amuck-landowner

ChicagoVPS / CVPS Hacked. New SolusVM exploit? (Content Restored) [PT. 1/2]

Status
Not open for further replies.

jacobsta811

New Member
.... So after that hack, their business doubled in less than 9 months? That doesn't make sense..
They dropped their prices significantly - did they ever sell 1yr/2GB RAM/50-100GB disk for $40 before ? They had a *hugely* popular thread on slickdeals.net which is an enormous board and where I found them - although I knew about LowEndBox and VPSBoard before that.
 

jer

New Member
Signed up to post, wanted to note for others:

The CVPS Email makes it sound like if you don't want a restore, don't open a ticket, and you'll get a fresh image (how they'd know what image I don't know).

That option sounds good as I keep backups of backups, and use my own script to quickly customize the server on reimage, so I've been waiting.

I've been seeing chi-vps10 as up in Pingdom, but my VPS doesn't ping on either IP, and there's no route to host for SSH.

I reluctantly opened at ticket, as I know they're busy.. asking for a reimage, a random strong pass, and specifying the OS.

So for others info - just because a node appears up in Pingdom doesn't mean your VPS is there.
 

XFS_Duke

XFuse Solutions, LLC
Verified Provider
wow, it really amazes me how many of you cannot read...

Their SolusVM master is back up, is has all of your information in it. Such as IP addresses, OS you had installed and so forth.

What they are doing is manually recreating each VPS in SolusVM, and what I mean by that is going into each accoung in SolusVM and choosing the correct IP for your account, choosing the correct OS based on the information they have and then clicking REINSTALL. This is going to get you back online. They won't email each and every single customer right when they do it for them, as it'll make the process longer. They are sending out email updates. They are not responding to support tickets right now, I think they said that in an email already, unless it is an emergency.

I think some of you are here just to stir up more BS than actually being upset about this.

You can also request them to do a restore of your VPS, once everything is all said and done, you SHOULD be back to normal how you were before someone decided to stop spanking their winkie for a little while and cause this whole thing.

Just have patience. It is a lot of nodes to go through and a lot of time recreating each one. If you have a better way, let them know. Maybe you can give them some tips that they don't have, otherwise, the bashing because you can't read really isn't helping the situation.

Just my 2 cents :)
 

leeboof

New Member
wow, it really amazes me how many of you cannot read...

Their SolusVM master is back up, is has all of your information in it. Such as IP addresses, OS you had installed and so forth.

What they are doing is manually recreating each VPS in SolusVM, and what I mean by that is going into each accoung in SolusVM and choosing the correct IP for your account, choosing the correct OS based on the information they have and then clicking REINSTALL. This is going to get you back online. They won't email each and every single customer right when they do it for them, as it'll make the process longer. They are sending out email updates. They are not responding to support tickets right now, I think they said that in an email already, unless it is an emergency.

I think some of you are here just to stir up more BS than actually being upset about this.

You can also request them to do a restore of your VPS, once everything is all said and done, you SHOULD be back to normal how you were before someone decided to stop spanking their winkie for a little while and cause this whole thing.

Just have patience. It is a lot of nodes to go through and a lot of time recreating each one. If you have a better way, let them know. Maybe you can give them some tips that they don't have, otherwise, the bashing because you can't read really isn't helping the situation.

Just my 2 cents :)
I think everyone would have more patience if they actually put put updates like this, it's not that hard.

9am: working on restoring node 13

10am: still working on node 13, 50 accounts to go

11am: almost done with node 13, node 54 next

11:30am: node 13 complete, working on node 54..

It's not that hard and would go a long way to making customers happy and seeing progress.
 

XFS_Duke

XFuse Solutions, LLC
Verified Provider
I think everyone would have more patience if they actually put put updates like this, it's not that hard.

9am: working on restoring node 13

10am: still working on node 13, 50 accounts to go

11am: almost done with node 13, node 54 next

11:30am: node 13 complete, working on node 54..

It's not that hard and would go a long way to making customers happy and seeing progress.
I see your point... But they're doing their best to limit the time it takes to get this done. Just have patience, it'll get worked out.
 

upsetcvps

New Member
What they are doing is manually recreating each VPS in SolusVM, and what I mean by that is going into each accoung in SolusVM and choosing the correct IP for your account, choosing the correct OS based on the information they have and then clicking REINSTALL. This is going to get you back online. They won't email each and every single customer right when they do it for them, as it'll make the process longer. They are sending out email updates. They are not responding to support tickets right now, I think they said that in an email already, unless it is an emergency.
I really hope they are not actually clicking away in a gui vps by vps.  I'm not sure if that's much better than magnets.  I should start my own hosting business.  I can call it "notcvps" or "oppositeofcvps" maybe.
 
