Ignite Servers bad business practices

[ISG]

I'm sorry, but Ignite Servers clearly have no idea what they are doing.
I appreciate them trying but the conversation that emerged by all the downtime that was involved with the move was just too funny to take it all serious anymore.


Basically Ignite Servers claims to have 5gbps ddos protection in London and they say they can boost this up by "installing a script on your vps".


I guess any experienced provider on here will know that you can't stop a network level ddos that overwhelms the connection by installing an iptables script and still Ignite Servers is here to tell you that this is wrong and their superior iptables script will stop L4 attacks:














And I thought they were exploiting Indians, but I guess it's Indians exploiting them.

To bypass over all the small talk the attack on your VM was well over 5Gbps we did what we could under the protection that we offer to keep your VM online. The beta protection is simply for basic attacks to block them, but we offer 2-5Gbps DDoS protection for free which is not on the server side. As for anything regarding exploiting all of IgniteServers employees are paid well and enjoy their jobs.


Thank you.


Kalon Benton

 

[drmike]

The protection you offer, the real stuff, who is doing the filtering?   Ashburn = Psychz?  What other filtering and locations do you have?  Thought UK was mentioned somewhere also.

 

[ISG]

The protection you offer, the real stuff, who is doing the filtering?   Ashburn = Psychz?  What other filtering and locations do you have?  Thought UK was mentioned somewhere also.

We have 30Gbps on our Ashburn network.


We have 20Gbps in London - OP's attack was over 30Gbps and we temporarily blackholed it while awaiting mitigation by NTT.


We only have 5Gbps protection in Los Angeles currently as we are looking to upgrade our protection once our hardware is setup in the DC.

 

[MikeA]

We have 30Gbps in our Ashburn location yes we have hardware in Psych DC in Ashburn.


We have 20Gbps in London - OP's attack was over 30Gbps and we temporarily blackholed it while awaiting mitigation by NTT.


We only have 5Gbps protection in Los Angeles currently as we are looking to upgrade our protection once our hardware is setup in the DC.

Psychz has good mitigation in LA too, if you're using them for Ashburn you should switch your LA to them (unless you are, but just have low capacity plan.)


Btw, your website is beautiful but you should really consider re-rendering that logo.

 

[ISG]

Psychz has good mitigation in LA too, if you're using them for Ashburn you should switch your LA to them.


Btw, your website is beautiful but you should really consider re-rendering that logo.

Thanks I like the web design also logo could use some work I agree. About the Psych in LA, yes we are looking into that also. We have the hardware just working on the pricing and such things right now. We are currently with SwiftNode LA and it is working for our good but it is not our hardware. Like I said we have the hardware we just need to come to terms on some long term pricing and protection with Psych.

 

[HalfEatenPie]

The script just sounds like basically what logwatch/fail2ban and maybe a version of DDoS-Deflate.  


What I don't understand is what the script is about though.  You state you have DDoS Protection capacity, however you also state that it's server-side/host-node side.  


The issue here is there is no consistency.  The support tech didn't read through the previous tickets to make sure everyone was on the same page.  One person is talking about installing a script server-side for mitigation (with the word "beta" involved), another person is talking about their protection capacity switch-side.


What exactly is the uplink/port-speed of your host node?  If we talk Swiftway, that's 1 Gbit port speed unless you're paying an additional 400 dollars for 10 Gbit (which I doubt).  Similar situation with Psychz (however 10 Gbit isn't as expensive as it is with Swiftway).  


If you're talking about additional mitigation strategies after it's already gone through Psychz's/Swiftway's filters, then I think that's very redundant and the entire fact that certain capacity of the malicious traffic making it server-side (since I'm assuming we're talking DDoS/DoS in terms of volume and not something like Layer 7) defeats the entire purpose of server-side protection.  By then, it's probably just easier to black hole the IP temporarily.  


