User account

Bring your own IPs

If you’re a RIPE member and have your own IP prefix(es), you can bring your own IP addresses and we’ll announce them from our AS number. The service is available in Bucharest and London. In the following months it will also be available in Dallas and Fremont.

We can announce IPv4 and IPv6 for you.

You can use the IP addresses on the IntoVPS unmanaged VPS plans or on our managed VPS plans. Contact us if you’re looking for dedicate servers.

This service is free if charge. Data traffic will be charged at usual rates.

 

New OpenStack KVM VPS locations: Dallas and Fremont

Our new KVM VPS’es platform, powered by Fleio and OpenStack, is now available in Dallas and Fremont.

You get the same benefits as in the previously opened locations (Amsterdam and Bucharest):

  • blazing fast full SSD local storage
  • brand new powerful Intel Xeon powered servers
  • generous traffic included
  • our fast and friendly 24/7 support for network, hardware and Fleio self-service portal

The virtual machines cost starts at one cent and half per hour for 2GB of RAM.

And some useful add-ons are available for the virtual machines:

  • Windows license for less than a cent per hour
  • affordable cPanel/WHM and DirectAdmin licenses
  • affordable extra IPv4 addresses

The new platform will soon be available in London too.

 

Double memory

We’ve doubled the amount of guaranteed memory for all virtual machines. This is already active for existing machines and no restart is required. We have also removed the “burst memory”, which is now guaranteed.

All other package characteristics have remained the same, including price.

If you happen to encounter any issue caused by the upgrade open a support ticket.

 

Kloxo zero-day exploit

Today we started to see our packet counter monitors triggering all over the place. At a closer look we’ve noticed a common pattern: scripts flooding from customers’ virtual machines running Kloxo.

A zero-day exploit has been identified in Kloxo control panel today. Here’s a discussion related to this.

We decided a few hours ago to proactively fix this inside ALL machines running Kloxo:

  • identify offending script that was uploaded and chmod 0 the directory
  • stop the kloxo daemon
  • email each and every (!) customer about this exploit and explaining the actions we took

Ionut and Ovidiu have just completed these steps and we managed to stop this pest, for now.

We don’t normally run commands inside customers’ virtual machines, but we decided that it’s the best action we can take in the interest of everyone involved. And by everyone, I mean everyone: compromised machine’s owner, other IntoVPS customers, IntoVPS employees and stakeholders, internet community.

Here’s the email we’ve sent:

Subject: IntoVPS – Kloxo installation compromised for server

Hello,

You are receiving this notification because you are running Kloxo panel management on your VPS named XXXXXXX.

It seems that Kloxo installations are compromised with a randomly-named PHP file placed into /home/kloxo/httpd/default/, which is the ‘default’ site accessible by IP address and that kloxo appear to be spawning a large number of httpd processes. Further investigation shows they’re all sending out volumes of traffic as part of a ddos.

Here is an example of a compromised file uploaded in /home/kloxo/httpd/default: http://disclosed.info/?7c12a1a4560b7664#5fpnfdknf4EfBcGqLjeV9/vAY1RXEKkLC3+fqm16c6E=

At this moment there isn’t any fix published for Kloxo and as a workaround for this particular issue, we are going to change the permission of that folder to 0 with the following command:

chmod 0 /home/kloxo/httpd/default/
chmod 0 /home/admin/*/cgi-bin

Also is it better for now to stop kloxo daemon until a proper fix is released.

/etc/init.d/kloxo stop

We also noticed the same particular file being uploaded in the cgi-bin folders of the website managed by admin users. I strongly advice to check this as well and remove or change permission of those files that contains the same patern as soon as possible.

If you have any questions, please let us know.

Best regards,
IntoVPS Support

 

Ubuntu 12.04 and Arch Linux 2012.09 available

We’ve added Ubuntu 12.04 and Arch Linux 2012.09 to our OS templates list.

  • Arch Linux 2012.09 32-bit
  • Arch Linux 2012.09 64-bit
  • Ubuntu 12.04 32-bit
  • Ubuntu 12.04 64-bit

The Arch Linux template has the most recent system updates installed, which includes the changing of ‘/lib’ to a symlink as well as initializing pacman keyring at first boot.

As always, existing customers can reinstall from Hypanel, new customers can choose them in the order form.