my account has been suspended with hosting provider. can anyone shed any insight on the below ticket? Thanks
Posted on 10 Aug 2005 12:18 AM
--------------------------------------------------------------------------------
I would like to know why my account has been suspended.
Acenet Inc
Posted on 10 Aug 2005 12:36 AM
--------------------------------------------------------------------------------
daw61897 was running [psyBNC] the process claimed to be [/usr/local/apache/bin/httpd -DSSL ? ssstt]
The binary is located at: /home/daw61897/public_html/pn/modules/PNphpBB2/includes/.cbk/psybnc (deleted)
daw61897 was running [psyBNC] the process claimed to be [/usr/local/apache/bin/httpd -DSSL ? ssstt]
The binary is located at: /home/daw61897/public_html/pn/modules/PNphpBB2/includes/.cbk/psybnc
daw61897 was running [eggdrop] the process claimed to be [/usr/local/apache/bin/httpd -DSSL -m conf]
The binary is located at: /home/daw61897/public_html/pn/modules/PNphpBB2/includes/.db/eggdrop-1.6.6 (deleted)
daw61897 was running [eggdrop] the process claimed to be [/usr/local/apache/bin/httpd -DSSL -m conf]
The binary is located at: /home/daw61897/public_html/pn/modules/PNphpBB2/includes/.db/eggdrop-1.6.6 (deleted)
daw61897 was running [eggdrop] the process claimed to be [/usr/local/apache/bin/httpd -DSSL -m conf]
The binary is located at: /home/daw61897/public_html/pn/modules/PNphpBB2/includes/.db/eggdrop-1.6.6 (deleted)
daw61897 was running [eggdrop] the process claimed to be [/usr/local/apache/bin/httpd -DSSL -m conf]
The binary is located at: /home/daw61897/public_html/pn/modules/PNphpBB2/includes/.db/eggdrop-1.6.6 (deleted)
daw61897 was running [eggdrop] the process claimed to be [/usr/local/apache/bin/httpd -DSSL -m conf]
The binary is located at: /home/daw61897/public_html/pn/modules/PNphpBB2/includes/.db/eggdrop-1.6.6 (deleted)
This ticket will be updated after a backup of your account has been made.
Though this is a direct violation of our datacenter terms as we cannot provide any connections to IRC.
Posted on 10 Aug 2005 01:27 AM
--------------------------------------------------------------------------------
You can download your files from the following link:
Please update this ticket once completed.
Posted on 10 Aug 2005 01:29 AM
--------------------------------------------------------------------------------
what exactly did i do wrong? i wasn't trying to connect to irc.
Acenet Inc
Posted on 10 Aug 2005 01:53 AM
--------------------------------------------------------------------------------
Anything remotely dealing with IRC receives an immediate ban.
Official psyBNC Support HomePage. Welcome on http://www.psybnc.info
psyBNC. This program is useful for people who cannot be on irc all the time. Its used to keep a connection to irc and your irc client.
Posted on 10 Aug 2005 09:22 AM
--------------------------------------------------------------------------------
when will my account be up and running?
Acenet Inc
Posted on 10 Aug 2005 09:39 AM
--------------------------------------------------------------------------------
You should download your files via the link posted. We will then close your account. Sorry we cannot allow your site to be hosted.
Posted on 10 Aug 2005 09:43 AM
--------------------------------------------------------------------------------
why not?
Watch
GitHub Core
Show your support for Zikula! Sign up at Github account and watch the Core project!
GitHub Modules
Forum Activity
- internetking created topic »password problem« 10:33 PM
- mesteele101 responded to »ERR (3): E_USER_ERROR: Smarty error: [in pagesvar:pagesitem2en line XXX]…« 07:01 AM
- mazdev responded to »Pages 2.5.0 and updating - Page not found« 06:41 AM
- ehdwma created topic »Hide "Register new account" and change template to 3 col« 06:27 AM
- mesteele101 responded to »Zikula 1.3.3 - Selecting a category in Pages not working« 01:29 AM
- mdee created topic »How to implement returnpage ?« 01:00 AM
- nestormateo responded to »Fillters in Clip« 24. May
Zikula Blog
- Anatomy of Open Source Projects on Mar 07
- Continuous Review on Mar 01
- Not Invented Here on Feb 24
- How to Contribute Your Code at Github on Jan 13
- 10 Steps to Coding-Nirvana: Tips for Successful Module Writing on Nov 12
- Submitting Bug Report Tickets That Get Results on Aug 17
- Cozi Tricks #1: Syntax Highlighting on Aug 07
Login
account suspended
-
**unknown user**
- Rank: Registered User
- Registered: Mar 16, 2002
- Last visit: Oct 21, 2009
- Posts: 27
Posted: Aug 10, 2005 - 02:49 AM
-
**unknown user**
- Rank: Softmore
- Registered: Mar 16, 2002
- Last visit: Oct 21, 2009
- Posts: 151
Posted: Aug 10, 2005 - 03:37 AM
You were probably running an old unpatched version for PNphpBB2 that allowed for remote code injection and then someone uploaded those binaries. Eggdrop is an IRC bot used by IRC crackers and spammers. and PsyBNC is an IRC proxy that allows you to hide your IP address. In short you were hacked and they shut you down for not following the T&C and AUP. What you need to do is either convince them that you were hacked and that you will update PNphpBB2 so it doesn't occur again or move to another hosting company. Either way make sure to patch your site. -
- Rank: Expert
- Registered: Mar 11, 2003
- Last visit: Oct 21, 2009
- Posts: 1104
Posted: Aug 12, 2005 - 02:39 AM
Many hosts notified their customers that they would be suspended, or even terminated, if they used or continued to use phpBB2 due to a recently discovered vulnerability.
PNphpBB2 had the same vulnerability. I'm sorry to hear your account was suspended. A harsh lesson but appropriate and I'm sure consistent with your terms of service.
When you share space on a server, any security hole impacts everyone who shares your server. I'm sure you'd be livid if someone did something that knocked down your performance, or worse, crashed your site or caused you to get "blacklisted".
Your experience is a timely reminder that we must update all software and patches as they become available.
Again, I'm sorry you became an example but thanks for providing a lesson for everyone.
Slugger
- Moderated by:
- Support
