The site for their hosting is actually (
http://www.ev1servers.net), the
other site is their "consumer" site, and mostly focuses on dial-up and
limited "consumer" hosting.
From that site (at
http://www.ev1servers.net/english/newservices.asp),
here's the description for the "service" that's causing the problem
*1. FireSlayer(tm): DoS Protection for Servers*
FireSlayer is a combination of EV1-developed and commercially
available anti Denial of Service (DoS) technologies. When an attack
is launched against any server within our network, the Fireslayer
filter automatically allows the maximum amount of legitimate traffic
through, while rejecting the maximum amount of illegitimate traffic.
This service is currently offered AT NO COST to all customers. There
is no need to sign up. All IPs on all servers at both EV1 data
centers are automatically protected. You will be notified if your
server's traffic is being filtered, complete with graphs depicting
the attack metrics over time. Remember, there is no per-server or
per-IP cost at this time. We are providing this important service as
another benefit of being a part of the EV1 family.
Since they provide absolutely no information about how they're
determining legitimate vs. illegitimate traffic, I cannot state
authoritatively that this is where the problem lies, but all analysis
points in that direction. The most significant items are that the
problem seems to have started at roughly the same time they announced
their new "Service", and it's consistent from any given address (a
trashed router would generally be inconsistent).
Regardless of the problem, it's certainly something within the EV1
network, and not much we can do except for the PLUG member handling the
hosting to let them know and try to get them to fix the issue.
Patrick Fleming, EA wrote:
>
>
> Joseph Sinclair wrote:
>
>> Alan,
>> It's not actually a DNS issue, it's a case of EV1 (the host for
>> PLUG) using a self-developed firewall solution (they boast about it on
>> their site quite a bit). Their solution does a LOT if IP blocking, and
>> it seems to include a large percentage of broadband IP's, probably
>> because those IP's occasionally rotate, and over 2/3 of the home
>> broadband users are now DDOS/SPAM zombies, so chances are that, even if
>> your system is secure, the previous user of your IP address got it
>> blocked due to acting as a DDOS/SPAM Zombie.
>>
>> Alan Dayley wrote:
>>
>>
>
> I did tracing myself and a couple of different sites from here to the
> UK. Half of them failed including one from a web hosting company- not a
> DSL connection.
> I don't disagree with your assessment, but I couldn't find a description
> on their site http://www.ev1.net of this "firewall" solution. I had a
> provider that had similar things happening and it was a trashed router
> configuration. Bottom line, if half of the internet can't get to the
> site the popularity as well as the validity of the site will slide into
> oblivion. Add to that the potential to turn off people who you might
> want to impress and I think there is a problem with the current setup.
>
> My $.02
(text/plain)