If @tr1cky has any monitoring setup and can show us the bandwidth usage ramping up and then cutting out due to "DDoS" (because this topic suddenly went from "Oh they moved people randomly across the pond then back" to "Your VPS was getting DDoSed."), that'd be appreciated.  Since the very nature of DDoS is distributed and therefore usually "ramps up" in bandwidth usage rather than hitting all at once.  


It wouldn't be the first time someone is accused of getting DDoSed or sending out a DDoS due to misconfiguration in the Provider's monitoring/switch settings.  Entire reason why I highly recommend remote server monitoring as well and to compare the data you have with your provider (with the proper time-step of course).  Most of my remote monitoring services operates at 30 seconds to 1 minute time-step and has helped me many times when talking with the provider.  


I don't know what actually happened.  This is all he-said/she-said, however it kinda sounds like snake oil.


Anyone else find their "Beta DDos Protection script" a bit redundant and pointless?  I mean if the DDoS attack is more than 5 Gbit (which I mean by itself is a bit hard to get unless you really pissed someone off), then an extra 1 Gbit port saturation is redundant because they'd rather black hole your IP anyways to prevent other clients from being affected.  

 

[tr1cky]

@tr1cky which location were you in that ate 30Gbps worth of attack?

I was in London and still am in London. According to their support I will be moved to Canada (OVH) again, so I don't even know why they moved me at all.


It's more about them moving servers to locations that clearly have less filtering capacity than OVH has and I was fine when I had their servers at OVH, but I guess sometimes in the future I will be moved back to OVH? @ISG

 

[ISG]

I was in London and still am in London. According to their support I will be moved to Canada (OVH) again, so I don't even know why they moved me at all.


It's more about them moving servers to locations that clearly have less filtering capacity than OVH has and I was fine when I had their servers at OVH, but I guess sometimes in the future I will be moved back to OVH? @ISG

We are not moving back to OVH the new location is Ashburn, VA we tried to have our hardware in a location close to the old OVH location to be of more sanctification to our clients while putting our hardware in an actual stable DC also that offered exactly what we wanted. You can request your VM be moved back to USA North East location of Ashburn, VA via ticket and we will get everything fixed up for you.


Thanks.

 

[zafouhar]

Must have been a nightmare for the clients. Absolutely no organization from the host and not even a hint for crediting clients for all the issues they caused. No announcement, moving back and forth, wonder if any clients suffered data loss in the process?

 

[ISG]

Must have been a nightmare for the clients. Absolutely no organization from the host and not even a hint for crediting clients for all the issues they caused. No announcement, moving back and forth, wonder if any clients suffered data loss in the process?

To answer your question no clients suffered data loss, actually data loss was our top priority. As for notifying clients we posted about our migration two days in advanced we did not mass email no but any client who logged into their client area or even checked the server status was notified. Not sure what you mean by moving back and forth its simply moving VM's from one location to the other if clients wish to move back they can request it and we can handle it on a client to client basis. As for organization we organized the migration it was perfectly organized and smooth for us.

 

[zafouhar]

How can you call a migration organized when you are moving data from the US/Canada to Europe? Clients purchased a US/Canada service and ended up with a Europe service.


And then you are moving clients back to the US on a case by case basis, did the funds run out to renew your OVH servers because that is what it sounds like...

 

[zafouhar]

Edi

 

[ISG]

How can you call a migration organized when you are moving data from the US/Canada to Europe? Clients purchased a US/Canada service and ended up with a Europe service.


And then you are moving clients back to the US on a case by case basis, did the funds run out to renew your OVH servers because that is what it sounds like...

No that is not the case sorry. 


As I said earlier I'm not here to argue we chose to migrate at the time we did and its done. If clients want to move back to a US DC in the North East they can simple put in a ticket and we will migrate them back.


If that is all thanks for your time.

 

[River]

looking into registering the company in NC which is actually why our address is that way. We started the process but we did not happen to finish it in NC the address is that way simple because the placement where the process was taking place. However our business is in progress of being registered in Texas everything has been paid for we/I am just waiting for papers and such to come in until then our address will stay the same. Their is no fraudulent activity anywhere in my company to whom it may concern. Just a waiting process for documents.


