• Howdy! Welcome to our community of more than 130.000 members devoted to web hosting. This is a great place to get special offers from web hosts and post your own requests or ads. To start posting sign up here. Cheers! /Peo, FreeWebSpace.net
managed wordpress hosting

tera-byte problem

N

niekas

New Member
i've been with tera-byte for over a year. It was great untill now.
I just got billed with tera-byte for 190.99$ for the month of august for extra bandwidth that my site used. They can't provide any logs or anything they say that my bandwidth was 68 GB but my Webtrends stats say that my visitor count and page view count didn't change actually it was declining. They responce is very dry and not helpfull.
I'm still not convinced that my site used that much bandwidth.

It always was fine. I have No 5 account plan with 30GB traffic included.

I didn't change anything bandwidth consuming on my website.
I don't know what to do.. Whats your advice? Is it gonne be another nosepilot case?

as i stated we dont use logs we use the router to determine where a packet of
info is destined that is how the traffic is measured and paid for. you can
gather whatever log info from the server or third party software you wish
however that doesnt change what traffic your server used or what is billed.

Steve
Click to expand...
 
Hello,

They have had a utility on their website for a couple of months now to track your bandwidth:

https://ssl.tera-byte.com/bandwidth/

This is the only indication that you have, apparently they send an email when your approaching the limit, but I do not know if you received it.

Robert
 
nope

no they never send any notifications - only way to find this was through credit card statement and inquiry afterwards.
As i said i was using them for more than a year. Bandwidth, page views, unique visitor count was actually declining. (top bandwidth was about 2000 dec - Jan 2001). I didn't change anything on my website that would impact bandwidth so much. Bandwidth is trifold now with that new system?
:angry2:
 
hi,
looks like someone missused/hacked your site...
i just know from my weblogs @ tera-byte that someone tried if i got nt and guess iis. perhaps it was the new virus...

anyway just saw that in my log file... but currently i am working on finding a tool, that allows me to analyze my log file
(web trends log analizer 6.5c failled or i did do something wrong).

what i am going to do is ask tera-byte not to allow more traffic on my site (set a limit) and perhaps ask them to improve the security!

the problem is that you need to generate your usage from their site and it might be wrong at your virtual account. (like someone already posted here)
 
ohh. thanks a lot for your posting.
i checked my domain. and i am already on 7GB!! Can't believe that. (I thought I never would reach 1GB/month!!)

Asked tera-byte to set a limit to 20GB, which is the maximum with my plan. And asked them kindly to improve security and try to stop missuse...

Keep me informed how it's going on with your problem, niekas.

Anyone else got problems with usage/hacking??
 
Originally posted by Hayama-kun
ping -fs don't show up on your webtrends counter.
Click to expand...
:confused:
whats that has to do with anything?
according to statistics by them i used 68 GB of bandwidth that august. According to webtrends i got 822,475 pageviews in august. So it ends up that average page is about 83KB. I don't think there is a single page that is that big on my site.
They still claim that there are no mistakes whatsoever on their side.
I urge everyone hosted with terabyte to check your bandwidth, because they changed something in their system.
Also check your credit card bills.
 
ping basically tries to check the network and the connection to your site...
and it's not showed in your webtrends, but transfer is counted against your bandwith usage!
so someone could have missused ping and sent and recieved data pakets to/from your account for hours and perhaps even from diffrent fast servers...
 
i think the virus could have to do something with the high usage...

thanks for the links to the other threads. really hope tera-byte is already working and fixes this problem!!!

niekas or someone else with the problems.
have you also got a lot of Bad Requests??
I got 748 (558.2%)

how can it be more than 100% perhaps they count like java.sun 300% pure java (100% on server, again 100% on middleware and 100% on client)

didn't recieve a email from the support so far:-(
but i still count on them... (and know they cannot answer that soon... my bank promises to answer in 4 hours... that's awesome...)
 
Originally posted by akersche
Anyone else got problems with usage/hacking??
Click to expand...
I don't use Tera-Byte, but...

