1and1

view: topics text

1and1 - open discussion forum. Share information with other users.

If this forum gets busy please nominate it for an upgrade to a fully-fledged forum by contacting the mods listed in the header.

Latest reviews for 1and1:

AVOID_1AND1 @bc.ca	AVOID 1AND1 THIS COMPANY HAS THE WORST CUSTOMER SERVICE. I CANT STRESS HOW BAD THIS COMPANY IS. JUST YESTERDAY THEY DELETED MY DEDICATED SERVER, YES, THE DELETED MY DEDICATED SERVER AND THEY HAD THE DECENCY TO SAY THAT THEY DONT KNOW WHY IT HAPPENED AND HOW IT HAPPENED AND THAT THEY DONT HAVE A BACKUP..........
	permalink · 2009-08-07 17:09:13 · ·

not1and1

@sky.com

1and1 have no security at all!

I had around 10000 entries in my logwatch report this morning showing a brute force break in attempt from a server within 1and1's network.

I sent them an email with the relevant log entries requesting they investigate. I got no response so after several hours I called them. The forst man I spoke to told me the security department was closed and he couldn't help. That's right, 1and1's security department closes for the weekend!

I called again to give them a second chance and the next man I spoke to, Josep, was at least a little bit proactive and asked me for the IP address in question. He looked it up and advised me that they are aware of the activity on that server and that the server, as a result, is scheduled for termination on the 3rd of July. That's a week away! They are aware the server is either compromised or is administered by hackers yet they are doing nothing for a week! Since there is no site hosted on the server and they have already made the decision to terminate it, it seems most likely it is actually administered by hackers.

The most worrying thing is that if these hackers have gone to the expense of renting a dedicated server they are probably monetizing the hacking, possibly though credit card fraud, phishing or some other type of profit making hacking and still 1and1 have chosen to do nothing despite the fact that they are aware.

As a result I have submitted my logs to every major DNS blackhole list in the world. I am also a sync user of DenyHost and have manually updated my deny list to reflect every IP in the hands of 1and1 so come tomorrow morning at least 70,000 servers worldwide should be denying access to every 1and1 IP address.

For server admins this means yet another, huge, safe haven for hackers, for 1and1 customers it means you need some serious backup arrangements, there network security is flawed, if not non-existent.

permalink · 2010-06-26 14:22:18 · Print ·

msewing

join:2004-10-10
Branford, CT

Reviews:

·AT&T U-Verse

·1and1

Re: 1and1 have no security at all!

Thanks for trying to sink my 1and1 account - along with every other 1and1 customer. :-(

Your story is worrying, and it is possible that 1and1 is not acting quickly enough to take care of a rogue server. I wouldn't rely on the word of a Tier 1 support person though.

The real problem is that you or I have trouble reaching a competent security person when there's an urgent situation. Companies really don't like to share potentially negative information with anyone.

I think it's a fact of life that a $10/month user (like me) can't expect much handholding. You would be right that you're reporting a possibly critical service problem affecting everybody. But still they would probably weigh their internal security process (whatever that is!) much more heavily than a report from a peon like me. (Don't know about you!)

I just posted a favorable review of 1and1 on dslreports. Personally, I've had zero problems across ~15 domains for a number of years. Maybe just lucky...

permalink · 2010-08-02 23:17:40 · Print ·

your comment..

Forums > Company Forums » Companies beginning with 1 » 1and1

Friday, 25-May 22:33:30

Terms of Use & Privacy | feedback | contact | Hosting by nac.net - DSL,Hosting & Co-lo
over 12.5 years online © 1999-2012 dslreports.com.

Company Forums » Companies beginning with 1 » 1and1

AVOID 1AND1

1and1 have no security at all!

Re: 1and1 have no security at all!