Last edited by a moderator:

jfreak53

New Member
Though I agree that you can only do what you can do when you can do it and no amount of complaining is going to change that, it would take Chris 2 seconds to post to twitter every hour an update of some sort. This would keep customers very very happy in the long run, damage control is one of the first thing the military teaches to new Officer recruits for a reason ;)
 

drmike

100% Tier-1 Gogent
They dropped their prices significantly - did they ever sell 1yr/2GB RAM/50-100GB disk for $40 before ?
 

No doubt, CVPS has been dropping their prices like crazy since the tail end of 2012.

November 25, 2012, they first issued a limited offer:

Enterprise $30/year
  • 2048MB Dedicated Ram
  • 50GB Diskspace
  • 2TB Bandwidth

$2.50 a month on that.

Pricing had been pretty much $7-7.95 a month for said plan in 2012.

$7 a month in 2011, got you their 1GB RAM plan.
 

jer

New Member
I think most of us do have patience - and understanding. Most of us are probably in the industry in one way or another, and aware of the time it would take.
 

wow, it really amazes me how many of you cannot read...
I stopped reading after that. I did skim though...

You mentioned something about how they know the OS etc to reimage with. I'm sure they do, but it didn't say that anywhere in the email I got. So your effort to illistrate how we don't read is without effect. Did you read the notice?
 

wow, it really amazes me how many of you cannot read... ...bashing because you can't read... ...I think some of you are here just to stir up more BS...
Who stirs what? You said we don't read. [ :)] ...Just thought I'd point out your bashing irony.

I admit I intintionally didn't thoughly read your post, it honestly sounded like it was going to be a rant. I did thoughly read the CVPS notifications however.

I don't think my previous post had any BS, so I'm assuming your talking about 'talking about it', or you're talking someone else.

If you were talking about my previous post - where do you suggest we go to talk about the issue? ...If not a public Forum, with a thread about the company having to do with the issue? Just want to make sure I signed up in the right place.

I don't expect updates on the hour, I'll check myself. I am patient, at the 3 day Outage level.

I do expect what I paid for, have understanding for issues, and haven't bashed anyone. I've been with CVPS for over 2 years I think, through their ups and downs, and have stayed. I'm one of those "small business supporter" guys. I don't think that's BS, "provider".

Don't bother responding with answers, the questions were more to help you see your irony. Your 2 cents has no actual worth to me.  ;)
 

XFS_Duke

XFuse Solutions, LLC
Verified Provider
I think most of us do have patience - and understanding. Most of us are probably in the industry in one way or another, and aware of the time it would take.

I stopped reading after that. I did skim though...


You mentioned something about how they know the OS etc to reimage with. I'm sure they do, but it didn't say that anywhere in the email I got. So your effort to illistrate how we don't read is without effect. Did you read the notice?

Who stirs what? You said we don't read. [ :)] ...Just thought I'd point out your bashing irony.


I admit I intintionally didn't thoughly read your post, it honestly sounded like it was going to be a rant. I did thoughly read the CVPS notifications however.

I don't think my previous post had any BS, so I'm assuming your talking about 'talking about it', or you're talking someone else.


If you were talking about my previous post - where do you suggest we go to talk about the issue? ...If not a public Forum, with a thread about the company having to do with the issue? Just want to make sure I signed up in the right place.

I don't expect updates on the hour, I'll check myself. I am patient, at the 3 day Outage level.

I do expect what I paid for, have understanding for issues, and haven't bashed anyone. I've been with CVPS for over 2 years I think, through their ups and downs, and have stayed. I'm one of those "small business supporter" guys. I don't think that's BS, "provider".

Don't bother responding with answers, the questions were more to help you see your irony. Your 2 cents has no actual worth to me.  ;)
Actually, I know what they were doing. I watched it on Team Viewer. My business partner Brian was helping them out yesterday. So, that is how I know. I was supposed to help them out, but I didn't get home in time. So, thank you mr. 2 posts. There was no irony in my questions as I know what they're doing. So, my post was to alert people that they are overracting. Simple as that. Just give it time.

