Netcup deactivating my account with no reason

    netcup deactivates my account 2nd time today, without any reason. Apparently they left me a 'abuse ticket' which includes a message of 'nicht abgeschlossen'. Translate gives me 'not completed' for translation of 'nicht abgeschlossen', which obviously makes no sense at all. Does anyone else experience this? What's the place of this incident in ToS?

    To be fair: Nearly all (german) Hosters are very strict when it comes to account deactivations. Without knowing what you did wrong, there is no way for us to know who‘s to blame.


    I‘ve been a customer since many years now and my account has never been deactivated. So I don‘t think that netcup has done anything wrong.


    At least you can reach them on sundays. Not all hosters are reachable on sunday concerning abuse.

    The reason just appeared. Apparently an exploit scanning took place within my server. Here is my explanation I sent to netcup:


    Code
    I personally have no information about the incident. However, it is true that I observed something strange within my server, while I was working on it. On the way setting up the necessary parts for my data collection pipeline from cryptocurrency exchanges and other stuff, I've found that an odd container was eating lots of CPU, which I didn't deploy. After I terminate it, and after a few hours, I found a new container doing the same. After that, I found another one. I tried to explore the containers' includings but the container's output was NULL, so I left the investigation. So I decided to take the measures and re-install my VPS from scratch, thinking that malicious software was affected my server. 

As a measure to prevent future incidents like this one, I will have an effective use of UFW, change the ssh port and renew all of my passwords of applications I used within the server.


    Can netcup still charge me for the incident?

    I don‘t think they will charge anything. Those things tend to happen and with reinstalling from scratch you did the right thing.*


    The only question is: When will your account get unlocked? Possibly you‘ll have to wait till Monday for that.


    *Finding the security hole would have been better, but let‘s be honest, most of us neither have the knowledge nor the time to do so.

    Zitat von furkan

    change the ssh port

    Changing the SSH port is completely useless, everyone can scan the new port within a few minutes. Better off starting with SSH Keys etc

    VPS Secret • VPS 200 G8 • 4x VPS piko G11s • 2x RS 1000 G9.5 SE NUE • RS Cyber Quack • VPS 1000 ARM G11 VIE

    mail@compi653.net

    Hay,


    mostly it's a hacked server, but it seems you have seen it by yourself already. Servers are hard to maintain with lacking expirience, so please take this hint to learn about server hardening and this in this thread already:


    • ssh not as root, not password, but privat/public key (root only by sudo on the server)
    • firewall (open necessary ports only) & fail2ban (with a very aggressive jail setting)
    • regular update of tools, services, packages, wordpress (if used) and their plugins/themes
    • (very) secure passwords (e.g. for email)
    • actual distribution (linux) or autoupdate (windows)


    Zitat von furkan

    'not completed'

    In this case, this means, that the abuse ticket or task is not resolved yet. If you take the right actions and netcup is willing to accept it, then it will turn to another state.


    CU, Peter

    Peter Kleemann // https://www.pkleemann.de // +49 621 1806222-0 // Kann Programme, Internet, Netzwerke und Telefon.

    2 Mal editiert, zuletzt von CmdrXay ()

    Gefällt mir 2

  • Neu erstellte Beiträge unterliegen der Moderation und werden erst sichtbar, wenn sie durch einen Moderator geprüft und freigeschaltet wurden.

    Die letzte Antwort auf dieses Thema liegt mehr als 365 Tage zurück. Das Thema ist womöglich bereits veraltet. Bitte erstellen Sie ggf. ein neues Thema.

    • :)
    • :(
    • ;)
    • :P
    • ^^
    • :D
    • ;(
    • X(
    • :*
    • :|
    • 8o
    • =O
    • <X
    • ||
    • :/
    • :S
    • X/
    • 8)
    • ?(
    • :huh:
    • :rolleyes:
    • :love:
    • :pinch:
    • 8|
    • :cursing:
    • :wacko:
    • :thumbdown:
    • :thumbup:
    • :sleeping:
    • :whistling:
    • :evil:
    • :saint:
    • <3
    • :!:
    • :?:
    Maximale Anzahl an Dateianhängen: 10
    Maximale Dateigröße: 1 MB
    Erlaubte Dateiendungen: bmp, gif, jpeg, jpg, pdf, png, txt, zip