They have been up like this for more than 12 hours. But the thumbs don't show up

Oops was too fast, saw it loading and thought they were up.

My bad.

Soo which paysite programs are affected? I would like to put their links on backup till all is fixed for obvious reasons.

gl getting it sorted. im on a small server there but luckily dont have any big income producing sites anymore. RCN have been good over the years though, i hope they get this shit fixed.

your an idiot.

if rcn was located near brad im sure he would lend a hand not all hosting companies work like vultures.

+1 :pimp

Here's a starting place: http://serversiders.com/as46652

guys at rcn must be so stressed :\

One logical explanation is the following:

Somebody got ahold of the root ssh key, likely an ex employee or current employee.

They logged into all the machines, changed the root pass/keys or replaced the ssh server with a custom one and then systematically disabled apache/lighttpd/nginx/mysql/pgsql etc (you'll notice that the sites running apache show forbidden but the ones that were running lighttpd just time out), then they gave rcn an ultimatum, effectively holding them hostage for a calculated sum of money (somebody who knows what is at stake, again, likely an employee/ex-employee). They probably also had the insight to make sure backups were affected as this really don't seem like a heat-of-the-moment thing. This is premeditated. The servers are still online, they are still 'running' the dns is still working... nothing was 'corrupted' or trashed, RCN just doesn't have access any more, holding them in a tight position as the servers are spread out in multiple locations and they don't have anyone 'infront' of them to use the console or do mass operating system re-installs+backup recoveries.

This is the only situation that really makes sense, there is NO gain to be made from hacking RCN and deleting everything. There is always motive involved, almost always monetary. As such, I assume somebody is doing this for financial gain and they are likely holding it hostage until they get the money, which if it is a wire, would be quite a few days. :\ I know of a registrar that was in a very similar situation recently. This registrar was being ddosed by a disgruntled ex-customer who had their domains deleted or blocked and they basically kept ddossing the domain servers until the registrar finally gave in.

I really don't want this to turn into an epass drama thread/situation and incite pandemonium or mass exodus, but this is really the most probable situation as it stands now.

:2 cents:

Well, isn't this what you are doing right now? :winkwink:

A DDOS is clearly not what's happening here and is a TOTALLY different situation.

No one is holding anything hostage. A common phrase in the networking world is there's no security without physical security. In other words, if you can access a box, you can't lock someone out of it. A company hosting as many large sites as RCN has physical access to the machine, either personally, or through their data center. You can reset the root password of a box in 5 minutes if you can actually get to it. So unless you're implying that their data centers are literally being held hostage, IE: with guns, then your just fear mongering.

Also, anger and revenge are plenty of motive. In fact, their some of the best motives and pretty damn common. It's definitely possible (even likely) that the hacker is a current or ex employee, though.

Because... ? Dude you can do better then that can't you, elaborate on it.

Mike

many big sites are still down, that really sucks :Oh crap

Last news from them:

"We are still in progress on restoring data and connectivity, we'll update you with more details as soon as possible."

:disgust

If they could just boot into a shell and reset the root password for all the boxes in only 5 minutes then we'd be out of this already, wouldn't we?

I would be very surprised to see if this wasn't about money, somewhere along the line of motives.

Also, just to clarify, I wasn't implying that this was due to a ddos, just that the same effect would be achieved, a controllable lapse of service that somebody could use as leverage. Anyway, sure would be good to get a proper update with some details to put some worries to rest.

Hmmm... Well, traffic on my biggest tube (legal, of course) increased by 7k overnight. Plus I'm making some mad sales during the last 1 1/2 days. And I hear the same from other webmasters and program owners.

Might just be a coincidence, but I definitely see some motives here. :winkwink:

I wonder when someone will claim responsibility.

These sites have been down for a while, but seriously, you'd expect RCN to be able to put a short explanation on their website which is now just 403 Forbidden.

I wonder if some security guys will be looking for a new job Monday ?

My traffic incrased, too.

with sales and traffic up i wouldnt mind xvideos staying down
screw them

"I get up, I get downnnnnn..."

Still nothing other than canned responses from them this morning:

"We are doing our best to restore as fast a possible"

"We are creating processes to streamline reinstalls/backup restores"


:Oh crap

yep traffic to my legal tubes went up, sales are the same.

:thumbsup :thumbsup

However, I still feel for the legit people hosting with them, such as vidz.com or RevengeBucks. Good luck getting your sites up again asap - I still remember how I felt when I had a day downtime about a year ago.

this is ridiculous

rcn will send out official mail soon, they said

new update:

damn i hope they keep their employees happier from now on, throw a bigger xmas party or something.

Wonder what the rogue employee was mad about.

Well, maybe there were just a few people, not liking some of the sites hosted at RCN that much, who made him an offer he couldn't refuse :2 cents:

maybe it's just a lame excuse, you'll never know if it was really an ex-employee

I hope this ex-employee gets put in jail for a long time

good news :) hopefully the tubes like xnxx etc dont have any backups , look at your stats yesterday and today :) fucking unbelievable . i saw the same numbers about a year ago . thats perfect , the guy who made it is a REAL MAN.

seems like a lot of increased sales reports ...

I don't see what's all the fuss is about. The few tubes that went down don't even hold the top google positions.

Why don't you bitch about pornhub.com, redtube.com, youporn.com, tube8.com? These are the biggest and hold top 10 google spots.

Hopefully will be shut down soon too

Maybe it's time to start looking for a rogue ex employee at their hosting?

If xnxx or xvideos went down surfers know there are 10 other tubes to visit. I wouldn't look to deep into this.

i wouldnt hold the breath..

Most people I know are unaware of tubes, until I show them whats available for free. And xvideos was the #55 site in the world, and accounts for 1.5% of all internet traffic. I'm not sure what percentage of all internet traffic is porn related, but if we imagine it's 20% then xvideos would account for 7.5% or all porn traffic. That in itself is a sizeable amount of surfers who are forced to go back to the search engines looking for porn, if they don't know of any other tubes - which is bound to impact sales (especially if you rate highly for some good keywords)

I never tire of the simple irony that usually comes from "your an idiot" posts. :1orglaugh

Seriously...I hope they say who it is so we can personally sue him.

could it be this kid?

I don't know if it related to this but the traffic to my sites has increased a lot in these past two days.

hope there is an update soon...

please post if your server has been fully restored...thanks!

Interesting,apparently 4chan competitor is hosting as well there.

hahahha
someone called him out on it, now he might have too.