GoDaddy takes down entire datacenter over phishing script

Discussion in 'The Lounge - Off Topic' started by ffreeloader, Jan 15, 2006.

  1. ffreeloader

    ffreeloader Terabyte Poster

    3,661
    106
    167
    Godaddy took down the entire network of hundreds of servers belonging to nectartech.com because one client on the offending domain had been hacked and was running a phishing script. Godadday informed nectartech that there was a problem, nectartech informed the customer, the customer thought he had the problem cleaned up but the hacker got back in through a backdoor and restarted the script so godaddy took down the entire datacenter with no further warning. They then left it like that with no way to contact the appropriate people to turn things back on.

    Here is a thread discussing the subject with recorded phone calls with godaddy technical reps.
     
    Certifications: MCSE, MCDBA, CCNA, A+
    WIP: LPIC 1
  2. Bluerinse
    Honorary Member

    Bluerinse Exabyte Poster

    8,878
    181
    256
    Wow Freddy, I think I clicked on this thread about an hour and a half ago and I have only just finished reading and listening to it :eek:

    Very amusing phone calls from Mark. The guy is clearly a head case that is hell bent on causing conflict and argument with customer support personal, even when he is in the right, he comes away as the loser. He wasn't even an employee of the affected company, just a friend brought in to try and shake them up with arrogant persistence.

    Personally I gleaned not to trust Go Daddy, they don't seem to take into account that the customer is always right 8)
     
    Certifications: C&G Electronics - MCSA (W2K) MCSE (W2K)
  3. Luddym

    Luddym Megabyte Poster

    797
    19
    74
    OMG,

    What is wrong with Marc. :blink

    Why on earth was he so abusive and thickheaded on the second call?

    He was told by the very polite chappie within about 3 minutes, what he had to do to get things back up and running, but no, Marc wanted to argue with him for another ten minutes about how important it is that this gets fixed, instead of following the procedures. :dry

    Talk about a Call Centres worst nightmare.
     
    Certifications: VCP,A+, N+, MCSA, MCSE
    WIP: Christmas Drunkard
  4. Modey

    Modey Terabyte Poster

    2,397
    99
    154
    Yeah a few people were defending this Marc saying what he said was fine etc.. but I disagree. I only listened to the 2nd call (and skipped bits because it was getting repetetive) but this guy is really the wrong person to phone up. I thought the guy who took the call remained calm and was trying to get him to follow procedure which Marc clearly wasn't interested in.

    I haven't heard of Godaddy but it does sound like they are to be avoided from all the other stories mentioned, but even so these nectartech.com guys sound like they have been very un-professional with dealing with the situation so I guess they reap what they sow.
     
    Certifications: A+, N+, MCP, MCDST, MCSA 2K3, MCTS, MOS, MTA, MCT, MCITP:EDST7, MCSA W7, Citrix CCA, ITIL Foundation
    WIP: Nada
  5. ffreeloader

    ffreeloader Terabyte Poster

    3,661
    106
    167

    I don't know what all went on in this story, but it's seems clear there is more there than meets the eye. However, if I was Mark I may very well have been more than a little irate. That an entire hosting company's network was taken down when all that really needed to happen was one subdomain needed to be taken down was extreme overkill on Godaddy's part. That's killing a fly with a bazooka. That Godaddy then had no one to contact after working hours in the abuse department, would tell someone to call the president of the company and then refuse to give the contact information out, is more than a little unreasonable in my estimation.

    Whether or not Mark was a part of the nectartech or not is irrelevant. He was brought in to do deal with the situation. If the business I was affiliated with had their entire way of doing business taken away from them by someone I would be very persistant and very demanding.

    Godaddy did this on a Friday afternoon knowing that no one would be available to deal with the problem for the entire weekend. Why? They knowingly caused a loss of an incredible amount of income and business to the entity they did this to. They also damaged nectartech's business reputation greatly, and it was done deliberately. They could have waited until Monday or even done the deed early enough in the day to not cause a major disruption because someone would be available to deal with aftermath. As it was they waited until 2 days after the problem was fixed to shut down nectartech. Why?