My host's server got hacked yesterday. I checked my logs and I also noticed that, what I'm assuming to be that new virus, made about 50 requests for Windows files. Thankfully I'm not on a Windows server.
 
niekas or someone else with the problems.
have you also got a lot of Bad Requests??
I got 748 (558.2%)
Click to expand...
Problem with tera-byte that they do not provide any kind of logs. So they can say anything they want and charge for it. I have any kind of proof about high usage exept their word. Webtrends do not show any type of traffic, page views or unique visitors increase.
 
here are some request that my site got:
216.86.194.75 - - [20/Sep/2001:08:09:09 -0600] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 302 234 "-" "-"
216.205.78.42 - - [20/Sep/2001:08:14:49 -0600] "GET /scripts/root.exe?/c+dir HTTP/1.0" 302 226 "-" "-"

i can't take any action against that. only tera-byte itself could block that!!!

ohh i know now. i can take some action *gg*
i can ping and ---- up all servers that try to retrieve non existent sites and look like beeing infected...
it's great to have connection to T1-server:) but that's the last thing i am going to do.... but that might be the only thing i could....
 
Last edited:
Originally posted by niekas

Problem with tera-byte that they do not provide any kind of logs. So they can say anything they want and charge for it. I have any kind of proof about high usage exept their word. Webtrends do not show any type of traffic, page views or unique visitors increase.
Click to expand...

looks like you use webtrends live and you inserted a small code to your webpages...
welll than it doesn't show a log for files that DON'T EXIST.

but tera-byte offers some stats. with my package 4 they do.

log into http://www.yourdomain.yourending/siteadmin/
there you can get stats and also download the log-file...
mine is 7MB. But you can see some simple reports online, too.
(I can provide anyone my log, if someone is interested or thinks he can help).
Greetings
Arno
 
Originally posted by Phrozen

I don't use Tera-Byte, but...

My host's server got hacked yesterday. I checked my logs and I also noticed that, what I'm assuming to be that new virus, made about 50 requests for Windows files. Thankfully I'm not on a Windows server.
Click to expand...

sorry to hear that.... sounds like the virus is really a horror:-(
i am also not on windows, but still, my bandwith usage explodes:-(
 
i answered this on webhosting talk ill also answer it here.

first off our system measures transfer by measuring the packets of information accross the router destined for an ip address.
this number simply can not be wrong, if the number was wrong that means the packets sent across the router would not reach the designated owner of those packets and all traffic on the internet ceases to exist.
whether the traffic shown in our monitor is caused by some worm or some other source is irrelivent as its still traffic, its traffic destined for your ip address and our job is to get it there.

so the question some would ask is why dont you block the traffic caused by the worm if that is whats causing the increase? quite simply how? do i block all ips of all windows servers throughout the internet so there is no possible chance worm traffic can hit the network? or do i add a few lines of code to the router that scans all traffic inbound for virus code and dumps it before its measured?
lets look at both of those options
option one, its pretty hard as a webhost to block all the windows type servers that exist from accessing the network the job of a webhost is to make the sites hosted on their servers accessable to the entire internet comunity not "the internet comunity that isnt infected" or "the internet comunity that some customers may want to allow access to"

so that leaves option two block out the virus with some code put on the router
is this possible? not really the router has a job that is to route traffic not to inspect it, if we ask the router to inspect traffic the load goes up, load increases so does latency and the possibility that traffic fails, altogether it works out that it isnt an obtainable solution. if it were a workable solution why havent the backbone providers already done so? why is the traffic reaching our routers in the first place? the answer is they also cant afford the load on their routers.

Steve
 
maybe you right about technical part...

this is email from steve
why exactly would you believe that if it was a virus request or whatever your
not responsible for that traffic? it would be the exact same thing if you had
a 1 meg download and the same person downloaded it 4 million times its still
your traffic you have the ability to prevent abuse of your system through
htaccess and various other devices enabled on your site if you choose not to
do this then you pay for the bandwidth exactly the same as i have to pay for
bandwidth i use. there is no difference except for scale.
Click to expand...

for you its profitable you make money out of it.
Maybe thats why you choose not to notify the owner then site approaches
alloted bandwith limit?
Its a big problem if i have to pay 10 times of what i'm usually pay for the
service that is not there. I never even had a chance to do anything about
this.
Its not that i didn't choose to protect myself from this. (htaccess or
whatever) You should notify sites about this problem not simply cold
bloodedly charge them for this and think its OK.
Maybe even give option for site to be disabled after it reaches the limit.
Maybe you could offer solution or help if there are any?
It looks like in this case you sold your customers respect to fast dollar...
or i'm wrong?
regard
Also in last 26 hours i used 9,+ GB of bandwidth.
Its crazy isn't it?

