| Posted by philhowell, 04-03-2009, 04:26 AM | |
Your website is down for maintenance, so the 24/7 chat is offline.
I need the following;
Linux Hosting
PHP 5+
MySQL 5+
cPanel or Fantastico
Access to cron jobs
cURL enabled
PHP exec() function enabled
Do you offer this?
Thanks
|
| Posted by EuShellS, 04-03-2009, 04:48 AM | |
Hello,
Does anyone know anything about CoreHoster.com? I entered their website and I appearance of a message "Core Hoster is down for maintenance" problem is that I do host them and all I had on the server are missing.
With a little luck only one site is functional in all I have 7 of them. All we have lost, the problem is that I was not notified of this problem or accident, if one who has reached corehoster.com this topic, please leave an explanation or if someone knows .. something about this so please leave me a message.
Honestly when I got to them, there will not be months 3-24 hours failed.
I apologize if I'm not very well expressed, but not an expert on English.
Thanks
|
| Posted by VbCrazy, 04-03-2009, 05:09 AM | |
Hello,
All clients have been emailed regarding the downtime matter.
|
| Posted by EuShellS, 04-03-2009, 08:16 AM | |
Hi,
Thanks .. I have managed to get about me, I understood that was the problem, but did not receive email.
|
| Posted by andrew_t, 04-03-2009, 08:50 AM | |
It seems a hacker compromised their servers from looking at their website.
Though there is a lot of problems with their website so i couldn't get the full story which was annoying.
|
| Posted by Leonids, 04-03-2009, 10:31 AM | |
i've been trying to go to corehoster.com's site to complete my order but seems to be down sooo... long since i last visited 8 hours ago?
|
| Posted by Toby H, 04-03-2009, 10:41 AM | |
Hi Leonids,
I'm seeing this when I hit the site
Not a good sign! Any idea how long they have been down for? It's possible they are updating the site, but normally hosts would put up a holding page or something letting customers know what is going on...
|
| Posted by imadmin, 04-03-2009, 10:43 AM | |
Dear clients,
We have some very upsetting new for some clients.
Today we had a hacker who managed to get into the GreenCore Server. This hacker was looking to harm Core Hoster and he did indeed do that.
The hacker managed to to destroy 925 accounts along with all of our backups. We did not realize the attack until the hacker targeted the main site.
Please understand that we are doing our to find out how this hacker managed to get into our system.
Currently we have about 7 guys working on the server and doing the best they can do to re-secure and make sure a drastic attack like this never happens again.
Currently we are looking into getting the lost data restored.
Please understand that there may not be a chance that we can recover this data but we will indeed do our best to see that we do.
For all clients that got effected please email me directly at nick at corehoster.com and we will provide a 3 month credit.
I am very sorry for the inconvenience we may have caused you
|
| Posted by Toby H, 04-03-2009, 10:47 AM | |
It should be nearly impossible for that to happen, so that in itself is quite worrying, where did you get that information from?
I'm guessing you're a current customer and they emailed that out?
|
| Posted by imadmin, 04-03-2009, 10:50 AM | |
yes that is correct and ive only been with corehoster
for a week
|
| Posted by Toby H, 04-03-2009, 10:55 AM | |
ouch...that isn't a good start, bad luck
Are there any other CoreHoster customers out there that are affected by this or anyone with any longer term experience of their service?
|
| Posted by HJI Technologies LLC, 04-03-2009, 11:06 AM | |
This was the e-mail:
|
| Posted by MegaHostUK, 04-03-2009, 01:33 PM | |
Sound like the backups were kept on the same server now that is an amazing idea.
That reminds me I need to download todays backup's ready to be sent offsite. I mean to keep them on the same server.
|
| Posted by HJI Technologies LLC, 04-03-2009, 01:41 PM | |
Yea, keeping backups on the same server is never a good idea. What I'm thinking is that this 'Hacker' is probably the same hacker who hacked the WHT's database. Hence, since the person stole user's e-mails, passwords, etc, what I'm thinking is that the hacker must have figured out the password that the owner of Corehoster uses here (VBCrazy?), and maybe that password that was used here was the same password for the root control of the server (maybe?), and that is how the access was gained. I could be wrong, but that's what I think.
|
| Posted by eservicesu, 04-03-2009, 01:57 PM | |
Im a current customer. Just using this account till I get my server online. Why is the site down? I called the toll free number as well and even that is down?
Please PM me or email me or something thanks!
eddy
|
| Posted by VbCrazy, 04-03-2009, 02:14 PM | |
We will have an update for everyone soon.
|
| Posted by VbCrazy, 04-03-2009, 02:22 PM | |
Dear clients,
We have some very upsetting new for some clients.
Today we had a hacker who managed to get into the GreenCore Server. This hacker was looking to harm Core Hoster and he did indeed do that.
The hacker managed to to destroy 925 accounts along with all of our backups. We did not realize the attack until the hacker targeted the main site.
Please understand that we are doing our to find out how this hacker managed to get into our system.
Currently we have about 7 guys working on the server and doing the best they can do to re-secure and make sure a drastic attack like this never happens again.
Currently we are looking into getting the lost data restored.
Please understand that there may not be a chance that we can recover this data but we will indeed do our best to see that we do.
For all clients that got effected please email me directly at nick at corehoster.com and we will provide a 3 month credit.
I am very sorry for the inconvenience we may have caused you.
UPDATES WIL BE POSTED IN THIS THREAD.
|
| Posted by Leonids, 04-03-2009, 02:29 PM | |
i'm pretty attracted by their server specs and offer... so i'll give them a try... Nick, please let me know when your servers are ok... but do you keep the backups on the same server??? i hope you have FFmpeg support soon!
we have to give the new company a chance...
but i'll still keep the account i have with another host as backup...
|
| Posted by VbCrazy, 04-03-2009, 02:29 PM | |
Update #2
Well after a little research we found out the following.
Server was compromised by the account 'hoanganh', This hacker used a malicious script to uploaded to the server by FTP using brute force.
This account was injected because a very weak password was used, and it compromised all the other accounts on your server.
WE WILL TRY TO HAVE A NOTHER UPDATE SOON.
|
| Posted by doopt, 04-03-2009, 02:34 PM | |
Maybe WHT's hacker?
Good Luck restoring all backup!
|
| Posted by EuShellS, 04-03-2009, 02:50 PM | |
|
| Posted by LaneHost, 04-03-2009, 04:04 PM | |
Good luck getting everything sorted.
|
| Posted by coldgansta, 04-03-2009, 05:26 PM | |
I have also recived this email from corehoster saying they were hacked.
I have also had reports that the server owners wiped the server after none payment by corehoster.I find this hard to swallow after i myself paid the $40+ and have several master reseller accounts with them that i sold to clients.
I have over 60+ clients on there server and thats more than half my hosting income.It sickens me that there support is ofline and we have no way of knowing the outcome or whats going on,All i know so far is they say they were hacked and i have loads of accounts that are gone.
Seems to me like a cut and run.
To any clients that have had loss due to this Blogs Hoster is setting up a new server to try to salvage some of this mess left behind by core hoster so i can set you up an account for the price that you pay now!!
Plz email me andy23456@hotmail.com or come to my site www.blogshoster.com submit me a ticket and i will do my best to get you back online.
I allso have a thread on dp
http://forums.digitalpoint.com/showt...7#post11072047
Last edited by coldgansta; 04-03-2009 at 05:32 PM.
|
| Posted by chrislange, 04-03-2009, 05:26 PM | |
I currently have a Alpha aster with you and I think I might just cancel because the service I am getting is terrible and the night I bought a master the server went down straight away ! You REALLY need to get your server much faster and safer if you really want to keep your customers !
|
| Posted by VbCrazy, 04-03-2009, 05:34 PM | |
Hello,
1. I am sorry for inconvenience we may have caused you.
2. Service has been great upto now due to this attack.
3. Our servers are smokin fast and never had anyone comment about how bad the speed is. We also hear people rave about the speed.
4. The server is currently being resecured and we can asure you that this will never happen again.
|
| Posted by chrislange, 04-03-2009, 05:39 PM | |
The speed isn't too bad but the down time happens a lot.
When will your servers be back on-line ?
|
| Posted by VbCrazy, 04-03-2009, 05:49 PM | |
The server will be up very soon. We are just making sure that is is very secure before we flick the switch.
We will have the main support site up very soon for anyone with questions.
|
| Posted by chrislange, 04-03-2009, 05:51 PM | |
how soon will this be as I really need your servers to be promising because i'm running a web hosting business via your server - my Alpha Master.
|
| Posted by StartYourServer, 04-03-2009, 06:22 PM | |
They are offering you 3 months free to makeup for any customers you may have lost.
|
| Posted by EuShellS, 04-03-2009, 06:42 PM | |
WHOIS - 208.43.30.188
OrgName: SoftLayer Technologies Inc.
OrgID: SOFTL
Address: 1950 N Stemmons Freeway
City: Dallas
StateProv: TX
PostalCode: 75207
Country: US
ReferralServer: rwhois://rwhois.softlayer.com:4321
NetRange: 208.43.0.0 - 208.43.255.255
CIDR: 208.43.0.0/16
OriginAS: AS36351
NetName: SOFTLAYER-NETBLOCK-4-6
NetHandle: NET-208-43-0-0-1
Parent: NET-208-0-0-0-0
NetType: Direct Allocation
NameServer: NS1.SOFTLAYER.COM
NameServer: NS2.SOFTLAYER.COM
Comment:
RegDate: 2008-04-22
Updated: 2008-04-22
RAbuseHandle: ABUSE1025-ARIN
RAbuseName: Abuse
RAbusePhone: +1-214-442-0605
RAbuseEmail: abuse@softlayer.com
RNOCHandle: IPADM258-ARIN
RNOCName: IP Admin
RNOCPhone: +1-214-442-0600
RNOCEmail: ipadmin@softlayer.com
RTechHandle: IPADM258-ARIN
RTechName: IP Admin
RTechPhone: +1-214-442-0600
RTechEmail: ipadmin@softlayer.com
OrgAbuseHandle: ABUSE1025-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-214-442-0605
OrgAbuseEmail: abuse@softlayer.com
OrgTechHandle: IPADM258-ARIN
OrgTechName: IP Admin
OrgTechPhone: +1-214-442-0600
OrgTechEmail: ipadmin@softlayer.com
What will be done .. is to contact the provider softlayer.com to advise us on this. Times have not paid and has been deleted or were hackers fault. Currently remain reserved.
|
| Posted by EuShellS, 04-03-2009, 06:47 PM | |
Hi,
When you go to the Master / Alpha Master? I tried to log in and not going to log in.
|
| Posted by andrew_t, 04-03-2009, 06:51 PM | |
I have actually had very bad dealings with core hoster and the person that runs it even from the very start - before it was even created.
If a web host cannot provide support through a major issue then they really need to assess their ability to provide support services.
Secondly - this is opinion forming from previous experiences - but this situations sounds alot like the WHT issue and secondly you had on your old website you took off-site backups.
|
| Posted by andrew_t, 04-03-2009, 06:54 PM | |
Also - the Whole Alpha Master Reseller and so on - usually indicates that the host is majorly, and i mean majorly over cramming their servers.
|
| Posted by bcs1, 04-03-2009, 07:01 PM | |
Well, for what it's worth man, we feel your pain....
i wish you the best getting things restored...
we are on day 4 following ours....
Good Luck Man...
|
| Posted by VbCrazy, 04-03-2009, 07:05 PM | |
Hello guys the main site is now backup.
For tyhose who got effected please open up a support ticket and we will recreate your account.
|
| Posted by EuShellS, 04-03-2009, 07:32 PM | |
Mda
"Fatal error: Smarty error: unable to write to $compile_dir '/home/corehost/public_html/clientsarea/templates_c'. Be sure $compile_dir is writable by the web server user. in /home/corehost/public_html/clientsarea/libs/Smarty.class.php on line 1095
"
|
| Posted by VbCrazy, 04-03-2009, 07:50 PM | |
This issue has now been resolved.
|
| Posted by StartYourServer, 04-03-2009, 08:46 PM | |
Backups should be kept so far away from the actual server that people don't even know they exist!
|
| Posted by Scott.Mc, 04-03-2009, 09:03 PM | |
Did this user have root privileges? I fail to see how your user managed to escalate to root privileges unless you had an extremely poorly configured system (and going on the fact you had weak passwords, this would indicate to be the case).
|
| Posted by StartYourServer, 04-03-2009, 09:06 PM | |
It sounds like it may have actually been one of his customers who executed this attack.
|
| Posted by Scott.Mc, 04-03-2009, 09:07 PM | |
Which still doesn't answer the question, how did a single user manage to escalate to root.
|
| Posted by sharmaine1111, 04-03-2009, 10:53 PM | |
yeah until now the site is down. im worried that all files of their customers must have been deleted allegedly due to hack attempt
|
| Posted by andrew_t, 04-03-2009, 11:09 PM | |
I'm with both of you on this one.
It's very strange that somehow this user managed to take down the whole server including backups and everything.
|
| Posted by eservicesu, 04-03-2009, 11:35 PM | |
I was talking to nick and it seems like our data has been deleted. :-(
Thank goodness this is not on a production level for me or id be really upset. Also Nick told me he would put my account back online for me hours and hours ago. All support seems to be offline and it looks like I wont even be getting my services restored till tomorrow.
|
| Posted by anon-e-mouse, 04-04-2009, 01:17 AM | |
Threads and posts merged.
|
| Posted by EuShellS, 04-04-2009, 04:30 AM | |
|
| Posted by EuShellS, 04-04-2009, 04:32 AM | |
|
| Posted by EuShellS, 04-04-2009, 04:40 AM | |
|
| Posted by Toby H, 04-04-2009, 07:25 AM | |
Has anyone actually checked with softlayer what happened here?
If not, where is this speculation coming from?
|
| Posted by EuShellS, 04-04-2009, 03:15 PM | |
|
| Posted by VbCrazy, 04-04-2009, 04:05 PM | |
Hello EuShells,
Lets clear someting up for you here.
1. I Nick did indeed reply to your ticket with that comment. Now from reading your opened ticket i see that you falid to read any of our emails, therefor i was asking you to read our emails so that you had a little more imput on what was going on.
I then requested that you open up a support ticket requesting that we re-create your account, the reason why i said this is because we did not know if you wanted to continue with our services.
2. I am sorry for the data you lost while using our services. You need to understand that this sort of attack could have happend to anyone.
3. Now we have seen some rumors floating around by a member saying that the data was lost due to non-payment to our data center, this is incorrect as we pay all of our bills 2 months ahead.
You can also see that we purchase sticky threads every week here for $150.00/week.m So for someone to say we do not pay our bills is an idiot.
For all those effected, i am greatly sorry, we will be sure that this will never happen again.
|
| Posted by Scott.Mc, 04-04-2009, 05:14 PM | |
I asked earlier in the thread how a single user managed to escalate to root and you have still not answered this question?
|
| Posted by VbCrazy, 04-04-2009, 05:56 PM | |
This will be my last post on this subject as i really do not have time to post, or stick around for these trolling games.
For a local user to get root access it requires some research to find an outdated kernel version with a local user root exploit and break it with malicious code - access to this user could have been intercepted in so many ways, from just cold hacking, (knowing the user's password by looking at him typing it) to someone having his box compromised by a trojan, botnet or a USB keylogger, the opt ions are numerous
in the future we will keep enhancing our security measures and constantly motivate our users to have safe passwords to avoid events like this.
|
| Posted by Scott.Mc, 04-04-2009, 06:03 PM | |
Typical response when your own stupidity gets you in these situations.
What you should have said is that your total lack of basic security measures and updates had lead to this situation.
I feel very sorry for your customers.
|
| Posted by VbCrazy, 04-04-2009, 07:53 PM | |
Wow what a pethatic person/company.
The fact that a nother company would come here and start bashing someone else is pretty pethatic LOL. Well now we know what type of people work at AdminGeekZ.com
Idiots i guess.
After reviewing some of your recent posts i found you are a regular troller
I guess the reasonas as to why you have so much time to post is because you have no clients OR all of your clients found that you did a poor job managing there servers
From me personal reading your comments in this thread, I think that only a amacher would see how much of an idiot you are as every post i have seen makes me wonder.
Now because we know how much of an amachure you are, we will all be expecting a reply back from you to prove my point.
|
| Posted by Scott.Mc, 04-04-2009, 07:58 PM | |
I have to say you are a very funny person, it is my business to prevent the type of thing you encountered (Which I do very well, thank you very much) so when I see things occur that should have been prevented I will voice my opinion.
You can spin it however you want and you can draw the attention wherever you like, fact is - anyone who understands the basics of operating a system will realize what a catastrophic failure you have caused.
|
| Posted by Leonids, 04-05-2009, 01:28 AM | |
well... come on... stop bashing the man... give him a chance... they are new after all... vb... are you ready to take up new customers? send me an email i'll complete my order
|
| Posted by hoangth, 04-07-2009, 12:05 AM | |
I ready buy new package on Core Hoster. My acc now on the server get hacked before (grencore) and i worry about that. The support not so good (answer after 7-8 hours). Maybe his so busy to fix error. Ok, i think we should give him some time but if after 1-2 days more the support is the same i will ask for money back.
|
| Posted by sharmaine1111, 04-11-2009, 12:49 PM | |
If you are truly sincere, then give refunds or rebates to all your customers. I have a friend hosted by you and she's left crying. You just dont know how much money is lost. Sorry is not enough for the trouble that you caused your clients and their clients
|
| Posted by VbCrazy, 04-11-2009, 01:25 PM | |
Hello sharmaine1111,
You and your friend are responsible for your data, not us.
I think it would be in your best interest to read ours & your next hosts TOS/AUP.
If you read our TOS/AUP it clearly states *We are not responsible for any data loss*.
Best Regards,
Nick
|
| Posted by sharmaine1111, 04-11-2009, 01:29 PM | |
It's not only about the data, but the downtime it caused the clients. You know that downtime more than 4 hours is truly unacceptable. It will cause pagerank to go down, among other things.
|
| Posted by VbCrazy, 04-11-2009, 01:32 PM | |
Hello,
I think that in all of the 8 months we have been opned, we have never really had any downtime.
We had a pretty drastic attack which was not our falt.
Best Regards,
Nick
|
| Posted by HJI Technologies LLC, 04-11-2009, 07:32 PM | |
I have sent Nick an e-mail 3 times... no response on my account. If I don't get a reply with in the next 2 days, I am opening a Paypal Dispute.
|
| Posted by VbCrazy, 04-11-2009, 08:02 PM | |
Hello Androgen,
We have not gotten any emails from you. I think it would be in your best interest to open up a ticket.
|
| Posted by HJI Technologies LLC, 04-11-2009, 10:46 PM | |
You have not gotten the e-mail? You better check again.
Here's what I sent:
Sent: Apr 3 (9 days ago)
Need a screenshot? I'll provide one.
Last edited by HJI Technologies LLC; 04-11-2009 at 10:49 PM.
|
| Posted by VbCrazy, 04-12-2009, 08:21 AM | |
Hello Androgen,
Let me try to make this a little more clear.
I did NOT get your email.
1. Please open up a ticket requesting your account
2. You will not be getting a credit as you were not even an active client.
Best Regards,
Nick
|
| Posted by HJI Technologies LLC, 04-12-2009, 02:18 PM | |
So let me get this straight, I have to be an ACTIVE client to get credit? Define 'active' for me.
Anyways, Ticket Created #771063.
Last edited by HJI Technologies LLC; 04-12-2009 at 02:25 PM.
|
| Posted by VbCrazy, 04-12-2009, 03:01 PM | |
Hello Androgen,
Give it up, i really do not got the time for the fun games.
You stated yourself that you were not using our services which would make you inactive.
Note: We have now re-activated your account as you have requested in the ticket.
Any other issues you may have please post in ticket.
Discussion Closed.
|
| Posted by HJI Technologies LLC, 04-12-2009, 03:34 PM | |
You wouldn't be getting these kinds of comments from people if you actually knew how to run a business sadly to say.
Anyhow, let's back on topic.
|
| Posted by VbCrazy, 04-12-2009, 03:49 PM | |
Hello Androgen,
You make me laugh sometimes.
Most business owners would not put up with your childish games. Because we are doing such a poor job of running our company. I will just go ahead and really show how poor of a job you are doing.
1. You have been in business sence 2009-03-03
2. You like to play pointless childish games which you do not gain from.
3. Half your site is not even fully functional.
EXamples:
1. Your Live Chat: https://www.dotxm.com/livehelp/index.php
2. Your order links do not even work on your index page.
3. You could not even do a basic WHMCS integration.
Should i go on? as it is looking bad.
Anyways, as i have stated before, i do not have time for your childish games.
Now your account has been re-activated so this is the end of this discussion.
Best Regards,
|
| Posted by Alex, 04-12-2009, 04:37 PM | |
Sounds good to me. In fact, .
Alex
|
|
 Add to Favourites
 Print this Article
|
