New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
This doesn't change much.
I've had plenty of people that paid with paypal, verified email, details, etc, blast our billing/etc with attacks. Passed every check Karen enforces, didn't matter.
I mean, there's a kid on twitter, easily trackable, playing around with some massive botnet blowing up minecraft servers. Last I checked he's still on there doing it and not arrested.
He knocked out many large networks doing it.
Francisco
You have your opinions and I have mine. Is it too hard for you to accept that?
Were you asking me that question or wanting me to ask it to you? I didn't drag your opinion into this topic or start out trying to discredit you for not my sharing mine.
I only entered this thread to share my experiences and why I thought this network wasn't shady based on them.
No I just engaged in the conversation, made comments that you don't like and now you're dancing for me
feds don't care until you piss off the wrong person.
state doesn't care about much if you're not carding or swatting.
That's fair, but knocking all of INAP offline most def caused more than $5000 in damages, or whatever the 'minimum' they have is.
Francisco
I called out default for his bias against the provider when using it and only it to attempt to discount my experiences. You asked if I was triggered. I'm severely confused as to why you think I'm here to make sure you don't have a space to share your opinion or how this qualifies as dancing for you. If my reply here is the output of intentional trolling, you'll have to forgive me for not seeing it as very effective.
I forgive you, and I accept your apology.
INAP also makes hundreds of millions a year, to them it's relatively insignificant.
Regardless, feds usually take their time building cases, they have a ~95% conviction rate.
Even if he was to get arrested he'd probably end up on probation for a couple of years with a half decent attorney.
The government doesn't take DDoSing very seriously, we're talking 10 years max with a public defender and priors.
As long buyvm it never gets "involucrated"
I don't give a shet about whatever fran's (others) customers do on his network
Until the day finally comes when his shit gets raided.
yep some day these bots will try SSH login on port 22 of a FBI server (?)
I think you can be more plain about this, ask for an outright ban. I am sure almost everyone would agree.
And what about hating? I was open about not liking him attacking other providers and then AlexVolk suddenly went into overdrive attacking me and one my major customer even as I don't have a provider tag and Prometeus withdrew from here long time ago so there is 0 danger from that direction.
I reacted to the attacks and I will always do that. Leave me alone and I will only give some personal opinions and that is it.
Attack me and you wont like the reply.
I can assure you all their servers are attacked like everyone else, ppl dont even care. The 3 letter agencies give 0 fucks for automated attacks, they only care about targeted attacks, specially crafted emails, social engineering, exploiting previously unknown vulnerabilities etc.
You're welcome to add words to it but if I didn't type them, I had no intent on implying them. I don't dance around much these days. Say what I mean and I'm out.
I just think people like the OP here keep stepping in everyone else's shit with zero intent and it's going to impact the site negatively. They can't be part of the community because the community takes over everything they do with the same topic over and over again. We can't just let every conversation be what it is, everything has to keep coming back to the same rivalries.
It is/was being done already with the unused addresses in 44.0.0.0/8 (which is/was majority of them).
If all of 11.0.0.0/8 was honeypots, nobody would scan them.
The irony is you are one of the key players in that. Your signature is proof you love the drama. You just aren't mature enough to accept when the drama affects you personally, you start to hate the game.
Yeah that's why I share my perspectives, because I'm upset about drama or something.
I do keys only, no passwords and ignore them..
My experience has been the add-to-blacklist usually blocks me at some point.. PGP agent not working properly, takes a couple tries to figure out what it's problem is and fix it..
Opening too many sessions into a machine.. Connection-state New TCP 22, three times in 2 minutes, or whatever, is an issue when I open three or more SSH sessions into a host..
Been a few years, but I leave SSH on port 22 now, changing the port keeps them from trying for a little while but it still gets found. Port-Knocking could work, but why put in the effort..
With SSH authentication with keys, no passwords, the 'brute force' attempts move on after two/three attempts..
As for port-scans... I watched one port scan that used a different IP for each port, presumably to not 'trip' the detect-port-scan.. Yes, they used an entire /16 to do a port scan..
Pretty much a tl;dr from my own experience and knowing Francisco/this company for 10+ years: Francisco takes care of abuse if it's proper abuse. Since he allows TOR exit nodes, there's a high probability of these being abused by random users, and abuse is much harder to handle through this. This is one of the reasons a lot of people go with him, he doesn't "shoot first, ask questions later", he properly looks into each case.
If someone is outright scanning ports, brute forcing, or other and likely doing it maliciously or compromised? You bet they're going to get the boot/suspended.
@Francisco is giving so much freedom to his customers, he even has a strong stand for Freedom of Speech & protection of privacy. So I believe, people should appreciate it & use his services in a way that benefit the world but never in an illegitimate way further showing fingers at him 😑 Shame on such persons...
I’m with Fran, since a while for my blogs, I’ve never been in to any sort of bad stuff. The network & machine are rock solid. Moreover, the support guys, especially Mateus is always there to help if you are stuck anywhere.
No matter how fatal things may turn. Will surely continue & stand with Fran’s service 🤷♂️🤷♂️
Yes, it's obvious that Jar blindly defends this provider. He puts his personality and his experience on the line for this provider, as if he worked there and knows the company like the palm of his hand.
Anyway, this thread is not about Jar and his resume; it's about BuyVM. Therefore, sorry for bothering you @dahartigan - have you received any "invitation" to that lawsuit, or the problems of courage and dignity are still persistent?
ok. let us attack / judge Buyvm
Lol @default
Still all shit talk and no substance. My sincerest apologies for interrupting your constant stream of thread-agnostic drama by offering my honest, detailed, and transparent thoughts on the topic at hand. See you in the next thread I guess. Same topic of course, need you to be on top of that.
Fkoff.. move to chestpit dude..
Lol, absolutely nothing. All talk and no show. Not at all surprised. His alter ego "Karen" has more balls apparently.
Not really a solution. The problem with TLS/SSL is that it's among the most intense operations a system can do. More precisely the public key part, handshake/key exchange is. In between 20000 to a million times slower ~ more compute costly than symmetric crypto.
So those script kiddies de facto create a DOS; gladly some SSH hacking "advice" out there strongly suggests to make no more than one or two attempts per seconds, but otoh many people doing a few attempts per second adds up ...
The problem isn't keys vs passwords, the problem is SSL and SSH and of course millions of evil minded or careless attackers out there ... plus of course ridiculously poor SSL and SSH configs.
Re topic: Under normal circumstances I'd be against @Francisco because at the end of the day BuyVM is a significant source of problems due to their easy going attitude. In the current situation though with repressive regimes and dictatorial corporations I highly value his stance (plus his products and service seem to be really good too) and basically sum it up as "if we have to tolerate a few bad actors in order to have the large majority speak their mind freely, well then that's a price I'm willing to pay".
But there is another perspective too that needs to be seen: The internet is a dangerous place for other - and more important than Francisco's attitude - reasons too. Reasons like poorly "designed" protocols, corporations bending and pushing things in their interests, general political and social factors, and others. Those are far more relevant and significant than whatever policy Francisco happens to have. BuyVM is just a channel but the water flowing through it is sullied and poisoned elsewhere and by others; if BuyVM ceased to exist other channels would be found and used.
Honestly not many providers want to take the punches or black eyes that BuyVM has taken to stand up to the corporate BS. Let alone to stand up for what they believe in! We have taken already a few hits ourselves and hopefully never have to experience the full blows that Fran has taken. But only time will tell.
I will do what we have to do to stand behind that freedom that we have on our services and I'm sure Fran would feel the same!
Let's be honest here tor does more harm then good
Probably. But that'll always be the case. The things that help people avoid authoritarian regimes will be the same things that help the bad criminals avoid the police. The two will always be linked together and they can't be separated. That's what makes them such easy targets for governments to vilify. They can simultaneously attack them for reasons almost anyone finds reasonable while also targeting their detractors.
It's a win win for the people wearing the boots, the ones licking them, and the criminals none of us want to support. And the number of people misusing it will hopefully always outnumber the others, because oddly it'd be nice if the latter was more rare than the former. At least every day criminals are statistically less likely to control a military than an authoritarian government.
So does guns, but a lot of people seem to support them anyway.