We currently are operating our of a small business office in Texas in which our address will be updated to this one as soon as documents are in hopefully that will be soon.

1. You do not set your domain name whois address to the Sec. of State's office when pending a trade name registration. Your WHOIS info should never be anywhere other than the place of business or your home. The secretary of state would never ask you to set that info to their office, they probably don't even care what it is.
   
2. You are already committing fraud by operating under a business name that isn't registered. This is a big no-no under IRS, State, Federal rules. You're basically doing business as someone who doesn't exist.
   
3. You say it's not sketchy, but you listed three different states for your registration: Arkansas, Texas, and Arlington (Virginia). You should be incorporating in your home state, or wherever your office is - I don't think an operating business would be possibly moving between three states.
   

My advice to you: be quiet, and hope you don't get any angry customers. The state would have a field day on you.

 

[tr1cky]

We are not moving back to OVH the new location is Ashburn, VA we tried to have our hardware in a location close to the old OVH location to be of more sanctification to our clients while putting our hardware in an actual stable DC also that offered exactly what we wanted.

And what was that?

 

[ISG]

1. You do not set your domain name whois address to the Sec. of State's office when pending a trade name registration. Your WHOIS info should never be anywhere other than the place of business or your home. The secretary of state would never ask you to set that info to their office, they probably don't even care what it is.
   
2. You are already committing fraud by operating under a business name that isn't registered. This is a big no-no under IRS, State, Federal rules. You're basically doing business as someone who doesn't exist.
   
3. You say it's not sketchy, but you listed three different states for your registration: Arkansas, Texas, and Arlington (Virginia). You should be incorporating in your home state, or wherever your office is - I don't think an operating business would be possibly moving between three states.
   

My advice to you: be quiet, and hope you don't get any angry customers. The state would have a field day on you.

Maybe you shouldn't try and google everything because you seems to be getting things wrong I have lived in Arkansas and Texas and just to correct you Arlington is not in Virgina should google that next time you might get it right. Just to touch base on somethings our company is pending registration in Texas simple because that is where we will be based out of we are currently in NC. 

 

[ISG]

And what was that?

As I mentioned to you earlier you can request your node be moved back to USA North East via ticket.

 

[River]

Maybe you shouldn't try and google everything because you seems to be getting things wrong I have lived in Arkansas and Texas and just to correct you Arlington is not in Virgina should google that next time you might get it right. Just to touch base on somethings our company is pending registration in Texas simple because that is where we will be based out of we are currently in NC. 

Okay. Let's get this strait.... FYI Arlington is a County in VA - sorry for the confusion. My Bad.


You still didn't address that you're committing fraud with your WHOIS Data set to the Sec. of State's office - nor did you ever address the fact that you shouldn't be operating before you have a registration and a certificate of operation.


If you are based in NC right now, you should have a registration in NC right now; and when you move to Texas, you should file with Texas, prior to operating. Basically, right now you're operating an illegal business.


If I really wanted to be a meanie, I'd call the Sec. of State's office right now and make a complaint which they would proceed to fine you quite a bit.

 

[tr1cky]

As I mentioned to you earlier you can request your node be moved back to USA North East via ticket.

Is that OVH? Will your USA North East location be able to filter those 30gbps you told me I received and that OVH probably filtered without problems before?

 

[ISG]

Okay. Let's get this strait.... FYI Arlington is a County in VA - sorry for the confusion. My Bad.


You still didn't address that you're committing fraud with your WHOIS Data set to the Sec. of State's office - nor did you ever address the fact that you shouldn't be operating before you have a registration and a certificate of operation.


If I really wanted to be a meanie, I'd call the Sec. of State's office right now and make a complaint which they would proceed to fine you quite a bit.

Well they wouldn't fine me simple because this was already conversed within which is the reason we have the address momentarily now.