    Going down for an entire weekend for a hosting business is pretty much like the kiss of death. So, who here can tell me if this was done to their hosting business, or to a business they were affiliated with, that they would not have been very angry? If someone waited until two days after the problem in question was fixed to shut me down for an entire weekend I'd have gone ballistic on them.... I would have very definitely been out for blood, and with good cause....

    I thought Marc was actually pretty constrained under the circumstances....
     
    Certifications: MCSE, MCDBA, CCNA, A+
    WIP: LPIC 1
  6. binbox

    binbox Nibble Poster

    80
    2
    15
    GoDaddy have been under pressure at the moment by various media companies within the US to shut down alot of the sites parked with them as they are BitTorrent directories. But apparently there are more than 1000 torrent sites parked so god knows how they'll sort this one out. I'll try and find the link to the story and post it later.
     
    WIP: A+ N+ SECURITY+ SERVER+
  7. Luddym

    Luddym Megabyte Poster

    797
    19
    74
    Being irrate, and wanting to get the problem sorted is one thing, but not being willing to follow the instructions given to srt the problem is quite another.

    Yes, Godaddy may have been in the wrong for going overkill, but the point is they did, and the problem needed to be sorted. The 2nd GoDaddy representative was polite and calm, and told Marc what he had to do, but Marc did not WANT to do what was required of him.

    At the end of the day, If you have a problem, be it if you should have the problem, or not, you need to get it sorted. Antagonising GoDaddy staff when you should be following the set procedures, will never help.
     
    Certifications: VCP,A+, N+, MCSA, MCSE
    WIP: Christmas Drunkard
  8. ffreeloader

    ffreeloader Terabyte Poster

    3,661
    106
    167
    Well, let's give you a scenario and see if you want to find a way around my "solution" to the problem I've created for you.

    I just shut down the company that both hosts your web site, and that you do work for. I did it late on Friday afternoon and then went home for the weekend. When you call to find a way around the problem I've created for you, you are told that you just have to sit and wait until Monday morning when the employee who can fix your problem will be back or that you can call me personally, but my employees refuse to give you my contact information and the contact information for my employee who could fix the problem.

    Are you going to just meekly say, OK. I'll wait until Monday morning and then fix the problem. Or, are you going to find a way to get around the 48 hour shutdown I've just capricously imposed upon you? Remember, I just shut you down for a problem you fixed 48 hours earlier and had emailed my company a couple of times to tell us the problem was fixed.

    Are you going to be willing to just sit on your hands for the entire weekend after you make one contact and just follow my inadequate procedures or are you going to make mulitple attempts to try to pressure my employees into doing something about this problem?

    You're probably losing several thousand dollars of income every hour the 1500 domains your company hosts are down, your customers are transferring their domains elsewhere, and you're going to be down for 48 hours....

    What are you going to do? Sit on your hands?
     
    Certifications: MCSE, MCDBA, CCNA, A+
    WIP: LPIC 1
  9. Bluerinse
    Honorary Member

    Bluerinse Exabyte Poster

    8,878
    181
    256
    I agree with Freddy, there are times when you need to make it clear that you are angry and frustrated being polite and friendly does not always work.

    Unfortuantely, in this scenario, Marc doesn't do a great job of communicating the reason for his anguish. He just keeps repeating "you have taken our entire data centre down" whereas IMHO he should be saying this is costing us x amount per hour and we are holding you responsible for our losses. I would urge you to escalate this immediatly because time is of the essence and waiting 2 days is unacceptable etc.

    I don't think Marc kept control over the situation and his Mr Angry style doesn't seem to work well for him. I don't know whether you listened to some of the other audio files that were linked to in that thread Freddy but from what I heard he makes a habit out of recording his ranting calls and posting those recordings on his web site. He adopts the same stance with all it seems, won't listen, won't stop repeating the same thing over and over. He is a bit of a nut for sure :eek:
     
    Certifications: C&G Electronics - MCSA (W2K) MCSE (W2K)
  10. Luddym

    Luddym Megabyte Poster

    797
    19
    74
    I do understand where you are coming from Freeloader. I really do. I mean, yes, you would kick up a stink you shut down my website etc, then refused to reinstate it until an unacceptable ammount of time.

    But . . . with the second call Marc made, he had an E-Mail waiting for him, in which he had the details in which, if he followed, would resolve his problem.

    Now I obviously don't know how long it would take for the problem to have been fixed after this, but then again, neither did Marc. When the GoDaddy rep told him about the E-Mail, Marc just didn't seem interested at all, and had indeed recieved it and seemingly ignored it.

    Don't get me wrong, I know Godaddy were in the wrong for what they did, but surely you don't ignore what they say when they are 'just waiting' for something 'in writing' so they can resolve the problem. If I it were me, I would get the situation resolved, then demand compensation.

    Did anyone else listen to the Paypal call done by Marc? Honestly, he did something to break the terms of agreement, (which he somehow manages to keep a secret from the listener) then phones them up and makes all sorts of spurious demands.

    Not exactly the way to get things done.
     
    Certifications: VCP,A+, N+, MCSA, MCSE
    WIP: Christmas Drunkard
  11. Bluerinse
    Honorary Member

    Bluerinse Exabyte Poster

    8,878
    181
    256
    Yes but this email came from the abuse department and he was being asked to reply to it. The abuse department only work from 9-5 weekdays, hence replying would not have resolved his problem in an acceptable time period.

    This is why he was angry but he did not make it very clear.
     
    Certifications: C&G Electronics - MCSA (W2K) MCSE (W2K)
  12. ffreeloader

    ffreeloader Terabyte Poster

    3,661
    106
    167
    Well, I must have missed something. I never had an idea from the two conversations I listened to that Godaddy's abuse department had ever been involved other than to shut down nectartech. It was my understanding that the technical side just referred nectartech to a closed-for-the-weekend abuse department and that all abuse department employees were completely unavailable until after the weekend was over.

    If nectartech ignored email saying that a fix was immediately available, and nectartech ignored that, then the further pushiness was out of order. I have a hard time believing that one though. Why ignore an immediate solution when all I ever heard were requests for an immediate solution?

    Someone will have to point me to the evidence that an immediate solution existed and that nectartech refused to avail themselves of that immediate solution. All I heard from Godaddy technical employees was that the ability to fix the dns problem resided exclusively in the closed-for-the-weekend abuse department's hands, or in the hands of their company president whom they were not about to contact nor let nectartech contact.

    I have a feeling that the email that existed said that the abuse department needed something in writing and that they would be back in on Monday. Otherwise, why ignore it?

    But, as I said, there's more to this entire problem than meets the eye. Does nectartech host a lot of bittorrent sites and Godaddy wants to force them out? Is there pre-existing bad blood there?
     
    Certifications: MCSE, MCDBA, CCNA, A+
    WIP: LPIC 1
  13. Luddym

    Luddym Megabyte Poster

    797
    19
    74
    I think the whole thing is as clear as Mud. :D
     
    Certifications: VCP,A+, N+, MCSA, MCSE
    WIP: Christmas Drunkard
  14. Modey

    Modey Terabyte Poster

    2,397
    99
    154
    I don't think anyone here thinks Godaddy are in the clear completely etc.... sounds like they operate a pretty unproffessional system if you can effectively shut someones business down on a Friday and sit on your arse till Monday etc...

    But I think most of us agree that this Marc guy is pretty awful at communicating and really took the wrong stance, especially with the 2nd call.

    The fact he does this kind of thing on a regular basis and uses the same style starts to reveal things about him. Like he obviously thinks he's great at this kind of thing if he's publicising the various calls he makes.

    I know I wouldn't want him representing anyone I work for in a million years.
     
    Certifications: A+, N+, MCP, MCDST, MCSA 2K3, MCTS, MOS, MTA, MCT, MCITP:EDST7, MCSA W7, Citrix CCA, ITIL Foundation
    WIP: Nada

Share This Page

Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.