Hello,

Im sure i post this for all italians vBulletin customers(and guests) using a DSL connection: we r unable to reach any vbulletin.com urls... This seems a datacenter problem, but im not sure, it may be a problem on a router outside.

Im not talking about a DSL of a specify company, but it s a problem of ANY italian DSL of ANY company, and this problem goes on since 1 month ago(or maybe more than 1month)...


To downloaded the vB3 RC1 i used my old 56k... -_-


can u fix this? r u current about this problem?



tracert to www.vbulletin.com
1 3 ms 3 ms 3 ms 192.168.0.1
2 22 ms 22 ms 28 ms host254-91.pool8174.interbusiness.it [81.74.91.254]
3 19 ms 19 ms 18 ms r-ts20-vl11.opb.interbusiness.it [195.31.14.200]

4 27 ms 27 ms 27 ms host185-8.pool8020.interbusiness.it [80.20.8.185]
5 30 ms 28 ms 28 ms r-mi223-vl3.opb.interbusiness.it [151.99.75.149]

6 47 ms 47 ms 60 ms mil14-ibs-resid-2-it.seabone.net [195.22.196.189]
7 110 ms 136 ms 71 ms lon7-lon1-racc1.lon.seabone.net [195.22.209.98]

8 79 ms 73 ms 85 ms iar2-so-2-1-0.Thamesside.cw.net [166.63.214.169]

9 70 ms 118 ms 69 ms bcr1.Thamesside.cw.net [166.63.210.61]
10 189 ms 190 ms 189 ms acr1.Denver.cw.net [208.172.162.61]
11 * * * No Response.

Your ip was probably blocked during the current and ongoing dDoS attacks. Please email support@vbulletin.com with your ip and customer number and it should be sorted out soon.

isnt only MY ip... ALL italian DSL ppl have this problem...


this s a global italian dsl problem, not only mine


-no kiddin-

Ok... then a large number of ips have been banned that are used by that DSL company. Users that are blocked and cannot access should do what I said to access again.

lol, so vB banned all italian IPs, nice move -_-

in Italy the 98% of internet surfer uses DSL with dynamic IPs from the Italian Telecom Company, so after any disconnection we change IP. Only few lucky ppl can have T3(not Telecom IPs) with static IP..


So pls make a solution, s ridicol that always we reconnect, we need to ask to deban our new IPs


thx

If you would just do as Dan suggested we could help you.

No it just happened that most of the ips where located in the range of ips the dDoSers uses to attack the server. They didn't ban Just italian ips. The banned quite a few of ips that are outside of Italy.

If you would just do as Dan suggested we could help you.



..... and how can i know the IP of my next reconnect?



if you tell me the IP of my next connection i can do it ....

LOL


r u j/k guys? this s simply ridicolous

I am trying to help you, and I believe I can help you if you would just do what we've asked. Otherwise there is nothing we can do.

..... and how can i know the IP of my next reconnect?



if you tell me the IP of my next connection i can do it ....

LOL


r u j/k guys? this s simply ridicolousWhen you reconnect, do you get a similiar IP?

For example, before reconnecting you have the ip 123.45.67.89, and after reconnecting you have the ip 123.45.67.78, meaning the first part stays the same (123.45.67.xx). If so, then try giving vBulletin the first part that stays the same. They might be able to help you with that (although I'm not sure).

I am trying to help you, and I believe I can help you if you would just do what we've asked. Otherwise there is nothing we can do.
What about a refund? This is totally unacceptable...

What about a refund? This is totally unacceptable...
i hope you are joking nuno.

if u give me an adress i'll mail u my officeIP.
BUT there is still a little problem, probably you are not willed to understand:

a) in italy for DSL fix IP doesn't excist, this means on every connection u get a random IP out of a large number. Understood? Noway to predict the IP of the next connection.

b) I'm a customer and paid several $ for your service, i'm connected with a stupid 56k modem, obviously paying extra traffic, to help YOU to fix a problem.


This is not MY problem... I paid VB for all updates and future versions --> it'd be nice giving me support and access to the server, i don't think other ppl like seeing that it may happen that VB just bans their IP...


King Regards



p.s: turn on your mind before typing the next answer

What about a refund? This is totally unacceptable...
This is exactly what the attacker wants. However if you no longer want to run vB and wish a refund, please send your request to support@vbulletin.com.

Papino, I understand perfectly. Once again I AM trying to help and I believe I can help, but you will need to contact us. I do not want to post too much information publicly because frankly our attacker reads these forums.

send me your contactinformations through mail



ANYWAYS maybe this can fix my problem(for this mine connection of tonight) BUT this wont fix the italian problem, do you understand that no italian will be able to buy vb products/get support in the future?

Yes, as I said I understand. Please send your request and current IP address to support@vbulletin.com.

Also please note that we ARE doing everything in our power to stop this. Believe me, we do not like this situation any more than you do. In fact I am confident that I like it a lot less than you. However DDoS attacks are almost impossible to stop without throwing a lot of very expensive hardware at the problem.

I'd guess it wouldn't be practical for you to switch hosting companies now, but Rackspace has a pretty good DDoS mitigation service called Preventier; from what I've heard it does work.

If it's not impossible to switch servers, that might be a decent alternative.

Yes, as I said I understand. Please send your request and current IP address to support@vbulletin.com.

Also please note that we ARE doing everything in our power to stop this. Believe me, we do not like this situation any more than you do. In fact I am confident that I like it a lot less than you. However DDoS attacks are almost impossible to stop without throwing a lot of very expensive hardware at the problem.

If I had the kind of money I suspect Jelsoft does, I would be tempted to say "go the expensive hardware route and **** the ****ing ****er and his ****ing demands."

This is exactly what the attacker wants. However if you no longer want to run vB and wish a refund, please send your request to support@vbulletin.com.
How much longer are we supposed to wait?

If I had the kind of money I suspect Jelsoft does, I would be tempted to say "go the expensive hardware route and **** the ****ing ****er and his ****ing demands."
Now that's the idea!!!!

My satellite IP is also currently blocked, but I was given help when I emailed support@vbulletin.com

I'm still wondering what the attackers could want so badly from vBulletin to continually administer these attacks. Do they want a free copy? Do they want vB to be free to all?

If you can't afford it, use something else... you are paying for all the hard work that went into this software, and THAT is why it is the best forum/discussion board software on the market. So get over it, they (vB Team) ARE NOT going to meet your stupid demands, whatever they are, so why don't you just give it up?

If you spent the same amount of time at a job @ minimum wage as you did attacking the vB sites you could afford your own copy. ($5 bucks an hour for argument sake), if you work for 20 hours, you can afford the "leased license" version, and after a week (40 hours) you could afford the "full license". So get a job and buy your own damn copy!

How much longer are we supposed to wait?I'm not sure what you are asking. As I said we are doing everything within our power to fight this. If this situation is unacceptable to you then write us requesting a refund.

I'm not sure what you are asking. As I said we are doing everything within our power to fight this. If this situation is unacceptable to you then write us requesting a refund.
Steve, you must have misunderstood my reply... the last portion (quoted below) was directed towards the attacker/attackers... not at vB or its staff in any way... the product and service is great.....


If you can't afford it, use something else... you are paying for all the hard work that went into this software, and THAT is why it is the best forum/discussion board software on the market. So get over it, they (vB Team) ARE NOT going to meet your stupid demands, whatever they are, so why don't you just give it up?

If you spent the same amount of time at a job @ minimum wage as you did attacking the vB sites you could afford your own copy. ($5 bucks an hour for argument sake), if you work for 20 hours, you can afford the "leased license" version, and after a week (40 hours) you could afford the "full license". So get a job and buy your own damn copy!


I was merely venting. :)

Just email support@vbulletin.com it works even if you can’t access the webpage. They got back to me with in 2min of me sending them my info. If you are being blocked they have some important information they can’t share here publicly.

So you can either email them and find the solution or keep posting here complaining and not find a solution.

If people would just learn how to secure their windows servers vbulletin wouldn’t have over 1000 zombie machines attacking their server(s). From what I understand from reading all the threads is that they are compromised windows servers now acting as zombies and the attacker has a very large pool of them. Now are these machines in datacenters across the world or are they home systems that are compromised that have broadband connections?

Edit idea:

Would be neat if possible if a script could be written to take the IP of all the Verified Lic. users in your vbulletin database and add them to an exception list to your blocking script.

Steve, you must have misunderstood my reply...My response was to nuno's post, not yours. We were writing our posts at the same time. I've edited my post to make this more clear.

Edit idea:

Would be neat if possible if a script could be written to take the IP of all the Verified Lic. users in your vbulletin database and add them to an exception list to your blocking script.
But how many license holders use the same IP address thier site is hosted on to surf the internet? I have 2 dedicated servers for my sites hosted in a data center elsewhere, and a broadband satellite connection at home for my internet connection...

Steve,

Sorry about the mix-up... I thought you were referring to my post, and I was hoping it wasn't taken the wrong way! you guys do a great job, and I'm proud to be a recent addition to your vB license holders! :) You can delete the un-needed post of mine if you like since it's all clear now. :D

i hope you are joking nuno.
Who, moi? No, I'm dead serious. This is not acceptable in any way...

This is not acceptable in any way...ROFL tell that to the attacker(s)

vBulletins only alternative would be not to block the IPs and have the server down for every one. The way they have it now allows atleast most of there users to access the site.

But how many license holders use the same IP address thier site is hosted on to surf the internet? I have 2 dedicated servers for my sites hosted in a data center elsewhere, and a broadband satellite connection at home for my internet connection...NO, I said the vbulletin user database (this forum database) witch records your IP every time you have visited/use this forum. Since this forum knows who has a valid lic or not they could just use those IPs for an exception list. I'm not talking about the database they use to hold what webpage goes with what lic. It wouldnt be a total solution but would fix it for many.

<insert brain-fart>Gotcha... :) mis-understood.. </brain-fart>

NO, I said the vbulletin user database (this forum database) witch records your IP every time you have visited/use this forum. Since this forum knows who has a valid lic or not they could just use those IPs for an exception list. I'm not talking about the database they use to hold what webpage goes with what lic. It wouldnt be a total solution but would fix it for many.
Well, what if the attacker has a valid license? Your idea is a good way to bring sales to a complete halt. Right now, I suppose, they're only slowed.

Papino - Your IP won't change if your DSL modem stays plugged in.

Nuno - Do you have a solution to the problem?

Papino - Your IP won't change if your DSL modem stays plugged in.


wow! wonderful! i really never known this!! -_-




is this a solution? i connect every day from many different places with different connection, with different pc, and lol? i cant turn off my pc coz if i reconnect when my ip changes i couldnt see vb.com again?... is this a solution???

turn on mind pls,i hope vb staffer takes serious decision about this HUGE italian(and not only italian) problem, it s a scandal!

Can you pm me the IP thats blocked and an idea of the ranges.

We have a few large A class ranges that should be defined more.
24.0.0.0/8
203.0.0.0/8
210.0.0.0/8
211.0.0.0/8

Have complete blocks, the rest are all a mixture of B and C class ranges.

Well, what if the attacker has a valid license? Your idea is a good way to bring sales to a complete halt. Right now, I suppose, they're only slowed.It was a suggestion Beorn, lighten up. Even if the attacker had a valid lic. he could only attack via that one IP the 1000 zombie machines still could not attack and vBulletin could quickly plug the hole.

all ppl i know(from north to sud italy) cant reach vb.com urls. In Italy there are many different DSL companies, but all companies buy band by the Italian Telecom Company so all italian DSL IPs could be from 60.xxx.xxx.xxx to 220.xxx.xxx.xxx.xxx. So it is impossible to stablish which ip ill have in my next reconnect... understand? if u ban ips like from 80.xxx.xxx.xxx to 81.xxx.xxx.xxx(the most populars) u could ban all any italian DSL user randomly...


i hope this can help vb staff to resolve this huge scandal, coz in italy many vb customers dont know vb3 rc1 or other updates/forum support, and this snt correct coz we pay this service like all others vb costumers...

Just do what they said and we won't have to continue this they have more than one way to solve this problem.

Please keep in mind the current blocks are temporary and we have a temporary solution for those that need access. We are looking for more permanent solutions but fighting a determined and morally deficient attacker is not an easy or cheap proposition.

I'm browsing Via A proxy atm(A Protected and Private Proxy i host). looking for a fix (if one exist) for a slight problem. and I have emailed Support for said fix(browsing fix, not to confuse myself.).

Hey I understand completly what vBull is going through, and understand why they did what they did. No complaints from me.

Good luck guys.

all ppl i know(from north to sud italy) cant reach vb.com urls. In Italy there are many different DSL companies, but all companies buy band by the Italian Telecom Company so all italian DSL IPs could be from 60.xxx.xxx.xxx to 220.xxx.xxx.xxx.xxx. So it is impossible to stablish which ip ill have in my next reconnect... understand? if u ban ips like from 80.xxx.xxx.xxx to 81.xxx.xxx.xxx(the most populars) u could ban all any italian DSL user randomly...


i hope this can help vb staff to resolve this huge scandal, coz in italy many vb customers dont know vb3 rc1 or other updates/forum support, and this snt correct coz we pay this service like all others vb costumers...
Whole ip rangers where blocked because many zombie machines are sending attacks from all over. I recomend the use of a proxy server at this time, this will allow you access to the site altho it may be a bit slow.

Jelsoft is doing everything within their power to get these attacks to stop, to allow most of their customers to the site they had to block the ip ranges the attacks are coming from, if they did'nt no one would be able to get to vBulletin.com. These sort of attacks are very hard to track down to the orgin, and even if you do manage the attacker could very well be 'outside' of the law (in some country that will let him do this at his own will).

i hope this is REALLY a temporary solution, coz my DSL ips r locked sice november -_-


anyways GL

I'm from Italian and i've got the same Papino's problem too. With vB staff we have fixed my problem but i hope it's a temporary solution...

So Good Job for now, and Good Luck for the future. ;)