The site for their hosting is actually (http://www.ev1servers.net), the other site is their "consumer" site, and mostly focuses on dial-up and limited "consumer" hosting. From that site (at http://www.ev1servers.net/english/newservices.asp), here's the description for the "service" that's causing the problem *1. FireSlayer(tm): DoS Protection for Servers* FireSlayer is a combination of EV1-developed and commercially available anti Denial of Service (DoS) technologies. When an attack is launched against any server within our network, the Fireslayer filter automatically allows the maximum amount of legitimate traffic through, while rejecting the maximum amount of illegitimate traffic. This service is currently offered AT NO COST to all customers. There is no need to sign up. All IPs on all servers at both EV1 data centers are automatically protected. You will be notified if your server's traffic is being filtered, complete with graphs depicting the attack metrics over time. Remember, there is no per-server or per-IP cost at this time. We are providing this important service as another benefit of being a part of the EV1 family. Since they provide absolutely no information about how they're determining legitimate vs. illegitimate traffic, I cannot state authoritatively that this is where the problem lies, but all analysis points in that direction. The most significant items are that the problem seems to have started at roughly the same time they announced their new "Service", and it's consistent from any given address (a trashed router would generally be inconsistent). Regardless of the problem, it's certainly something within the EV1 network, and not much we can do except for the PLUG member handling the hosting to let them know and try to get them to fix the issue. Patrick Fleming, EA wrote: > > > Joseph Sinclair wrote: > >> Alan, >> It's not actually a DNS issue, it's a case of EV1 (the host for >> PLUG) using a self-developed firewall solution (they boast about it on >> their site quite a bit). Their solution does a LOT if IP blocking, and >> it seems to include a large percentage of broadband IP's, probably >> because those IP's occasionally rotate, and over 2/3 of the home >> broadband users are now DDOS/SPAM zombies, so chances are that, even if >> your system is secure, the previous user of your IP address got it >> blocked due to acting as a DDOS/SPAM Zombie. >> >> Alan Dayley wrote: >> >> > > I did tracing myself and a couple of different sites from here to the > UK. Half of them failed including one from a web hosting company- not a > DSL connection. > I don't disagree with your assessment, but I couldn't find a description > on their site http://www.ev1.net of this "firewall" solution. I had a > provider that had similar things happening and it was a trashed router > configuration. Bottom line, if half of the internet can't get to the > site the popularity as well as the validity of the site will slide into > oblivion. Add to that the potential to turn off people who you might > want to impress and I think there is a problem with the current setup. > > My $.02