AmericasGate Internet Services Network Status

03/05/09 - Mailserver system was flooded with spam emails, resulting in slow processing and delayed email deliveries. AmericasGate Technical support, downloaded the log files from the server and found a compromised client. AmericasGate removed the cleint from the system and disabled the clients IP address.

03/06/09 - Mailserver system was again flooded with spam, resulting in slow processing and delayed emai deliveries. AmericasGate Technical support, downloaded the log files from the server and found a intruder with a United Kingdom email addess. AmericasGate blocked the email address from the system and blocked the clients IP address from the mailserver system.

03/10/09 - Mailserver system was again flooded with spam, resulting in slow processing and delayed email deliveries. AmericasGate Technical support, downloaded the log files from the server and found the intruder was "spoofing the system". Please click the link for a definition on email "Spoofing". The spammer was using many email addresses some in the US and some in Europe and Asia to sending offending spam emails. Our Technical Support Department used it resources to trace back the offending spammer to a Nigerian IP address. Subsequently they blocked that range of IP addresses and filed a formal complaint with the proper authorities.

03/12/09 - 10:46 AM - Network again responding slow and with latency issues. Technical Support staff, at first found again thought it wa spam issues but log files on the Mailservers were all clean. AmericasGate then started running tests on the network. It was then determined that the source of the problem was a DOS attack (click here for a definition of a DOS attack), being luanched by the spammer because we had blocked him from sending spam from our mailservers. This DOS attack started slowly at first, but then gained enough severity that even our upstreeam providers were suffering many issues. Because the DOS attack was being solicited by so many various IP addresses, AmericasGate Internet could not block the offending IP's. This usually happens because many computers all of the world have a virus or worm, that the owner may not even know about. Then a malicious attacker can execute this virus so that their computers start participating in these attacks.

03/12/09 - 1:25 PM - In working with its upstream provider, it was determined that the only way to combat this issue was for AmericasGate's Support staff to shut down two of it "C" class IP addresses. Any clients that were on these two "C" class IP addresses would have then lost any of their services (email, Hosting, DNS, Internet connectivity, etc) that backboned over this range of IP addresses. AmericasGate support staff immediately shut down these IP's. AmericasGate support staff immediately began work with Cisco to change its firewall to a more aggressive operating system that would assist in blocking this massive attack on its network.

03/12/09 - 10:39 PM - Cisco firewall was reconfigured and some of the IP's being attacked were able to be brought online. However, the device could handle only so much data and it was determined that another more robust device would be needed.

03/13/09 - 8:30 AM - A new more robust Cisco firewall device was delivered and AmericasGate's support staff delivered to datacenter and began reconfiguring.

03/13/09 - 2:30 PM - Emergency reconfigurations were completed. AmericasGate support staff slowly started bring various IP's back online and began testing services.

03/13/09 - 3:30 PM - All services were tested to be fully functional, all services were restored to clients.