SEPT 21, 2001, 12:48AM (plan #5) - 31.718 GB
(GB = gigabytes)
Sept 22. 2001, 2:06AM (plan #5) - 40.809 GB
(GB = gigabytes)

Thats insane...

Also i'm downloading log file So far 350MB and i'm not sure how big it will be. (thanks akersche for pointing that to me)
 
Last edited:
Originally posted by Steve
i answered this on webhosting talk ill also answer it here.

first off our system measures transfer by measuring the packets of information accross the router destined for an ip address.
this number simply can not be wrong, if the number was wrong that means the packets sent across the router would not reach the designated owner of those packets and all traffic on the internet ceases to exist.
>> i believe your counting is ok. but that still doesn't mean you shouldn't care for security. in the datacenter there are a lot possilibities to do so.
and think of following: has tera-byte to pay for the traffic at virutal accounts without ip's that are not domain specific?
whether the traffic shown in our monitor is caused by some worm or some other source is irrelivent as its still traffic, its traffic destined for your ip address and our job is to get it there
>>that's true. it's our (customer) traffic. but we are not the only one that can do something about security.

so the question some would ask is why dont you block the traffic caused by the worm if that is whats causing the increase? quite simply how? do i block all ips of all windows servers throughout the internet so there is no possible chance worm traffic can hit the network? or do i add a few lines of code to the router that scans all traffic inbound for virus code and dumps it before its measured?
lets look at both of those options
option one, its pretty hard as a webhost to block all the windows type servers that exist from accessing the network the job of a webhost is to make the sites hosted on their servers accessable to the entire internet comunity not "the internet comunity that isnt infected" or "the internet comunity that some customers may want to allow access to"

so that leaves option two block out the virus with some code put on the router
is this possible? not really the router has a job that is to route traffic not to inspect it, if we ask the router to inspect traffic the load goes up, load increases so does latency and the possibility that traffic fails, altogether it works out that it isnt an obtainable solution. if it were a workable solution why havent the backbone providers already done so? why is the traffic reaching our routers in the first place? the answer is they also cant afford the load on their routers.

Steve
>> Interesting points Steve. If you see it this way. But there are a lot of other things a data-center could do.
i feel like you think all of your customers have no idea about your stuff. but i am intelligent and got a lot of knowledge about that area.
here some hints, what could be done. it's not a complete list (cause i don't make consulting for free and i already tried to post it once, but failed, so i had to retype):
*usage could be set to the bandwith of the plan. i asked that for my account. and it's easy to do for the customer service
*warn costumers: some would be willed to take the site offline for some hours...
*you could limit maximum bandwith. my site never needs a traffic of 5GB/night (connection of 1mb/s instead of 100mb/s)
for sites that want that...
*antispam and virus checking for emails:
(delete the virus, so it cannot spread! prevention)
http://www.amavis.org/
http://www.mail-abuse.org
*firewalls and intruder detection or similar (yes, web servers can still be operated)
http://www.networkice.com/
(and there are systems that have no problem to work with a high load!)
take a look at security at adult verification systems... they also try to detect hackers and block them... similar could be used for webhosts...

I believe you -Steve- are really doing a great job at tera-byte and support is great. But still i would love to see it, when you think more about security.

Thanks in advance
Greetings
Arno

PS: Hope I can give other users an idea, what could be done and perhaps also other webhosts.
Click to expand...
 
*usage could be set to the bandwith of the plan. i asked that for my account. and it's easy to do for the customer service
*warn costumers: some would be willed to take the site offline for some hours...
*you could limit maximum bandwith. my site never needs a traffic of 5GB/night (connection of 1mb/s instead of 100mb/s)
for sites that want that...
*antispam and virus checking for emails:
(delete the virus, so it cannot spread! prevention)
http://www.amavis.org/
http://www.mail-abuse.org
*firewalls and intruder detection or similar (yes, web servers can still be operated)

Arno, there are a couple of problems with some of your suggestions...

If you limit bandwidth per site, then at time, these attacks will cause your page to crawl open (to the point that your site will be more or less unuseful). A deathly slow loading site isn't much better than one taken off-line.

Anti-virus... this isn't something that is on the local machine, this is on many machines world-wide which are infected. You can't scan the world. These machines send requests out to many sites (your being one of them). Anyway...
 
You must log in or register to reply here.
Back
Top