If it's simple and you can do better, by all means, buy a domain, a server, build a design and setup everything as well as put in the money to get accounts that you need in order to run your business and then do it yourself.
 

upsetcvps

New Member
If it's simple and you can do better, by all means, buy a domain, a server, build a design and setup everything as well as put in the money to get accounts that you need in order to run your business and then do it yourself.
How much of an initial financial investment would it take?  Since I am mildly serious.
 
Last edited by a moderator:

XFS_Duke

XFuse Solutions, LLC
Verified Provider
How much of an initial financial investment would it take?  Since I am mildly serious.
That would all depend on how you want to look, what options you want to provide for your customers and so forth. Probably around $1000 to start. That gets you all the "options" you need to start. But like I said, it all depends on how you want to look to your customers. If you buy your own servers instead of leasing them, then you'll look at atleast 4x that number.

But how about we don't hijack this thread anymore. If you have questions for me, send me a PM....
 
Last edited by a moderator:

Aldryic C'boas

The Pony
I think everyone would have more patience if they actually put put updates like this, it's not that hard.

9am: working on restoring node 13
10am: still working on node 13, 50 accounts to go
11am: almost done with node 13, node 54 next
11:30am: node 13 complete, working on node 54..

it would take Chris 2 seconds to post to twitter every hour an update of some sort
Some of you folks might not appreciate exactly what is going on at the DC right now, and just how hectic things are. When we moved to Vegas, Francisco and I were both up for well over 30 hours straight (with a 10 hour drive): elbow-deep in hardware trying to get things working again, public communications was honestly the absolute last thing on our minds, and to be fair the only reason we remembered to update as often as we did was because we were primarily using IRC to communicate with Anthony, and he'd remind us to update everyone else.

Our issues in Vegas were minor compared to this.. if the SQL count is right, you're talking over 100 nodes apparently trashed. This isn't a case where they're just sitting at their desks, drinking coffee and playing with GUI interfaces. The guys working to resolve this are very likely having to rip nodes apart to test hardware, debug the existing problems, get things settled, all while also trying to juggle 1) The Solus vulnerability, and 2) checking to make sure someone didn't leave a backdoor on a node or something. All of this taking place while under an INSANE amount of stress, which is going to impact concentration and reasoning. If someone is buried in terminal after terminal trying to recover these nodes, they're not going to stop and think "Oh, guess I should go hit up Twitter to remind folks that we're obviously not just leaving things where they fell". In a normal situation, sure, you have a chance to take a breather, remind yourself of other things to do, and so forth. In a hellish situation like this? You're lucky if the poor saps remember to eat, let alone keep track of how much time has passed and so on.

Yes, regular updates are generally the decent thing to do, so that affected clients can keep up with what's going on. But FFS folks, don't presume this is just walk-in-the-park situation where they're just deciding "eh, screw it, no need to update anyone"... at least try to be a bit considerate of what they're going through at the moment.




damage control is one of the first thing the military teaches to new Officer recruits for a reason
Offtopic: They should concentrate more on teaching recruits to show more respect to seasoned NCOs, nevermind how much they paid for the butterbar. I _HATED_ dealing with ROTC-Nazis, especially when they wanted to take out some stupid complex on the sols without us sergeants being able to intervene.
 

Chankster

New Member
Some of you folks might not appreciate exactly what is going on at the DC right now, and just how hectic things are. When we moved to Vegas, Francisco and I were both up for well over 30 hours straight (with a 10 hour drive): elbow-deep in hardware trying to get things working again, public communications was honestly the absolute last thing on our minds, and to be fair the only reason we remembered to update as often as we did was because we were primarily using IRC to communicate with Anthony, and he'd remind us to update everyone else.


...


Yes, regular updates are generally the decent thing to do, so that affected clients can keep up with what's going on. But FFS folks, don't presume this is just walk-in-the-park situation where they're just deciding "eh, screw it, no need to update anyone"... at least try to be a bit considerate of what they're going through at the moment.
No, regular updates are not "decent" they are required.  It is a standard part of damage control and only amateurs would think differently.  The easiest way to help manage the influx of tickets is to keep your customers informed from the very beginning.  I cannot emphasize this enough: Keeping your customers in the dark will do FAR more damage than the "hack" itself.
 
Status
Not open for further replies.
Top
amuck-landowner