* [gentoo-user] {OT} Opinions on Host's Decision Please
@ 2007-09-21 21:37 Grant
2007-09-21 22:18 ` Novensiles divi Flamen
` (2 more replies)
0 siblings, 3 replies; 23+ messages in thread
From: Grant @ 2007-09-21 21:37 UTC (permalink / raw
To: Gentoo mailing list
Hello,
As I have previously posted about, my host sent me an email a few days
ago stating that support tickets for 5,000-6,000 of their clients had
been broken into. I checked my records and found that my root
password had previously been submitted in a support ticket. I then
decided I needed to reinstall my system.
I requested that my host allow me access to a second machine for 2-5
days while I switch over to a clean system, after that I would turn
the old system over to them and continue with the new system.
My request was denied! I'm blown away by this. Was I asking too much?
- Grant
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: [gentoo-user] {OT} Opinions on Host's Decision Please
2007-09-21 21:37 [gentoo-user] {OT} Opinions on Host's Decision Please Grant
@ 2007-09-21 22:18 ` Novensiles divi Flamen
2007-09-21 22:36 ` Grant
2007-09-21 22:40 ` Daniel da Veiga
2007-09-22 16:54 ` Dan Farrell
2 siblings, 1 reply; 23+ messages in thread
From: Novensiles divi Flamen @ 2007-09-21 22:18 UTC (permalink / raw
To: gentoo-user
On Sat, 22 Sep 2007 07:07:23 Grant wrote:
> Hello,
>
> As I have previously posted about, my host sent me an email a few days
> ago stating that support tickets for 5,000-6,000 of their clients had
> been broken into. I checked my records and found that my root
> password had previously been submitted in a support ticket. I then
> decided I needed to reinstall my system.
>
> I requested that my host allow me access to a second machine for 2-5
> days while I switch over to a clean system, after that I would turn
> the old system over to them and continue with the new system.
>
> My request was denied! I'm blown away by this. Was I asking too much?
>
> - Grant
You are probably asking more than their terms of service *require* them to
provide, especially if they don't believe the leaked information was used for
any nefarious activity.
However a reasonable webhost who accepts responsibility for its mistakes and
values its customers would probably grant such a request as a gesture of
goodwill - unless they were worried about opening the floodgates for every
customer to request such treatment, a scenario which would likely leave them
unable to comply even if they wanted to.
As a side note, although I agree with all the comments about 'never been sure'
a system is still clean, did you check whether there was actually any root
logins to your server not from your IP since the breach? If I was in your
situation and could confirm that no root logins occurred (via ssh, ftp,
cpanel, whatever else is running) from other ip's I'd probably rest easy just
changing my password.
- Noven
--
>-- Novensiles divi Flamen --<
>---- Miles Militis Fons ----<
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: [gentoo-user] {OT} Opinions on Host's Decision Please
2007-09-21 22:18 ` Novensiles divi Flamen
@ 2007-09-21 22:36 ` Grant
2007-09-21 23:21 ` Novensiles divi Flamen
0 siblings, 1 reply; 23+ messages in thread
From: Grant @ 2007-09-21 22:36 UTC (permalink / raw
To: gentoo-user
> > As I have previously posted about, my host sent me an email a few days
> > ago stating that support tickets for 5,000-6,000 of their clients had
> > been broken into. I checked my records and found that my root
> > password had previously been submitted in a support ticket. I then
> > decided I needed to reinstall my system.
> >
> > I requested that my host allow me access to a second machine for 2-5
> > days while I switch over to a clean system, after that I would turn
> > the old system over to them and continue with the new system.
> >
> > My request was denied! I'm blown away by this. Was I asking too much?
> >
> > - Grant
>
> You are probably asking more than their terms of service *require* them to
> provide, especially if they don't believe the leaked information was used for
> any nefarious activity.
> However a reasonable webhost who accepts responsibility for its mistakes and
> values its customers would probably grant such a request as a gesture of
> goodwill - unless they were worried about opening the floodgates for every
> customer to request such treatment, a scenario which would likely leave them
> unable to comply even if they wanted to.
> As a side note, although I agree with all the comments about 'never been sure'
> a system is still clean, did you check whether there was actually any root
> logins to your server not from your IP since the breach? If I was in your
> situation and could confirm that no root logins occurred (via ssh, ftp,
> cpanel, whatever else is running) from other ip's I'd probably rest easy just
> changing my password.
Wouldn't it be trivial for them to edit the logs though?
- Grant
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: [gentoo-user] {OT} Opinions on Host's Decision Please
2007-09-21 21:37 [gentoo-user] {OT} Opinions on Host's Decision Please Grant
2007-09-21 22:18 ` Novensiles divi Flamen
@ 2007-09-21 22:40 ` Daniel da Veiga
2007-09-21 23:16 ` Grant
2007-09-22 16:54 ` Dan Farrell
2 siblings, 1 reply; 23+ messages in thread
From: Daniel da Veiga @ 2007-09-21 22:40 UTC (permalink / raw
To: gentoo-user
On 9/21/07, Grant <emailgrant@gmail.com> wrote:
> Hello,
>
> As I have previously posted about, my host sent me an email a few days
> ago stating that support tickets for 5,000-6,000 of their clients had
> been broken into. I checked my records and found that my root
> password had previously been submitted in a support ticket. I then
> decided I needed to reinstall my system.
>
> I requested that my host allow me access to a second machine for 2-5
> days while I switch over to a clean system, after that I would turn
> the old system over to them and continue with the new system.
>
> My request was denied! I'm blown away by this. Was I asking too much?
>
Information that was valuable leaked because they screw it, so, no
matter what terms of service say, they must fix their own mistakes. If
the machine crashes, the data center is burned down to the ground or
the manager's kid pull the plug on the main server, that's a situation
where they can say "not our fault, deal with it". But in your case
their support system had a breach, and thus its their fault. They must
provide you the means to ensure that YOUR information is safe, cause
they caused the incident in the first place. You're unsure about your
information, and information is money.
If I were you I would be backing up my data by now, would then request
a physical backup and after I get it:
1) Send them email about the actions I'm about to take.
2) Move away from their services and look for a better server.
3) Write a cool blog entry about their services and how secure they are.
Of course they could answer the (1) email granting your requests and
maybe you wouldn't have to take steps (2) and (3). Happened to me
once.
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: [gentoo-user] {OT} Opinions on Host's Decision Please
2007-09-21 22:40 ` Daniel da Veiga
@ 2007-09-21 23:16 ` Grant
2007-09-22 3:31 ` Dale
0 siblings, 1 reply; 23+ messages in thread
From: Grant @ 2007-09-21 23:16 UTC (permalink / raw
To: gentoo-user
> > As I have previously posted about, my host sent me an email a few days
> > ago stating that support tickets for 5,000-6,000 of their clients had
> > been broken into. I checked my records and found that my root
> > password had previously been submitted in a support ticket. I then
> > decided I needed to reinstall my system.
> >
> > I requested that my host allow me access to a second machine for 2-5
> > days while I switch over to a clean system, after that I would turn
> > the old system over to them and continue with the new system.
> >
> > My request was denied! I'm blown away by this. Was I asking too much?
> >
>
> Information that was valuable leaked because they screw it, so, no
> matter what terms of service say, they must fix their own mistakes. If
> the machine crashes, the data center is burned down to the ground or
> the manager's kid pull the plug on the main server, that's a situation
> where they can say "not our fault, deal with it". But in your case
> their support system had a breach, and thus its their fault. They must
> provide you the means to ensure that YOUR information is safe, cause
> they caused the incident in the first place. You're unsure about your
> information, and information is money.
>
> If I were you I would be backing up my data by now, would then request
> a physical backup and after I get it:
>
> 1) Send them email about the actions I'm about to take.
> 2) Move away from their services and look for a better server.
> 3) Write a cool blog entry about their services and how secure they are.
>
> Of course they could answer the (1) email granting your requests and
> maybe you wouldn't have to take steps (2) and (3). Happened to me
> once.
I couldn't agree more. It feels like I should have a legal recourse
in this situation. My Dad is a lawyer but has no knowledge of
technical matters.
- Grant
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: [gentoo-user] {OT} Opinions on Host's Decision Please
2007-09-21 22:36 ` Grant
@ 2007-09-21 23:21 ` Novensiles divi Flamen
0 siblings, 0 replies; 23+ messages in thread
From: Novensiles divi Flamen @ 2007-09-21 23:21 UTC (permalink / raw
To: gentoo-user
On Sat, 22 Sep 2007 08:06:40 Grant wrote:
> > > As I have previously posted about, my host sent me an email a few days
> > > ago stating that support tickets for 5,000-6,000 of their clients had
> > > been broken into. I checked my records and found that my root
> > > password had previously been submitted in a support ticket. I then
> > > decided I needed to reinstall my system.
> > >
> > > I requested that my host allow me access to a second machine for 2-5
> > > days while I switch over to a clean system, after that I would turn
> > > the old system over to them and continue with the new system.
> > >
> > > My request was denied! I'm blown away by this. Was I asking too much?
> > >
> > > - Grant
> >
> > You are probably asking more than their terms of service *require* them
> > to provide, especially if they don't believe the leaked information was
> > used for any nefarious activity.
> > However a reasonable webhost who accepts responsibility for its mistakes
> > and values its customers would probably grant such a request as a gesture
> > of goodwill - unless they were worried about opening the floodgates for
> > every customer to request such treatment, a scenario which would likely
> > leave them unable to comply even if they wanted to.
> > As a side note, although I agree with all the comments about 'never been
> > sure' a system is still clean, did you check whether there was actually
> > any root logins to your server not from your IP since the breach? If I
> > was in your situation and could confirm that no root logins occurred (via
> > ssh, ftp, cpanel, whatever else is running) from other ip's I'd probably
> > rest easy just changing my password.
>
> Wouldn't it be trivial for them to edit the logs though?
>
Good point, that comes down to how your server is set up. My server logs get
sent to a dedicated logging host - primarily to agregate logs from half a
dozen domains, with the happy side effect of securing logs from webserver
breaches. My final comment was a presumptive leap based on my own setup and
is invalidated if your logs are kept on the same host.
- Noven
--
>-- Novensiles divi Flamen --<
>---- Miles Militis Fons ----<
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: [gentoo-user] {OT} Opinions on Host's Decision Please
2007-09-21 23:16 ` Grant
@ 2007-09-22 3:31 ` Dale
2007-09-22 16:49 ` Dan Farrell
0 siblings, 1 reply; 23+ messages in thread
From: Dale @ 2007-09-22 3:31 UTC (permalink / raw
To: gentoo-user
[-- Attachment #1: Type: text/plain, Size: 2096 bytes --]
Grant wrote:
>>> As I have previously posted about, my host sent me an email a few days
>>> ago stating that support tickets for 5,000-6,000 of their clients had
>>> been broken into. I checked my records and found that my root
>>> password had previously been submitted in a support ticket. I then
>>> decided I needed to reinstall my system.
>>>
>>> I requested that my host allow me access to a second machine for 2-5
>>> days while I switch over to a clean system, after that I would turn
>>> the old system over to them and continue with the new system.
>>>
>>> My request was denied! I'm blown away by this. Was I asking too much?
>>>
>>>
>> Information that was valuable leaked because they screw it, so, no
>> matter what terms of service say, they must fix their own mistakes. If
>> the machine crashes, the data center is burned down to the ground or
>> the manager's kid pull the plug on the main server, that's a situation
>> where they can say "not our fault, deal with it". But in your case
>> their support system had a breach, and thus its their fault. They must
>> provide you the means to ensure that YOUR information is safe, cause
>> they caused the incident in the first place. You're unsure about your
>> information, and information is money.
>>
>> If I were you I would be backing up my data by now, would then request
>> a physical backup and after I get it:
>>
>> 1) Send them email about the actions I'm about to take.
>> 2) Move away from their services and look for a better server.
>> 3) Write a cool blog entry about their services and how secure they are.
>>
>> Of course they could answer the (1) email granting your requests and
>> maybe you wouldn't have to take steps (2) and (3). Happened to me
>> once.
>>
>
> I couldn't agree more. It feels like I should have a legal recourse
> in this situation. My Dad is a lawyer but has no knowledge of
> technical matters.
>
> - Grant
>
That your Dad is a lawyer may be worth mentioning to them. Just don't
tell them it is NOT his area of practice. May help get that #1 deal.
Dale
:-) :-)
[-- Attachment #2: Type: text/html, Size: 2538 bytes --]
^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: [gentoo-user] {OT} Opinions on Host's Decision Please
2007-09-22 3:31 ` Dale
@ 2007-09-22 16:49 ` Dan Farrell
0 siblings, 0 replies; 23+ messages in thread
From: Dan Farrell @ 2007-09-22 16:49 UTC (permalink / raw
To: gentoo-user
On Fri, 21 Sep 2007 22:31:03 -0500
Dale <dalek1967@bellsouth.net> wrote:
> That your Dad is a lawyer may be worth mentioning to them. Just don't
> tell them it is NOT his area of practice. May help get that #1 deal.
>
> Dale
>
> :-) :-)
Just be careful. Implying legal action could cause you a whole heap of
trouble, since I assume you depend on their server for your
livelihood.
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: [gentoo-user] {OT} Opinions on Host's Decision Please
2007-09-21 21:37 [gentoo-user] {OT} Opinions on Host's Decision Please Grant
2007-09-21 22:18 ` Novensiles divi Flamen
2007-09-21 22:40 ` Daniel da Veiga
@ 2007-09-22 16:54 ` Dan Farrell
2007-09-22 18:09 ` Doug Whitesell
2007-09-22 23:14 ` Novensiles divi Flamen
2 siblings, 2 replies; 23+ messages in thread
From: Dan Farrell @ 2007-09-22 16:54 UTC (permalink / raw
To: gentoo-user
On Fri, 21 Sep 2007 14:37:23 -0700
Grant <emailgrant@gmail.com> wrote:
> Hello,
>
> As I have previously posted about, my host sent me an email a few days
> ago stating that support tickets for 5,000-6,000 of their clients had
> been broken into. I checked my records and found that my root
> password had previously been submitted in a support ticket. I then
> decided I needed to reinstall my system.
>
> I requested that my host allow me access to a second machine for 2-5
> days while I switch over to a clean system, after that I would turn
> the old system over to them and continue with the new system.
>
> My request was denied! I'm blown away by this. Was I asking too
> much?
>
> - Grant
Would it be unreasonable to tell us who this host is? I want to make
sure I don't host any sites on their system; if they can't secure their
work tickets, what makes anybody think they can secure anything else?
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: [gentoo-user] {OT} Opinions on Host's Decision Please
2007-09-22 16:54 ` Dan Farrell
@ 2007-09-22 18:09 ` Doug Whitesell
2007-09-22 23:14 ` Novensiles divi Flamen
1 sibling, 0 replies; 23+ messages in thread
From: Doug Whitesell @ 2007-09-22 18:09 UTC (permalink / raw
To: gentoo-user
You probably were not asking _too_ much. If you are dependent upon
the system for your livelihood, I'd find somewhere else to host,
since these folks sound like bozos.
IANAL, but if you have a contract with them there may be service
level agreements that they're obligated to uphold, and they might not
be upholding them.
---
dcw
On Sep 22, 2007, at 9:54 AM, Dan Farrell wrote:
> On Fri, 21 Sep 2007 14:37:23 -0700
> Grant <emailgrant@gmail.com> wrote:
>
>> Hello,
>>
>> As I have previously posted about, my host sent me an email a few
>> days
>> ago stating that support tickets for 5,000-6,000 of their clients had
>> been broken into. I checked my records and found that my root
>> password had previously been submitted in a support ticket. I then
>> decided I needed to reinstall my system.
>>
>> I requested that my host allow me access to a second machine for 2-5
>> days while I switch over to a clean system, after that I would turn
>> the old system over to them and continue with the new system.
>>
>> My request was denied! I'm blown away by this. Was I asking too
>> much?
>>
>> - Grant
>
> Would it be unreasonable to tell us who this host is? I want to make
> sure I don't host any sites on their system; if they can't secure
> their
> work tickets, what makes anybody think they can secure anything else?
> --
> gentoo-user@gentoo.org mailing list
>
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: [gentoo-user] {OT} Opinions on Host's Decision Please
2007-09-22 16:54 ` Dan Farrell
2007-09-22 18:09 ` Doug Whitesell
@ 2007-09-22 23:14 ` Novensiles divi Flamen
2007-09-24 21:51 ` Grant
1 sibling, 1 reply; 23+ messages in thread
From: Novensiles divi Flamen @ 2007-09-22 23:14 UTC (permalink / raw
To: gentoo-user
On Sun, 23 Sep 2007 02:24:04 Dan Farrell wrote:
> On Fri, 21 Sep 2007 14:37:23 -0700
>
> Grant <emailgrant@gmail.com> wrote:
> > Hello,
> >
> > As I have previously posted about, my host sent me an email a few days
> > ago stating that support tickets for 5,000-6,000 of their clients had
> > been broken into. I checked my records and found that my root
> > password had previously been submitted in a support ticket. I then
> > decided I needed to reinstall my system.
> >
> > I requested that my host allow me access to a second machine for 2-5
> > days while I switch over to a clean system, after that I would turn
> > the old system over to them and continue with the new system.
> >
> > My request was denied! I'm blown away by this. Was I asking too
> > much?
> >
> > - Grant
>
> Would it be unreasonable to tell us who this host is? I want to make
> sure I don't host any sites on their system; if they can't secure their
> work tickets, what makes anybody think they can secure anything else?
I'm taking a guess it's these guys:
http://www.theregister.co.uk/2007/09/19/layered_technologies_breach_disclosure/
- Noven
--
>-- Novensiles divi Flamen --<
>---- Miles Militis Fons ----<
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: [gentoo-user] {OT} Opinions on Host's Decision Please
2007-09-22 23:14 ` Novensiles divi Flamen
@ 2007-09-24 21:51 ` Grant
2007-09-24 23:21 ` Grant
0 siblings, 1 reply; 23+ messages in thread
From: Grant @ 2007-09-24 21:51 UTC (permalink / raw
To: gentoo-user
> > > As I have previously posted about, my host sent me an email a few days
> > > ago stating that support tickets for 5,000-6,000 of their clients had
> > > been broken into. I checked my records and found that my root
> > > password had previously been submitted in a support ticket. I then
> > > decided I needed to reinstall my system.
> > >
> > > I requested that my host allow me access to a second machine for 2-5
> > > days while I switch over to a clean system, after that I would turn
> > > the old system over to them and continue with the new system.
> > >
> > > My request was denied! I'm blown away by this. Was I asking too
> > > much?
> > >
> > > - Grant
> >
> > Would it be unreasonable to tell us who this host is? I want to make
> > sure I don't host any sites on their system; if they can't secure their
> > work tickets, what makes anybody think they can secure anything else?
>
> I'm taking a guess it's these guys:
> http://www.theregister.co.uk/2007/09/19/layered_technologies_breach_disclosure/
>
> - Noven
Bingo. They sent me another message with an offer that could be what
I asked for. It was vague. I replied and lookie here:
----- The following addresses had permanent fatal errors -----
"|/usr/local/sbin/cerberus /usr/local/etc/config.xml FATAL
/var/log/cerberus.log"
I guess that means they're working on the system. I'll try to send again.
- Grant
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: [gentoo-user] {OT} Opinions on Host's Decision Please
2007-09-24 21:51 ` Grant
@ 2007-09-24 23:21 ` Grant
2007-09-25 1:53 ` Doug Whitesell
0 siblings, 1 reply; 23+ messages in thread
From: Grant @ 2007-09-24 23:21 UTC (permalink / raw
To: gentoo-user
> > > > As I have previously posted about, my host sent me an email a few days
> > > > ago stating that support tickets for 5,000-6,000 of their clients had
> > > > been broken into. I checked my records and found that my root
> > > > password had previously been submitted in a support ticket. I then
> > > > decided I needed to reinstall my system.
> > > >
> > > > I requested that my host allow me access to a second machine for 2-5
> > > > days while I switch over to a clean system, after that I would turn
> > > > the old system over to them and continue with the new system.
> > > >
> > > > My request was denied! I'm blown away by this. Was I asking too
> > > > much?
> > > >
> > > > - Grant
> > >
> > > Would it be unreasonable to tell us who this host is? I want to make
> > > sure I don't host any sites on their system; if they can't secure their
> > > work tickets, what makes anybody think they can secure anything else?
> >
> > I'm taking a guess it's these guys:
> > http://www.theregister.co.uk/2007/09/19/layered_technologies_breach_disclosure/
> >
> > - Noven
>
> Bingo. They sent me another message with an offer that could be what
> I asked for. It was vague.
So much for that.
"I understand sir. Unfortunately I'm about out of rope in this
situation. The only
thing I can really provide to you at this point, is the oppertunity to
flag this for
the management team, and allow them to speak with you directly.
I'll move forward and make sure this gets marked correctly for them.
Please understand that as they work M-F 9 AM - 5 PM CST, it could be some time
before you are able to get a response from them. Your patience and
cooperation is
greatly appreciated."
- Grant
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: [gentoo-user] {OT} Opinions on Host's Decision Please
2007-09-24 23:21 ` Grant
@ 2007-09-25 1:53 ` Doug Whitesell
2007-09-25 2:11 ` Grant
0 siblings, 1 reply; 23+ messages in thread
From: Doug Whitesell @ 2007-09-25 1:53 UTC (permalink / raw
To: gentoo-user
On Sep 24, 2007, at 4:21 PM, Grant wrote:
>
> So much for that.
>
> "I understand sir. Unfortunately I'm about out of rope in this
> situation. The only
> thing I can really provide to you at this point, is the oppertunity to
> flag this for
> the management team, and allow them to speak with you directly.
>
> I'll move forward and make sure this gets marked correctly for them.
>
> Please understand that as they work M-F 9 AM - 5 PM CST, it could
> be some time
> before you are able to get a response from them. Your patience and
> cooperation is
> greatly appreciated."
Customer service in the Internet age :(
I would find a new host, but that's just me.
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: [gentoo-user] {OT} Opinions on Host's Decision Please
2007-09-25 1:53 ` Doug Whitesell
@ 2007-09-25 2:11 ` Grant
2007-09-25 17:54 ` Mick
0 siblings, 1 reply; 23+ messages in thread
From: Grant @ 2007-09-25 2:11 UTC (permalink / raw
To: gentoo-user
> > So much for that.
> >
> > "I understand sir. Unfortunately I'm about out of rope in this
> > situation. The only
> > thing I can really provide to you at this point, is the oppertunity to
> > flag this for
> > the management team, and allow them to speak with you directly.
> >
> > I'll move forward and make sure this gets marked correctly for them.
> >
> > Please understand that as they work M-F 9 AM - 5 PM CST, it could
> > be some time
> > before you are able to get a response from them. Your patience and
> > cooperation is
> > greatly appreciated."
> Customer service in the Internet age :(
>
> I would find a new host, but that's just me.
Any recommendations?
- Grant
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: [gentoo-user] {OT} Opinions on Host's Decision Please
2007-09-25 2:11 ` Grant
@ 2007-09-25 17:54 ` Mick
2007-09-25 18:54 ` Grant
0 siblings, 1 reply; 23+ messages in thread
From: Mick @ 2007-09-25 17:54 UTC (permalink / raw
To: gentoo-user
[-- Attachment #1: Type: text/plain, Size: 864 bytes --]
On Tuesday 25 September 2007, Grant wrote:
> > > So much for that.
[snip...]
> > Customer service in the Internet age :(
> >
> > I would find a new host, but that's just me.
>
> Any recommendations?
Couldn't you host your own server in the loft or the garage, using an old box
for the job? A car battery + inverter for UPS (all second hand of course)
should see you good for not much more than the cheapest of most ISP packages
per year. The catch here is that access speed may not be as good as the more
centralised fiber optic data centers with their load sharing, 8 CPU monsters,
but as I assume that you are not running amazon or google you should be
OK. ;-)
It may be worth checking with your domestic DSL/cable ISP that they do not
throttle traffic and that they allow you to run a server in their T&Cs.
--
Regards,
Mick
[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: [gentoo-user] {OT} Opinions on Host's Decision Please
2007-09-25 17:54 ` Mick
@ 2007-09-25 18:54 ` Grant
2007-09-25 21:07 ` Dan Farrell
0 siblings, 1 reply; 23+ messages in thread
From: Grant @ 2007-09-25 18:54 UTC (permalink / raw
To: gentoo-user
> > > Customer service in the Internet age :(
> > >
> > > I would find a new host, but that's just me.
> >
> > Any recommendations?
>
> Couldn't you host your own server in the loft or the garage, using an old box
> for the job? A car battery + inverter for UPS (all second hand of course)
> should see you good for not much more than the cheapest of most ISP packages
> per year. The catch here is that access speed may not be as good as the more
> centralised fiber optic data centers with their load sharing, 8 CPU monsters,
> but as I assume that you are not running amazon or google you should be
> OK. ;-)
>
> It may be worth checking with your domestic DSL/cable ISP that they do not
> throttle traffic and that they allow you to run a server in their T&Cs.
I have a dedicated server now and I'll never use a shared system
again. I think the problem would be the internet connection. I've
heard that most ISPs block port 80 so you can't run a webserver from a
"home" connection. I think business connections are expensive. I'm
only paying $75/month now.
- Grant
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: [gentoo-user] {OT} Opinions on Host's Decision Please
2007-09-25 18:54 ` Grant
@ 2007-09-25 21:07 ` Dan Farrell
2007-09-25 23:00 ` Grant
0 siblings, 1 reply; 23+ messages in thread
From: Dan Farrell @ 2007-09-25 21:07 UTC (permalink / raw
To: gentoo-user
On Tue, 25 Sep 2007 11:54:36 -0700
Grant <emailgrant@gmail.com> wrote:
> I have a dedicated server now and I'll never use a shared system
> again. I think the problem would be the internet connection. I've
> heard that most ISPs block port 80 so you can't run a webserver from a
> "home" connection. I think business connections are expensive. I'm
> only paying $75/month now.
>
> - Grant
$75/month is more than it costs to get a business-level cable or
DSL line w/ a static ip in my area. The dsl guys couldn't guarantee
speeds better than 256k both ways, but Comcast was happy to sell me
loads of bandwith. Their package was around that for the 8mb down /
768kb up , + a static IP. The only catch was the hefty
two hundred fifty dollar installation fee that was waived only with a 2
year commitment.
FWIW, many isp's also _don't_ block port 80. In fact, the DHCP ips of
both my friends on DSL and myself seem entirely open. One friend of
mine has configured his router with hosts.deny, and therefore he has no
true firewall; I can even get through on the finger port, telnet, smtp,
ssh -- everything.
On my home server (comcast cable), I am
very happy to say that not only are all the ports open, but my
connection is actually pretty good for my very low traffic needs.
( spore.ath.cx is being hosted from my linen closet; see the speed
yourself). If you want me to run a port map on your ip address, feel
free to send me your IP address.
So don't think that it's really expensive to have a do-it-yourself
solution in your garage or something, at least not too quickly.
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: [gentoo-user] {OT} Opinions on Host's Decision Please
2007-09-25 21:07 ` Dan Farrell
@ 2007-09-25 23:00 ` Grant
2007-09-25 23:23 ` Novensiles divi Flamen
` (2 more replies)
0 siblings, 3 replies; 23+ messages in thread
From: Grant @ 2007-09-25 23:00 UTC (permalink / raw
To: gentoo-user
> > I have a dedicated server now and I'll never use a shared system
> > again. I think the problem would be the internet connection. I've
> > heard that most ISPs block port 80 so you can't run a webserver from a
> > "home" connection. I think business connections are expensive. I'm
> > only paying $75/month now.
> >
> > - Grant
>
> $75/month is more than it costs to get a business-level cable or
> DSL line w/ a static ip in my area. The dsl guys couldn't guarantee
> speeds better than 256k both ways, but Comcast was happy to sell me
> loads of bandwith. Their package was around that for the 8mb down /
> 768kb up , + a static IP. The only catch was the hefty
> two hundred fifty dollar installation fee that was waived only with a 2
> year commitment.
>
> FWIW, many isp's also _don't_ block port 80. In fact, the DHCP ips of
> both my friends on DSL and myself seem entirely open. One friend of
> mine has configured his router with hosts.deny, and therefore he has no
> true firewall; I can even get through on the finger port, telnet, smtp,
> ssh -- everything.
>
> On my home server (comcast cable), I am
> very happy to say that not only are all the ports open, but my
> connection is actually pretty good for my very low traffic needs.
> ( spore.ath.cx is being hosted from my linen closet; see the speed
> yourself). If you want me to run a port map on your ip address, feel
> free to send me your IP address.
>
> So don't think that it's really expensive to have a do-it-yourself
> solution in your garage or something, at least not too quickly.
That sounds awesome from a DIY perspective, but this server provides
100% of my income and I feel like it should be hosted. Maybe I'm
wrong. Does anyone else house a money-critical server in their home?
- Grant
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: [gentoo-user] {OT} Opinions on Host's Decision Please
2007-09-25 23:00 ` Grant
@ 2007-09-25 23:23 ` Novensiles divi Flamen
2007-09-25 23:29 ` kashani
2007-09-26 1:31 ` Dan Farrell
2 siblings, 0 replies; 23+ messages in thread
From: Novensiles divi Flamen @ 2007-09-25 23:23 UTC (permalink / raw
To: gentoo-user
On Wed, 26 Sep 2007 08:30:37 Grant wrote:
> >
> > So don't think that it's really expensive to have a do-it-yourself
> > solution in your garage or something, at least not too quickly.
>
> That sounds awesome from a DIY perspective, but this server provides
> 100% of my income and I feel like it should be hosted. Maybe I'm
> wrong. Does anyone else house a money-critical server in their home?
>
> - Grant
I love my home web server - its a great playground for me and the ~15 other
people out there who access it.
My business server is hosted. There is just no way I can provide the bandwidth
or reliability the business demands in a home environment. ISP maintenance
outages occur 2-3 times a year, and although I might not care if I can't
access the web between 2 and 4am one wednesday night, clients and visitors
from the US or Europe would have a legitimate problem.
Unless you can put in the infrastructure to guarantee 99.99% uptime in your
home (redundant internet connections from different providers, backup power
generator, climate controlled room, backup systems that work when you go on
holiday for a month, etc) you are taking a big risk with your livelihood
going DIY. I've had the occasional issue with my host, but overall it is a
very acceptable level of business risk and well worth the money.
- Noven
--
>-- Novensiles divi Flamen --<
>---- Miles Militis Fons ----<
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: [gentoo-user] {OT} Opinions on Host's Decision Please
2007-09-25 23:00 ` Grant
2007-09-25 23:23 ` Novensiles divi Flamen
@ 2007-09-25 23:29 ` kashani
2007-09-26 1:33 ` Dan Farrell
2007-09-26 1:31 ` Dan Farrell
2 siblings, 1 reply; 23+ messages in thread
From: kashani @ 2007-09-25 23:29 UTC (permalink / raw
To: gentoo-user
Grant wrote:
> That sounds awesome from a DIY perspective, but this server provides
> 100% of my income and I feel like it should be hosted. Maybe I'm
> wrong. Does anyone else house a money-critical server in their home?
>
Hours Comcast was down last year: 140 (random outages)
Hours my VPS was down last year: .5 (planned hardware upgrade)
Available peak bandwidth outbound on Cable: 768 kb/s
Available peak bandwidth outbound on VPS: > 100 Mb/s
Cable statis IP on black lists: yes
VPS Statis IP's on black lists: no
Total outbound traffic possible on 768 kb/s cable in a month: 250 GB
Total outbound traffic with my VPS plan: 2TB
If you're hosting your own blog or other nonsense do it at home. If
you're making money off your site or have reasons for it not to be down,
don't host it at home.
kashani
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: [gentoo-user] {OT} Opinions on Host's Decision Please
2007-09-25 23:00 ` Grant
2007-09-25 23:23 ` Novensiles divi Flamen
2007-09-25 23:29 ` kashani
@ 2007-09-26 1:31 ` Dan Farrell
2 siblings, 0 replies; 23+ messages in thread
From: Dan Farrell @ 2007-09-26 1:31 UTC (permalink / raw
To: gentoo-user
On Tue, 25 Sep 2007 16:00:37 -0700
Grant <emailgrant@gmail.com> wrote:
> That sounds awesome from a DIY perspective, but this server provides
> 100% of my income and I feel like it should be hosted. Maybe I'm
> wrong. Does anyone else house a money-critical server in their home?
>
> - Grant
No, I wouldn't recommend this for production servers. I plan to do it
soon, when I have 2 static IPs to assign to nameservers, but I don't
think it's a particularly good idea unless you're in to that kind of
thing. I agree with you, Grant.
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: [gentoo-user] {OT} Opinions on Host's Decision Please
2007-09-25 23:29 ` kashani
@ 2007-09-26 1:33 ` Dan Farrell
0 siblings, 0 replies; 23+ messages in thread
From: Dan Farrell @ 2007-09-26 1:33 UTC (permalink / raw
To: gentoo-user
On Tue, 25 Sep 2007 16:29:38 -0700
kashani <kashani-list@badapple.net> wrote:
> Hours Comcast was down last year: 140 (random outages)
Clearly cable is pretty inconsistant; that having been said, mine
hasn't ever gone out in the two years I've had it.
Of course, I provided my own motorola cable modem. That might have a
little to do with it.
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 23+ messages in thread
end of thread, other threads:[~2007-09-26 1:51 UTC | newest]
Thread overview: 23+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-09-21 21:37 [gentoo-user] {OT} Opinions on Host's Decision Please Grant
2007-09-21 22:18 ` Novensiles divi Flamen
2007-09-21 22:36 ` Grant
2007-09-21 23:21 ` Novensiles divi Flamen
2007-09-21 22:40 ` Daniel da Veiga
2007-09-21 23:16 ` Grant
2007-09-22 3:31 ` Dale
2007-09-22 16:49 ` Dan Farrell
2007-09-22 16:54 ` Dan Farrell
2007-09-22 18:09 ` Doug Whitesell
2007-09-22 23:14 ` Novensiles divi Flamen
2007-09-24 21:51 ` Grant
2007-09-24 23:21 ` Grant
2007-09-25 1:53 ` Doug Whitesell
2007-09-25 2:11 ` Grant
2007-09-25 17:54 ` Mick
2007-09-25 18:54 ` Grant
2007-09-25 21:07 ` Dan Farrell
2007-09-25 23:00 ` Grant
2007-09-25 23:23 ` Novensiles divi Flamen
2007-09-25 23:29 ` kashani
2007-09-26 1:33 ` Dan Farrell
2007-09-26 1:31 ` Dan Farrell
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox