New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Dedicated Providers for online security reseach
Hello,
Seeking community knowledge
Please advise which providers/datacenters/networks do allow/permit security research practices such as:
port probing, identification of system and software running on an open port, web crawling and website scraping, SSL analysis - cipher probing, TLS version picking, SMTP port probes to check for configurations (ex force SSL) and so on.
All activity from own and/or provider IPs and by a registered org.
Thanks for the community insights.
Comments
Standard form question: Whose servers are you running these against? Do you have authorization from their owners and their providers?
Non-location specific. Everywhere.
Mostly yes. Sometimes no.
IME, there are very few providers that prevent you from doing what you want, ethical or not. There are far too many of your type already.
Since you are a provider yourself, why don't you do it on your own system/network?
Don't you mean mostly no and sometimes yes?
And...
A Massachusetts phone that isnt monitored
A Delaware LLC
A calif mail drop at a US Post Office
Plus you live in NC (at least in 2014)
In 2014 you complained about resource abusers- oh the irony
No provider tag - lazy at the minimum, bigger story probably
Something smells... Just sayin'
Jeez you guys have some sticks up your butts. Nothing wrong with port scanning and fingerprinting. Otherwise Shodan wouldn't be in business!
@randomq Your logic is a bit flawed. Just because one company does it, doesnt make it right or less of a pain in the ass.
How I wish! I block the f'kers anyway.
Checked your server logs recently? Perhaps you send them all to /dev/null.
masscan and ZMAP are open source just blocking one provider won't help you.
https://cockbox.org/ allows port scanning on their VPS. I'm sure he don't mind if you do it on a dedicated.
Delusional if you think otherwise.
I didn't say that I only block them!
@VDS6 said:
"security research" has become a term way over used by wannabe hackzors and hence often triggers rejection.
My suggestion: first learn and understand your stuff well enough to not need so many probes as to need permission but rather just very few which requires no permission. After all, TLS based protocols usually are unhealthily talkative anyway.
And be prepared to become the target of some (rather hefty) "security research" after trying your "security research" games with the wrong guys...
Regardless of any provider that may allow it, that provider should be fully aware of the intent to originate any network traffic of that kind. You also want a ticket or something you can refer to if months or years go by and what someone once OK'd is no longer around.
If you go into a provider without the mutual understanding of what you're doing, and, this is kind of important... if you're not publicly disclosing who you are, and what you are doing, many will simply conclude it is malicious and treat it as such.
As someone pointed out, he is a host himself.
It's clear that why he doesn't want to use his own network to do what he wants to do.
What are your requirements & budget for the dedicated server? Location is in Montreal. 512GB NVMe SSD Raid 1 or 1TB NVMe SSD Raid 1 (SoftRaid) / You can set them up to Raid 0 as well
iDRAC Enterprise Management
128GB DDR4 RAM
1Gbps @ 30TB or unmetered 100Mbps (You can get 120TB for 80$USD additional)
5 IPv4 & optional IPv6 We would be talking of a price around 140$USD for a 12-month long contract
Or around 160$/month otherwise Let me know if you are interested.
About abuse, it would be handled by us and we hope not to get any abuse notifications from any company. We will forward abuse to you but we do not ignore phishing, DDoS, etc... if unauthorized.
Host of IPV6 only is next to worthless.
Best I can do is $7
Porn is "biology research".