| | | Effective PR

OVH Cloud Services Provider : here's your abuse report

CoNet Administrator

OVH is a cloud services provider. They ask that we write to them, via a form on their website, to report abuse. We did. Their system didn't work.

So here we are.

Dear OVH: You read it here first. Because your reporting system is broken and people are using your IP addresses to hammer our servers. Stop it.

They say "As part of our fight against Abuse, OVH has set up an international team of experts who respond daily to reports of abuse on behalf of the whole group. This team, which is based in France and Canada, deals everyday with all reports of illegal conduct on the OVH network, and they aim to do so in the shortest possible time. To facilitate our work, and due to the international nature of our team, we ask that you provide your reports in English so that they can be understood and dealt with effectively by our team. "

We did.

This was the result:

Genius: fail and try to sell to us. ,,

These IP addresses are roaming around our site at www.pleasebeinformed.com looking for a "tip a friend" function that was available in a previous version of the site and which was under sustained attack by spammers.

We also have repeated reports of "Trying to run cron while it is already running" that are triggered by

We have a number of reports similar to the following: 404 publications/bankinginsurancesecuritiescomlayout/set/dialog/content/browse/2558 . There is no /browse subdirectory and no /layout directory. Many of the hits from these IP addresses have apparently random four digits at the end. We do not use any such structure.

We suspect that these activities attack via www.bankinginsurancesecurities... which is the name of the previous site and now points to a directory in pleasebeinformed.com.

Please ascertain what IP addresses are launching these attacks and disable the users.


Nigel Morris-Cotterill
inter alia: Author "Cleaning up the 'net"