New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
LOL
Why should they "fall off" such a list? If they abused, it's a fact. To my mind, the only question is what they do in response to their network being used for abuse. One thing they could do is compensate the victim (which is what I suggested in my initial message). Nobody seems willing to step up and do that, actually take responsibility for the harm they caused others.
You clearly have no idea what I'm thinking, or apparently any willingness to actually read the statements I've written that are in direct opposition to your characterization. Like jarland, you're living in a fantasy of your own fabrication.
And your fantasies are toxic on top of it.
Exactly the opposite. I'd love to not have to block anything with my firewall. But people are running networks irresponsibly out there. You expect me to roll over and just take that abuse? Make me, and countless other victims, pay even further for your bad behavior? Grow up.
Or pay me to deal with your poorly managed network traffic. The $5 you give to Linode (or anyone else) doesn't mean anything to me.
I'd love to be friends with everyone, but the terrorists are running failed countries out there so I have to block them and all people of the same colour and religion, I could always do with more antagonizing, after all, I can block whatever I want in my country/network.
What can a block achieve? A /8 one? Stop DDoS? Nope. Stop spam? Perhaps, but again, this is why people have filters. Stop malware? Brute force attacks? Some .01% traffic (except DDoS which cant be stopped anyway)? Maybe.
Is it worth it? For @impossiblystupid people, it is.
We, the rest, deal with the threats by using our brain. A neutralized threat scares nobody, better close your door to keep away the neighbor's loose (even mad) dog, than burn your neighborhood in the hope of "getting it"...
@impossiblystupid My apologies I thought you were speaking with some logic that I wasn't understanding. I was incorrect. It was a misunderstanding of language. You've stated that these specific hosts allow abuse, but that it is impossible not to allow it in a way that satisfies you to say that they do not allow it, including by prevention. Those were your words, I'm just restating rather than quoting.
So to you anyone who has a product or service that is abused in an outgoing manner at any time takes on the active role of "allowing" it which then becomes a persistent state which one cannot step out of with any course of action. This is the only logical interpretation that I can land on. The words were not overly complex or difficult to interpret at all.
As for myself, I define allowing abuse as a host that either encourages it or ignores reports of it. That, to me, is allowing abuse. This also feels more in line with dictionary definitions of the word. Allowing is not a passive thing, it is a choice made. Inaction to abuse is not even passive, one must actively choose not to deal with it at some point. The word "allow" is simply not passive in the English language.
Just a misunderstanding, no need to be douchey about it
Is it primarily about email spam, and can that be stopped by firewalls and throttling on outgoing email ports? Obviously a few legitimate email senders would be inconvenienced, but Linode could always refer them to Mxroute. Is it usual for legitimate VPS users to want to send direct email (or any email) from the VPS at all? Obviously some do, but I wonder the percentage.
I take a position in between @Maounique who IMO is too "easy/tolerant" and @impossiblystupid whom I feel to be too restrictive/excluding too many.
I'd contradict @Maounique insofar as many threats can be stopped, mitigated, or limited.Even (lots of) DDOS could be stopped or severely limited if the ISP weren't so ignorant and greedy (and if iana & accomplices were more about proper engineering and less about politics and social issues).
Also most other thread can be blocked/avoided or at least strongly limited. I happen to know, it's my field (ITCSec).
That said, I unfortunately also know that the majority of problems aren't eally caused by hackers but rather by - lousy and/or ignorant and/or pushed by management - engineers, particularly software engineers. Hackers are merely (ab)using the problems created by engineers in the first place.
"Gladly" though (for the engineers) users are hardly in a position to complain as they either don't know enough to understand and/or as most of them are rather ignorant themselves.
This very forum offers plenty examples and cases. Lousy (if at all) configured ssl/tls, often even ssh, php, in particular even old versions, downloaded code from who knows where of very doubtful quality, etc, poor firewalling (and if done better than usually only to protect the providers themselves and not their clients), etc.
I'll drink to that. Heavily.
I am not sure what you mean. I said these threats can be mitigated, dropping the packets at firewall level based on whatever /8 happens to have sent some bruteforce attack once is not a mitigation, is shutting yourself off behind a beautiful firewall (dunno who pays for it though, @impossiblystupid hinted he might have to be paid to police other networks, presumably in the same way).
That approach does not stop attacks from the remaining ranges, the only sure way to do that is to shutdown everything and allow only your IPs and even then it is not absolutely sure your software will not have some 0days sooner or later, besides DDoS will still work in most cases...
The serious way to do that is to mitigate the threats like sane people do, it will not work 100%, but nothing does, when you go out in the street you take a risk, if you are agoraphobic or have panic attacks or something, that is your problem, you can shut yourself indoors if there is no hope for you, but advocating such a position for others to follow is simply nuts, sorry I cant find a better word.
Same in politics, the new "patriots" consider their country safe if there is no border crossing, ultimately, because, you know, there are muslims and coloreds in Canada too, not to mention UK, many UK passport holders, how would you differentiate? There are even fair skin and nordic muslims, some are even jihadis in their country or outside, a paranoid will never be safe, network or border wise.
There is no incentive, DDoS demands more bw, carriers gain through 95 percentile or overages, ISPs sell more traffic (my net is slow, nevermind my trojans, no password router or cameras, i want a bigger pipe now!), DDoS protection sellers make a buck...
Fortunately, when the internet will be stopped, someone will start thinking this is going too far and something will be done.
We are almost there.
?? Means?
(Keep in mind that I'm not a native english speaker)
So, Linode introduced $5 instances I heard...
Ooops. Wrong topic x_x
I'll drink to that is like toasting with the hope it may happen, like in new year toasts, say, let's drink for a better year. In this case, having multiple toasts like a drunkard prayer, in the hope whatever god it has will grant the wish.
I've installed OpenBSD on a Kimsufi Atom today to prove a point (and now someone technically owes me for repair performed on an Impala for doing both).
Nope. For a start my intention is not 100% security.
For the rest: The solution - like the problem - is in grey, not in black or white. It's neither about 100% nor about 0% security.
If you look at attacks you'll usually find lousy players at both ends, the attacker like the victim. 99% of attackers aren't highly knowledgable engineers and 99% of victims are on systems with lousy config, lousy OS, and lousy software and behind plastic routers, most of which can already be considered first class if they don't come with burned in factory passwords and an unpatched 5 year old linux.
That again is but the consequence of lousy tools, incl. lousy languages. Take C as an example; no compiler can possibly generate correct code as the language itself is ambivalent. Moreover it offers no features whatsoever to enforce correct code.
Obviously we can't change that easily or quickly if at all. We can, however, put more efforts into at least securing the basis, say OS and core libraries. First steps are made right now. Some people work, for example, on a verified and provably secure tls implementation (although that's in a way futile as tls is broken in its design).
But mere mortals, everyone of us can do something, too. We can, for example, not install a lousy web server but a reasonable one or we can write our web sites in languages that at least are typed and have compilers/interpreters that do at least some sensible checking.
OK, I see. Thank you.
Your next OpenBSD assignment is Apple Watch.
Yes, totally agreed, however, I was mocking that guy for advocating dropping the packets on /8 at a time for various attacks, not saying we cannot do anything.
Every day i suspend hacked VMs, almost, and god knows how many are there still, then tell people what they should have done, if I see they have no clue, i recommend them a managed service, because it is expensive to have such people in our network and they hurt others too.
I even checked for vulnerable NTP and DNS server for amplification attacks in various databases in their heyday, we have flow monitoring to detect outgoing attacks and spoofed traffic, I do not say anyone should sit on their hands, but dropping networks is not the answer, especially for a provider.
I think you meant NetBSD.
That's what we mods are here for.
If keeping your image as super-funny is important enough for you to laugh at a non-native english speaker for making errors in english... you're welcome.
I don't think he was making fun of you. It didn't even occur to me that you had made an error in English. I thought it was just a typing error. Your English is fine.
While I usually abstain from such things as I am not native writer either (though I am a writer, really), at times a joke is too good to pass, it did look like a typo too.
You do type unusually coherent english for someone who doesn't speak it natively. At least, for someone who would point out that they don't. Usually someone typing it at your level would consider themselves fluent.
Fluent is different than native. For a foreigner, English is kinda weird, many things are read the same, or very close, and mean and write completely differently. I am not saying this doesnt happen in other languages, but in English the scale it happens is unprecedented for me and I know quite a few languages.
Thread, threat, if you lip-read, look the same, only context can help.
I dreaded this thread would tread from Linode again!
I think he means that he thought I was making fun of Mao. I did not make fun of his English - I made fun of a typo.
I'll use just about any excuse to pull out my bastardized "WHT moderator service" png. Made it myself.
...and why so hostile? Did we get off on the wrong foot or something because usually witty, literate people who use BSD are people I drink with, not fight with.
@raindog308 Nevermind him. He's just pissed that I got OpenBSD on a headless Atom before he did.
Aye. Idioms, as I understand it, are the worst. There's just no translating their meaning by the words alone.
My first foreign language was French. It was pretty easy as romanian drew from french a lot and are both romance languages, some expressions are almost word by word translatable, same with Italian or Spanish, but in English, there are completely different expressions, you can say these people, although most of the vocabulary is french based, evolved in different circumstances, day-to-day life in France and England must have been very different.
Except in the early 1900s to mid-1900s.
Yes, but language and expressions were already formed at that time. Before the times of the maritime empire, england was pretty backward compared to the french, habsburg or polish splendors, no wonder the french took hundreds of years to wake up from their arrogance, which isn't cured even these days.