Portal Home > Knowledgebase > Industry Announcements > Web Hosting Main Forums > Providers and Network Outages and Updates > IPXCore down with their main website


IPXCore down with their main website




Posted by qtriangle, 07-02-2012, 09:44 AM
I have a vps from IPXCore.
Looks like their whole hosting setup is down.
Anybody got any idea?

Posted by dmmcintyre3, 07-02-2012, 10:45 AM
http://www.lowendtalk.com/discussion...#Comment_86313

Posted by KMyers, 07-02-2012, 11:34 AM
Quote:
Originally Posted by dmmcintyre3
To sum it up, DDoS Attack where the provider nulltrouted IPXCore's entire network. This is never a good sign, there also seems to be hints that they are being forced out.

Posted by atjeu, 07-03-2012, 12:02 AM
IPXCore has had 3 major ddos attacks in less than 2 months with us. We cancelled their rack because they are a ddos target. They primarily sell super cheap VPS accounts ($2/mo) to chinese clients who seem to be a lightening rod for network attacks and abuse. Contrary to some of the chatter in some forums on this issue, the attack was not at all small and most data centers would have null routed their traffic as well. We usually give resellers the benefit of the doubt since it is not them but their clients who are the problem. However, there are times when you have to make a judgement call on behalf of the greater network and other clients and this is one of those times.

Posted by dmmcintyre3, 07-03-2012, 12:04 AM
Quote:
Originally Posted by atjeu
most data centers would have null routed their traffic as well.
Most data centers would have nullrouted the target IP instead of the whole rack.

Posted by qtriangle, 07-03-2012, 04:10 AM
Quote:
Originally Posted by dmmcintyre3
Most data centers would have nullrouted the target IP instead of the whole rack.
I agree.
Atjeu's point of view is also valid, but the reaction could have been a bit softer than it has been.

Posted by DeltaAnime, 07-03-2012, 04:21 AM
Quote:
Originally Posted by dmmcintyre3
Most data centers would have nullrouted the target IP instead of the whole rack.
Well said.

Quote:
Originally Posted by qtriangle
I agree.
Atjeu's point of view is also valid, but the reaction could have been a bit softer than it has been.
True enough, but trolling your customers threads and violating their privacy on the matter is a dick move all around.

700mbit isn't all that huge of a flood and making snide remarks about where you think their clients are based out of is going to look really poor on you guys.

Unless you like walling off an extremely large market, by all means, continue talking from your ass!

Francisco

Posted by KMyers, 07-03-2012, 08:51 AM
Quote:
Originally Posted by dmmcintyre3
Most data centers would have nullrouted the target IP instead of the whole rack.
Agreed, however it depends on circumstances; It seems that IPXcore has been a target of multiple attacks in the past and that atjeu is fed up with the attacks. In this case, they simply did not nullroute the offending IP address but are moving forward with the complete termination of IPXCore's service with atjeu. IPXcore will need to move to a new datacenter and re-ship their equipment over before many of their customers will be able to access their data.

Posted by atjeu, 07-03-2012, 11:03 AM
@DeltaAnime

I hate talking about internal company details in forums but if we don't clear the air on this issue, people are left to think that what IPXcore is saying is true about our company and about this attack when it is false. The attack was much large than 700mbps. It flooded an incoming gig port so was much larger than that. We rarely would cut off a whole rack but when that rack is persistently getting ddos attacks and when the client has discussed their business model with us in detail, it is a little different. It is not fair to the rest of our clients to keep someone like this online.

Posted by atjeu, 07-03-2012, 11:09 AM
One of the last times we had to do this, we had a client who continually was getting hammered by ddos attacks on varying ports, on different services and from different parts of the world. one attack would be DNS, the next be UDP, the next would be TCP and it would change every day. We ended up shutting them down and they went to a DC that was significantly larger. In less than a week, that DC was hit by a 15 gbps attack which took down their whole network as well. At that point a data center has to make a decision on if this one client is more important than all of the rest of their clients combined. The DC can continually pay for mitigation services and take chances on their other clients getting effected or they have to make the difficult decision to cancel the account.

Posted by qtriangle, 07-03-2012, 01:31 PM
@atjeu,
Consider a possible scenario..
It is possible that once the attacker gets to know about your IP range, he can attack on many of your IPs which are outside of any 1 customer's Ip range.
In this case, would terminating a client help you or make any sense?
Today hackers/attackers are very smart: so having tight security, not client termination, would help you in long run.
Offering cheap vps is not a crime: everyone would love to do that if they can do it.

Posted by pdqso, 07-03-2012, 01:58 PM
Quote:
Originally Posted by qtriangle
In this case, would terminating a client help you or make any sense?
Today hackers/attackers are very smart: so having tight security, not client termination, would help you in long run.
Offering cheap vps is not a crime: everyone would love to do that if they can do it.
Keep one client, who is attacked and costs more money to mitigate, versus maintaining the rest of their customers? Come on now... they made a wise business decision.

Offering cheap VPS is not a crime, indeed, but cheap VPS providers bring questionable customers in like the provider mentioned.

Posted by CadEy, 07-03-2012, 04:26 PM
Quote:
Originally Posted by atjeu
One of the last times we had to do this, we had a client who continually was getting hammered by ddos attacks on varying ports, on different services and from different parts of the world. one attack would be DNS, the next be UDP, the next would be TCP and it would change every day. We ended up shutting them down and they went to a DC that was significantly larger. In less than a week, that DC was hit by a 15 gbps attack which took down their whole network as well. At that point a data center has to make a decision on if this one client is more important than all of the rest of their clients combined. The DC can continually pay for mitigation services and take chances on their other clients getting effected or they have to make the difficult decision to cancel the account.
You must understand having 3 ddos attacks around 700mbps is really nothing. A data center that cannot handle this type of intrusion is extremely making it's future very narrow. I see nothing but irresponsibility here and fallacy. You did not even issue a warning so they could get everything settled and moved out. You acted in a unprofessional manner and unplugging the system was a scapegoat out of professionalism. You should be ashamed of yourselves and In my opinion you owe them a apology. I hope this is a lesson that you your company takes in and helps to improve your business and network infrastructure in the future. IPXCore has been nothing but angels to your network, it is not there fault some "Chinese people" (Like you said) signed up and got through the human confirmation after 4 orders and spammed. DDOS's happen, they will not stop happening and ofcourse you can keep spreading false lies saying the attack was larger than 700mbps's so you can try to sound like IPXCore are lying when they're not.

You as a DC administrator are supposed to let new companies grow and expand, not literally unplug them. You do know one of the CEO's of IPXCore works at your data center? Where is the respect that is deserved, I see none.

Again, I am not trying to tell you how to do your job, but obviously something is not right here. These guys are great at ipxcore and have done nothing wrong. DDOS's happen, protection is cake, especially at 700mbps. I see 0 customer service here or fulfilment of customer satisfaction, you do know Customer Service
is the #1 priority in owning a business and running it? You show none. You have put a lot of stress on these individuals and look at how they cope it; go look at the LET thread, I see no flaming, I see no harassment, I see nothing but the strive to find another DC. That should show you atleast the CEO's of IPXCore are professional and willing to take there business to the next level. Also the fact that you unplugged them because of this 700mbps issue shows nothing but weakness in a DC, I recommend you stop posting here you're digging your company's reputation into a bigger hole.



Was this answer helpful?

Add to Favourites Add to Favourites    Print this Article Print this Article

Also Read
Is yphost.com down? (Views: 1091)
Volumedrive no support (Views: 986)


Language: