Roundcube Update: 0.2
- Thread starter DirectAdmin Support
- Start date
Nope, they did the right thing. It sounds like the host was not fully managing this box, so disconnecting would be the right thing to do to protect it's network at that point in time.
floyd
Verified User
- Joined
- Mar 29, 2005
- Messages
- 6,251
Ok well that is your opinion and here is mine. I know I can take 2 minutes out of my day to stop a process on a customer's machine who is paying me for a dedicated server even if its not managed.
So yes my opinion is that its pretty lame. I do have my own data center so I am in the same position as other companies who have networks to protect.
Given the choice which company would you rather host with? One that is just going to disconnect you at the first sign of trouble or one that will quickly resolve the problem for you so that you don't have any down time?
I understand if its a big problem that cannot easily be fixed. But even I with my limited experience and no professional training knew how to quickly fix this particular problem. Certainly a professional data center knows how to deal this problem as well. Its certainly better than disconnecting a customer's machine.
The most they really had to do was block outgoing ssh requests from his machine. Certainly that is better than disconnecting it. And it requires the same amount of effort, even less maybe.
Yes I think its lame of them to simply disconnect his machine or maybe I should call it what it is, lazy.
Obviously it's my opinion, that's what a public forum is usually full of (among other things). However, I can see where you are coming from due to the fact you yourself own/run/manage/etc. a datacenter. It's far easier to bash another while making yourself look good in this scenario of what you would do. It's also far easier to unplug a cat5 than to troubleshoot a box that you are not paid to manage. I'm sure somewhere buried in their terms mentions this as does most datacenters. Of course this is case by case, so your mileage may vary.
Anyhow, back on topic with roundcube.
floyd
Verified User
- Joined
- Mar 29, 2005
- Messages
- 6,251
Only if the data center has no clue what they are doing.
I am speaking of right and wrong regardless of a TOS. Unplugging the cat5 cable is either the lazy thing to do or the last resort when you cannot figure out what the problem is. If you unplug the cat5 cable the customer cannot even get in to fix the problem.
Just be clear its not what I would do. Its what I did do for dozens of my customers. And yes I will bash another company when they do the wrong thing and so should everybody. The right thing is always to help your customer when they are under an attack regardless of the TOS.
If my tenant is being robbed I am going to help regardless of whether they have actually contracted me to help them or not.
Of course this is my opinion. Other people's version of right and wrong may vary.
Last edited:
scsi
Verified User
- Joined
- Aug 19, 2008
- Messages
- 4,695
I agree with floyd the first step is to try to filter the attack before just pulling the plug. I would be pissed with any hosting I was paying for that just pulls the plug. And I will not host with any provider that does that. Last resort would need to be nullrouting the ip at router level.
You'd be surprised how many will pull the plug first. If there's an attack happening, their best option may be to disconnect from the network then troubleshoot. If it's an easy fix, back online it goes. Of course I can see both sides of the argument and like I said, it's case by case. It all depends on your TOS etc etc etc.
Mods, feel free to split this topic a bit if we're heading off course.
nobaloney
NoBaloney Internet Svcs - In Memoriam †
I call it GoDaddy.
They did that to a gent who is now a client of ours because we don't just disconnect servers.
Note: I have no idea if this poster uses GoDaddy or not; I'm just relating a specific experience.
Jeff
Lol, do people actually consider Godaddy anything but a cheap registrar?
floyd
Verified User
- Joined
- Mar 29, 2005
- Messages
- 6,251
I admit sometimes I have had to pull the plug too. But then I don't email the customer and say "Sorry, I had to pull the plug on your machine. Good luck fixing it." No, I go in myself to figure out what's wrong so I can get it back online. From what hik said they pulled the plug without giving him a way to look at the machine remotely. That would suck if you were 3000 miles away from the data center.
nobaloney
NoBaloney Internet Svcs - In Memoriam †
We actually give the client the choice; even without full management the client can ask us to (at our usual rate) work on his server in an emergency.
Jeff
Sounds more like GoDaddy by the minute. But I believe GoDaddy only offers Plesk, so it's probably someone else.
Jeff
focuz
Verified User
On a machine running:
* Fedora Core 6
* CustomApache
I executed:
And got the following error on the last command:
I will ignore this error.
* Fedora Core 6
* CustomApache
I executed:
Code:
cd /usr/local/directadmin/scripts
wget -O roundcube.sh http://files.directadmin.com/services/all/roundcube.sh
./roundcube.shAnd got the following error on the last command:
Code:
cp: cannot stat `/var/www/html/roundcube/temp/*': No such file or directory
ERROR 1142 (42000) at line 6 in file: 'SQL/mysql.update.sql': ALTER command denied to user 'da_roundcube'@'localhost' for table 'messages'
Editing roundcube configuration...
Roundcube has been installed successfully.I will ignore this error.
mkniskanen
Verified User
Just a hint: we started using a non-standard SSH port number several years ago and I have not seen an SSH breaking attempt ever since. Everybody using the server must, of course, know this and all SSH-using utilities from outside (rsync etc) must be reconfigured to use the port. In most cases this is not a problem at all.
I understand, though, that this is not possible in all cases.
floyd
Verified User
- Joined
- Mar 29, 2005
- Messages
- 6,251
That will protect you from standard incoming ssh attacks but that has nothing to do with this thread really. The ssh attacks mentioned in your quote were outgoing and changing your port is not going to affect ssh attacks going out from your machine. You would need to block the destination port 22 in the OUTPUT chain in iptables.
LawsHosting
Verified User
youds
Verified User
After giving RoundCube a raving review, I updated and now can't send emails with it! Typical..
[23-Jan-2009 14:15:50 +0000] SMTP Error: SMTP error: Authentication failure: Invalid response code received from server (Code: 454) in /var/www/html/roundcubemail-0.2/program/steps/mail/func.inc on line 1248 (POST /roundcube/?_task=mail&_action=send)
Running latest custombuild with IMAP/Dovecot/SpamAssassin
[23-Jan-2009 14:15:50 +0000] SMTP Error: SMTP error: Authentication failure: Invalid response code received from server (Code: 454) in /var/www/html/roundcubemail-0.2/program/steps/mail/func.inc on line 1248 (POST /roundcube/?_task=mail&_action=send)
Running latest custombuild with IMAP/Dovecot/SpamAssassin