I got this email a while ago:
Quote:You are receiving this e-mail because you currently have an active VPS with us and recent events have highlighted a major security issue that could potentially impact you. You must take action now to prevent your VPS from being suspended and from incurring a re-activation fee. If you do not run a DNS server and have confirmed no such service is running on your VPS, then you can ignore the rest of this e-mail. Please double-check your VPS to make sure no DNS servers are running before ignoring this e-mail.
As some of you are aware, there was a recent Distributed Denial of Service attack against a major internet organization that was stated to be larger than any other attack in history. This attack brought to light a large issue that a lot of server owners were previously not aware of. It highlighted the danger of open DNS recursors. While I will not get into detail, you can read more about t he event and the problem here: http://blog.cloudflare.com/the-ddos-that...e-internet
The main purpose of this e-mail is to make all of our VPS clients aware of the danger and to provide a method to eliminate the chance of their VPS being used in such attacks. If you are running a DNS server, such as BIND, you could very likely be a victim of this attack. We ask that all VPS owners please login to your VPS and check to see if any DNS server is running and to ensure that you have recursion disabled for your DNS server. The most common problems are from clients who install control panels like cPanel and Kloxo but are unaware they come bundled with a DNS server.
Each DNS server and setup is different so you will need to find the correct method of disabling recursion on your DNS server.
Th e most widely used DNS server, BIND, can be fixed easily by editing the /etc/named.conf file and setting changing "recursion yes;" to "recursion no;" and restart the named service.
We have been seeing a large number of outbound DOS attacks lately from our network which is now causing network issues to all of our clients.
If you have a DNS server running and you don't need it then please remove it.
If you have one running and do need it then please disable recursion.
If you need assistance with your DNS server then please turn off your VPS and open a ticket so we can help you.
If you run a DNS service and require recursion to be enabled please contact us.
Again, we require that you take action now to prevent further network issues for all of our clients. Any VPS found participating in outbound Denial of Service attacks related to this issue will be suspended and invoiced a re-activation fee. As always, deliberate DOS attacks will result in immediate termination.
Thank you for your time and cooperation in this matter.
-The Secure Dragon Staff-
Secure Dragon LLC.
www.SecureDragon.net
And few minutes later, this is what I saw:
Quote:Hello Damian,
You are receiving this e-mail because you currently have an active VPS with us and recent events have highlighted a major security issue that could potentially impact you. You must take action now to prevent your VPS from being suspended. If you do not run a DNS server and have confirmed no such service is running on your VPS, then you can ignore the rest of this e-mail. Please double-check your VPS to make sure no DNS servers are running before ignoring this e-mail.
As some of you are aware, there was a recent Distributed Denial of Service attack against a major internet organization that was stated to be larger than any other attack in history. This attack brought to light a large issue that a lot of server owners were previously not aware of. It highlighted the danger of open DNS recursors. While I will not get into detail, you can read more about the event and the problem here: http://blog.cloudflare.com/the-ddos-that...e-internet
The main purpose of this e-mail is to make all of our VPS clients aware of the danger and to provide a method to eliminate the chance of their VPS being used in such attacks. If you are running a DNS server, such as BIND, you could very likely be a victim of this attack. We ask that all VPS owners please login to your VPS and check to see if any DNS server is running and to ensure that you have recursion disabled for your DNS server. The most common problems are from clients who install control panels like cPanel and Kloxo but are unaware they come bundled with a DNS server.
Each DNS server and setup is different so you will need to find the correct method of disabling recursion on your DNS server.
The most widely used DNS server, BIND, can be fixed easily by editing the /etc/named.conf file and setting changing "recursion yes;" to "recursion no;" and restart the named service.
If you have a DNS server running and you don't need it then please remove it.
If you have one running and do need it then please disable recursion.
If you need assistance with your DNS server then please turn off your VPS and open a ticket so we can help you.
If you run a DNS service and require recursion to be enabled please contact us.
Again, we require that you take action now to prevent further network issues for all of our clients. Any VPS found participating in outbound Denial of Service attacks related to this issue will be suspended. As always, deliberate DOS attacks will result in immediate termination.
Thank you for your time and cooperation in this matter.
-Damian Harouff
IPXcore LLC
And you read it right, it was actually sent by IPXcore...
Guess they copied and pasted too fast, LOL
zhuanyi