The site for their hosting is actually
(http://www.ev1servers.net), the other site is their "consumer" site,
and mostly focuses on dial-up and limited "consumer" hosting.
From that site (at http://www.ev1servers.net/english/newservices.asp),
here's the description for the "service" that's causing the problem
1. FireSlayer(tm): DoS Protection
for Servers
FireSlayer is a combination of EV1-developed and commercially available
anti Denial of Service (DoS) technologies. When an attack is launched
against any server within our network, the Fireslayer filter
automatically allows the maximum amount of legitimate traffic through,
while rejecting the maximum amount of illegitimate traffic. This
service is currently offered AT NO COST to all customers. There is no
need to sign up. All IPs on all servers at both EV1 data centers are
automatically protected. You will be notified if your server's traffic
is being filtered, complete with graphs depicting the attack metrics
over time. Remember, there is no per-server or per-IP cost at this
time. We are providing this important service as another benefit of
being a part of the EV1 family.
Since they provide absolutely no information about how they're
determining legitimate vs. illegitimate traffic, I cannot state
authoritatively that this is where the problem lies, but all analysis
points in that direction. The most significant items are that the
problem seems to have started at roughly the same time they announced
their new "Service", and it's consistent from any given address (a
trashed router would generally be inconsistent).
Regardless of the problem, it's certainly something within the EV1
network, and not much we can do except for the PLUG member handling the
hosting to let them know and try to get them to fix the issue.
Patrick Fleming, EA wrote:
Joseph Sinclair wrote:
Alan,
It's not actually a DNS issue, it's a case of EV1 (the host for
PLUG) using a self-developed firewall solution (they boast about it on
their site quite a bit). Their solution does a LOT if IP blocking, and
it seems to include a large percentage of broadband IP's, probably
because those IP's occasionally rotate, and over 2/3 of the home
broadband users are now DDOS/SPAM zombies, so chances are that, even if
your system is secure, the previous user of your IP address got it
blocked due to acting as a DDOS/SPAM Zombie.
Alan Dayley wrote:
I did tracing myself and a couple of different sites from here to the
UK. Half of them failed including one from a web hosting company- not a
DSL connection.
I don't disagree with your assessment, but I couldn't find a
description
on their site http://www.ev1.net of this "firewall" solution. I had a
provider that had similar things happening and it was a trashed router
configuration. Bottom line, if half of the internet can't get to the
site the popularity as well as the validity of the site will slide into
oblivion. Add to that the potential to turn off people who you might
want to impress and I think there is a problem with the current setup.
My $.02