I've attempted to contact DreamHost NOC or Abuse departments via the
numbers in whois but just get voice mail and no call back.
I've got a user sending a lot of UDP traffic to 208.113.189.13 port 22.
This traffic is very likely undesirable and I'd be willing to pull the
plug immediately if I can get confirmation from DreamHost. Failing that
I've opened an abuse ticket with the customer and given them 12 hours to
respond.
Why not call your user and tell them that you see suspect traffic?
This is your revenue. I think it makes sense to be proactive, but be
proactive for yourself _and_ resolve the issue.
In a previous job (circa mid 2004), I had attempted to get materials removed from a DreamHost client (they where hosting it in violation of my, at the time, employer's copyright). The DreamHost abuse process was completely useless, and we ended up having to take direct action against the website operator to get the content removed. During this process I did some research into DreamHost and found some very interesting articles. Here is a more recently published one that highlights what I am getting at http://www.hyscience.com/archives/2007/05/us_based_terror.php (I should note, the site is still up and still hosted by DreamHost).
I am 99.9% sure that after successfully hosting websites for Al-Qaeda for over 3 years (on US based servers, by US citizens, living in the US) they are not going to care much about some SSH port scan.
In a previous job (circa mid 2004), I had attempted to get materials
removed from a DreamHost client (they where hosting it in violation of
my, at the time, employer's copyright). The DreamHost abuse process was
completely useless, and we ended up having to take direct action against
the website operator to get the content removed. During this process I
did some research into DreamHost and found some very interesting
articles. Here is a more recently published one that highlights what I
am getting at hyscience.com (I should
note, the site is still up and still hosted by DreamHost).
I am 99.9% sure that after successfully hosting websites for Al-Qaeda
for over 3 years (on US based servers, by US citizens, living in the US)
they are not going to care much about some SSH port scan.
Isn't this what you folks call "freedom of speech" ?
There are exceptions to that particular freedom, and many of those exceptions have pretty well-established legal precedents. The First Amendment has been well tested in court.
I would think that a website operating inside the US that is providing a communications channel for terrorist groups that have an established pattern of wanting to harm the interests of the US and other countries would fall into one of those well tested exemptions, particularly after 9/11.
I know Dreamhost recently moved their offices so I don't know if that
has anything to do with it. I'll give you some numbers/emails that
might work since there seems to be a problem reaching these guys: