New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
NFP Hosting Scam
This discussion has been closed.
Comments
New, eh.
OS templates must be tested prior being deployed. This takes time and manpower. They are simply using proven templates that are guaranteed to work on their environment.
Besides, it isn't hard at all to at least patch.
Even up-to-date templates will have exploits in a week. And script kiddies have port scanning VPS all over the world.
That does not mean you offer 'years' old templates as you said earlier.
My theory is this, if you give a shit, you install it yourself from ISO and manage it properly from day 1, if you dont, you use a template but at least update it and lock it down, you know the basics, if you dont know how, you bought the wrong service.
why not, the first thing you should do is update it if you care, does not take long.
Indeed, fire up ssh, log in, type in apt-get update.
Then go to bed or something.
You set up your VPS the way you want. Close ports and services you don't need. Simples.
I'd put this guy in the box of 'people who set up boxes who add to a global security problem involving DDOS attacks'
The provider in this case isn't that good from my own experience, but here... neither is the customer.
So... create a template that enables unattended upgrades by default, and pre-load it with the customer's SSH key upon instantiation? This is entirely an automatable process, and it's really not reasonable to blame it on customers when default provider-supplied templates result in systems getting compromised.
Does that work with Windows? I've never tried to RDP using SSH keys before.
Yeah, I was really talking about windows.
Regardless, I still do blame customers with the 'but I never logged in' excuse with password123 or changeme as a root password, which is incredibly common.
Should be possible to enable unattended upgrades on Windows Server in a template as well. RDP can also be preconfigured, although I'm not sure what settings you'd pick since the use of eg. keypairs is much less common there.
As for customers who pick crappy temporary passwords: it depends on the signup flow. If it's made apparent that the OS will immediately be installed with that password, then yes, it's on the customer. If it seems like it's just an account configuration option and the user only installs the OS later, then it's on the provider.
Especially for providers who don't allow OS selection upon signup, and just install eg. CentOS by default, it's often not reasonable to expect the customer to understand that their root password will actually be used on a live system, right away.
opinions are like arseholes, everyone has one, the reality on scale with all different skill levels is quite a different thing to what could be done or what is ideal without constraint.
Head over to gaming or pc enthusiast forums.
Some are actually proud of not updating their Windows 7/10 at all.
RDP can also be preconfigured, although I'm not sure what settings you'd pick since the use of eg. keypairs is much less common there.
Is that a long-winded way of giving the correct answer of "No" ?.
Apologies for forgetting to add a smiley to the end of my original rhetorical question to make it obvious.
I am not sure but i guess at least in theory you could hack something up using stunnel. Well, as long as you can bind RDP to localhost and my memory about stunnel being able the check certs is right.
Click.
(And yes, if you don't directly expose RDP, various approaches are possible. Plus, SSH servers for Windows are a thing too, if I'm not mistaken.)
Totally forgot about those.
Though the debate has gone quite technical, I have to say that their customer care has fooled me a lot too, so I wouldn't wonder if it was their fault.
Microsoft went out of their way to make Windows Update sooooo goddamn annoying... one minute I’m watching a video.......
(click) it then decides that it is a GREAT time to update! (I just love updates especially when they happen with no warning at all!)
++++ a big plus for this comment. I am totaly agree
Read through some of the banter on here, but on a serious note, if anything is needed or wanted from me here - please feel free to contact me at [email protected]. I am happy to assist.
Thanks,
-nathan.
Nfphosting is a real scammer. Never buy and waste money / time... No hosting in real..you sites not hosted on datacenter..Probably from home.You will lose all your sites...
The quickest way to make sure your voice is ignored your comments deleted and your account banned is to just necro old posts with very little information, use the "scam" word without posting proof rather than starting your own review.
You come across like a kid stamping his feet this way.
When being butthurt goes further into rectum, mrtsoftware is born.