threads which are kept spare # MaxSpareThreads ...... maximum number of worker threads which are kept spare # MaxThreadsPerChild ... maximum number of worker threads in each server process # MaxRequestsPerChild .. maximum number of connections per server process (then it dies) <IfModule perchild.c> NumServers 5 StartThreads 5 MinSpareThreads 5 MaxSpareThreads 10 MaxThreadsPerChild 20 MaxRequestsPerChild 0 AcceptMutex fcntl </IfModule>
User www-data Group www-data
# The following directives define some format nicknames for use with # a CustomLog directive (see below). LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"" combined LogFormat "%h %l %u %t "%r" %>s %b" common LogFormat "%{Referer}i -> %U" referer LogFormat "%{User-agent}i" agent
# Global error log. ErrorLog /var/log/apache2/error.log
# Include module configuration: Include /etc/apache2/mods-enabled/*.load Include /etc/apache2/mods-enabled/*.conf
# Include all the user configurations: Include /etc/apache2/httpd.conf
# Include ports listing Include /etc/apache2/ports.conf
# Include generic snippets of statements Include /etc/apache2/conf.d/[^.#]*
#Let's have some Icons, shall we? Alias /icons/ "/usr/share/apache2/icons/" <Directory "/usr/share/apache2/icons"> Options Indexes MultiViews AllowOverride None Order allow,deny Allow from all </Directory>
# Set up the default error docs. # # Customizable error responses come in three flavors: # 1) plain text 2) local redirects 3) external redirects # # Some examples: #ErrorDocument 500 "The server made a boo boo." #ErrorDocument 404 /missing.html #ErrorDocument 404 "/cgi-bin/missing_handler.pl" #ErrorDocument 402 http://www.example.com/subscription_info.html #
# # Putting this all together, we can Internationalize error responses. # # We use Alias to redirect any /error/HTTP_<error>.html.var response to # our collection of by-error message multi-language collections. We use # includes to substitute the appropriate text. # # You can modify the messages' appearance without changing any of the # default HTTP_<error>.html.var files by adding the line; # # Alias /error/include/ "/your/include/path/" # # which allows you to create your own set of files by starting with the # /usr/local/apache2/error/include/ files and # copying them to /your/include/path/, even on a per-VirtualHost basis. #
<IfModule mod_negotiation.c> <IfModule mod_include.c> Alias /error/ "/usr/share/apache2/error/"
<Directory "/usr/share/apache2/error"> AllowOverride None Options IncludesNoExec AddOutputFilter Includes html AddHandler type-map var Order allow,deny Allow from all LanguagePriority en es de fr ForceLanguagePriority Prefer Fallback </Directory>
# # The following directive disables redirects on non-GET requests for # a directory that does not include the trailing slash. This fixes a # problem with Microsoft WebFolders which does not appropriately handle # redirects for folders with DAV methods. #
BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully BrowserMatch "^WebDrive" redirect-carefully BrowserMatch "^gnome-vfs" redirect-carefully BrowserMatch "^WebDAVFS/1.[012]" redirect-carefully
# Allow server status reports, with the URL of http://servername/server-status # Change the ".your_domain.com" to match your domain to enable. # #<Location /server-status> # SetHandler server-status # Order deny,allow # Deny from all # Allow from .your_domain.com #</Location>
# Allow remote server configuration reports, with the URL of # http://servername/server-info (requires that mod_info.c be loaded). # Change the ".your_domain.com" to match your domain to enable. # #<Location /server-info> # SetHandler server-info # Order deny,allow # Deny from all # Allow from .your_domain.com #</Location>
# Include the virtual host configurations: Include /etc/apache2/sites-available/[^.#]* And here's my "httpd.conf" file:
Code: # This is here for backwards compatability reasons and to support # installing 3rd party modules directly via apxs2, rather than # through the /etc/apache2/mods-{available,enabled} mechanism. # #LoadModule mod_placeholder /usr/lib/apache2/modules/mod_placeholder.so <VirtualHost 66.150.225.201:80>
# httpd dmn entry cgi support BEGIN. # httpd dmn entry cgi support END.
# httpd dmn entry PHP2 support BEGIN. php_admin_value open_basedir "/var/www/:/usr/share/php/:/tmp/" # httpd dmn entry PHP2 support END.
<Directory /var/www> # httpd dmn entry PHP support BEGIN. # httpd dmn entry PHP support END. Options Indexes Includes FollowSymLinks MultiViews AllowOverride All Order allow,deny Allow from all </Directory>
</VirtualHost>
I am on the end of my rope with Apache and feel like just formatting the server and reinstalling Apache. Which reminds me, I did try using apt-get to remove and install Apache again but nothing worked.
Can you recommend here some reliable shared host that allow Adult WordPress blog , no movies or images will be hosted at all , it will contain only linking to rapidshare links.
I have been with IGSoBe for a little over 2 months now, going on 3. And the rates seemed great. I have resold a few servers for them to clients, and everything seemed okay. The server setup times exceeded the 72 hour maximum. I have a C class of IP addresses with them which were supposed to take 7 days MAXIMUM, I was told in the *WORST* case scenario. I think I waited 3 - 5 weeks for the C class which had me at a standstill with VPS sales. Long setup times had a few clients back out. Have had a few comments about slow network in that it isn't blazing fast like some premium providers, although I haven't had a problem myself.
Each month goes by and there's a downtime about this, or a downtime about that. Well this month it has been smooth sailing, I thought all the problems must have been ironed out, and to my dismay come the 15th, the DAY AFTER paying the invoice for the server, BAM the server is offline. IGSoBe main website still up, as well as client servers so I know its not a mass issue. So I open a support ticket on the 15th. It is now the 17th and no reply to the support ticket. Earlier this afternoon I finally emailed the owner John directly and have still not got any response or acknowledgement. John is the only one that can enter the datacenter suite that he colocates in, so contacting him, or him being notified is important.
So going on 72 hours of downtime, no response or support from the provider, I am 100% sure no matter what John could offer me there's just no way I am staying with IGSoBe any longer than I have to. I just paid the invoice, so I am stuck for the rest of the month as all the income went towards the invoices. (One invoice for IP addresses, the other on a different day for the server). Dare I file a paypal dispute? My concern is also my clients data, about 60 VPS' total, and the WHMCS client database which I do not have a recent backup locally (I know better now to keep a backup of the most important of all important data and keep it in a safe place off-site!). If I file a dispute, it is unlikely I will see any of that data again. As if cubichost.org needs any more bad reputation right?
If you do a quick search here on WHT for igsobe you will first notice plenty of complaints.
So this is the deal with IGS:
John, the man with the plan is the sole proprietor (as of earlier this year, I know IGSOBE wasn't a registered LLC in the state of FL as the website might insinuate), he is the only one that physically manages the servers, transiting from his home to the suite he leases in the fibermedia datacenter in the carrier neutral facility in Miami FL. He used to, in the past, transit to and from the datacenter 2 times a day to set up servers, handle reboots, OS reloads, and that sort of thing. Recently, we had a client with a pentium 4 who needed a root password reset, this was on the 7th of this month, it is now the 17th and the password has still not been reset. I am in fear of losing this client because of this which would not help in our hopes to grow and succeed as a provider. I also have admin access in WHMCS at IGSOBE as a sales agent, and have noticed no one else logs in anymore, ESPECIALLY not John. Also, no one is hardly on LiveZilla chat or in IRC anymore.
I hope all goes well for John, I hope he can pull his act together and get IGSoBe back to working order. I would stay loyal but this is not the first time this has happened and I have to go. I have to make a good name for cubichost. I would suggest for the present time though, to stay away from igs!
So by the 7th of next month, hopefully earlier though I plan to make a move to BURST.NET which will hopefully go well I hear great things about them. Only a few bad things, mostly from > 1 year ago.
Anyone else notice the huge outage at Surpass? My sites went down as I was editing one, and checking the server status returns a very, very long list of downed servers. Since the Surmunity Forums appear to be down as well, I was wondering if anyone here had found out what was up via other means, and whether or not there is any estimate on when it might come back up.
I'm starting to test out VPS panels and found vePortal 2. I purchased it and installed it. Now I'm checking some security, as we all know about the terrible result of HyperVM as everyone blindly used it because it was "pretty" but it was not secure.
Some serious concerns I'd like to share with vePortal 2.
1) It makes no backups of any of the files it modifies during install, or so I haven't seen any, like httpd.conf.... more of a pain than anything. There is no way to auto uninstall it either..
2) vePortal gives full root access to the Apache user, letting apache run any root commands! They add this to your /etc/sudoers apache ALL=(root) NOPASSWD:ALL
[root@nd11108 myadmin]# su -s /bin/sh apache -c "whoami" apache [root@nd11108 myadmin]# su -s /bin/sh apache -c "sudo whoami" root
This is a root exploit waiting to happen. I asked them about this and got the response.
Quote:
It would be a security breach if a) apache was allowed SSHD Access, or b) the server was running scripts that havn't been marked secure, We have a very comprehensive team of beta testers including one of the largest providers around, They and their staff have not been able to break the security or integrity of the panel as of yet.
All panels in one way or another have root control over the system, for example they wouldnt be able to have a SSH Console without it, as only specified commands would work, we do have a list of the commands required by vePortal if you wish to limit it, but the console and the Shell Commander functions would stop working.
Regards, Gavin H. Chief Information Officer
That's funny I have been using the panel a few minutes and already found they've ignored the biggest security hole possible..
3) In 5 minutes I've found multiple XSS vulnerabilities in the admin area... Like search customers, I was able to generate JavaScript alerts in multiple fields....
4) It stores the MySQL root password in clear text in a .php file... yeah that's real secure. Why does it even operate under the MySQL root user, its using a single database....
5) I forgot to add, it doesn't recognize ANY OpenVZ Vps's you've created manually. It has no idea they exist and you cannot view them at all.
I'm sure I could dig deeper into the source code and find more but it's not worth it. Judging by what I found without actually trying to spend time on security I completely removed the product.
The panel does look nice but it sure gets a mark of insecure for me, I would advise others seriously look into the security of this new panel if you're considering using it.