[M5Hosting] M5 Hosting Service Improvements and News

Michael J McCafferty mike at m5computersecurity.com
Wed Jul 19 23:02:24 PDT 2006 

Dear Happy M5 Hosting Customer,

          As you know, we periodically send you an e-mail to notify 
you of issues which may affect the service you trust us to provide. I 
am writing to you today to bring you up to date in that regard.

We are Growing !
         Just 4 months ago, we doubled our number of racks. We have 
just about sold out of that new space already. Today, we committed to 
adding an additional 50% increase in rack space.

You get more, no extra charge
         We periodically evaluate our costs, and our prices, then 
adjust our service offerings based on what we find. As a result of 
the most recent analysis, we have decided to increase the base 
bandwidth allocation on our standard dedicated server services from 
150GB of transfer per month to 175GB. This takes effect immediately, 
and all customers with dedicated servers will enjoy this increase.

More redundancy
         The Data Center core network is redundant and a highly 
available design and implementation. However, each of our racks have 
been connected to this core by a single connection. While very rare, 
when an aggregation router (Cisco 6509's) needs to be rebooted, the 
racks that are connected to it will lose connectivity for the 
duration of the reboot, or in the case of a problem, for the duration 
of the fix. To improve the redundancy and availability of connection 
between your servers and the Internet, we recently upgraded the 
connections from the racks to the data center core to use Hot-swap 
Routing Protocol (HSRP). In the event that a router or a connection 
to the router fails, the redundant connection will take over in under 
15 seconds.

Denial of Service attacks
         Recently we had two short unplanned network events. Both 
events were caused by massive denial of service attacks against a 
brand new customer of ours. The first event was 14min in duration, 
and the second event was less than 40min in duration. The result was 
very high packet loss for the duration of the attacks. In keeping 
with our policy of complete honesty, clarity of communication and 
integrity, these events are both listed on our availability page at 
http://www.m5hosting.com/availability.php  After careful 
consideration of risk this new customers business type, and it's risk 
to the service we provide to you, we permanently removed the new 
customer's server from the network. This was the only sure way to 
mitigate the risk the new customer brought with them. As with any 
service affecting event, we are taking this experience as a chance to 
discover weaknesses and improve our network and service. We learned 
that our last firewall upgrade and configuration change was 
effective, but that our uplinks to the data center core is 
vulnerable. The previously announced switch upgrade project will help 
mitigate this weakness although we may need to explore additional 
means of protection. We have also developed a procedure for dealing 
with denial of service attacks which do manage to overwhelm our 
uplinks to the data center core. We are also considering a 
modification to our Acceptable Use Policy to prevent new customers 
with the same high risk business plan from becoming customers in the 
first place.

Routing issues and router reboot
         During the month of June, a few of our customers were 
affected by some routing issues which were beyond our control. A 
national network carrier had some widespread routing issues, which 
prevented some of our customers from reaching their server from some 
places on the Internet, but not others. However, there were a couple 
of instances where those bad routes, combined with a very rare bug 
which caused some Cisco Express Forwarding (CEF) table corruption in 
the Cisco 6509 aggregation routers caused the problem to become 
intermittent for those customers who were affected. At Cisco's 
direction, the 6509's needed to be rebooted to resolve the issues 
permanently. Our upgrade to HSRP (described in item #3 above) 
minimized the effect of the reboots. Rather than a 10 minute outage, 
you may have experienced a 10 second "pause", and most likely did not 
lose any TCP sessions.

We pay you money !
         We paid a bunch in referral commissions last month. Keep 
those referrals coming ! If you refer someone to us, and they stay 
for a few months, we will return the favor by sending you an amount 
equal to their first month of service.

Donation to Wikimedia
         In the spirit of contributing to the Internet and mankind, 
we made a small contribution to the Wikimedia foundation, of 
Wikipedia fame. Wikipedia is the largest reference site on the 
Internet, and it's totally free for you to use. We figured we'd help 
them out a bit. The software they use is open source and free for 
anyone to use. Everything, from the operating system on their 240 
servers to the Wiki software itself and the very content in the 
reference.... and the project helps bring us all closer to having the 
sum of all knowledge at our fingertips.


         Thank you very much for your trust and your business. I am 
always interested in hearing back from you, to learn what you like or 
don't like about your service, or to hear your ideas on how we can be 
better for you. It really is the best part of the business, when I 
get to work with our customers.

Sincerely,
Mike

************************************************************
Michael J. McCafferty
Principal, Security Engineer
M5 Hosting
http://www.m5hosting.com

You can have your own custom Dedicated Server up and running today !
RedHat Enterprise, CentOS, Fedora, Debian, OpenBSD, FreeBSD, and more
************************************************************

More information about the M5Hosting mailing list