New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Looking for new Provider with ddos protect
malitoowned
Member
Hello i am looking for move 2 servers to a new provider. ( I have some troubles with ddos attacks ).
The most important is ddos protect
Hardware spec
128 GB RAM ++
AMD Epyc or Xeon
1 TB SSD
25 Ip address
Located in US ( united states )
ovh is not an option !
Comments
Clouvider can certainly help. Have a look at our offers.
Inventory clearance:
Dual E5-2670, 128GB RAM, 2x240GB SSD, 2TB NVME SSD, 10TB@1Gbps, 2xIPv4:
$99.95/month
https://www.smarthost.net/cart.php?a=add&pid=370
Choose TX, CA, VA, or IL, for DDOS protected Psychz network.
Additional IPv4 at $1/month per IP.
~ SMARTHOST
Maybe fastpipe.io
/27 is like 25€
Smart host is also a good company
give me like 2-3 days for the review about your "HOSTING"
Shots fired.
At least its not X4B.
https://www.krypt.com/ maybe this one? we have servers on them.
I got the threats through the ticket earlier. Since November precisely. Every time we don’t do free work for this Customer.
He/She going to tell you all about how we were unhelpful in defending their servers hosted elsewhere with our best effort DDoS mitigation, despite we have mentioned in a few tickets we won’t be their shield for free. We are more than happy to defend and spend expensive resources on that - but keep your servers with us, don’t abuse the generosity by tunnelling it elsewhere. Buy your own Corero if you need to do that.
He/she will skip the part how we have given them notice to terminate their service earlier, and they have then been pleading with us to not terminate them, saying that not allowing them to renew will destroy their work and all because of a 3rd party they will never allow to their account, to the point my Operations Manager gave them a second chance and allowed them to stay. Spoiler alert It wasn’t a 3rd party after all ;-).
There were very colourful excuses involved, that the person has shared their password with a friend, and the friend has been making threats, not the account owner, etc. very very slippery.
At least now I know the Trustpilot review you posted has been made by a competitor, which is naturally against the T&Cs of Trustpilot, not that you care.
Relevant notes about the conduct of that individual, or whoever’s credit card their used, was reported to relevant anti fraud system, so that other providers can make an informed decisions. Seller (now as we know also - buyer) beware ;-).
What kind of application do you need ddos protection for?
from oneone that is doing ddos to your server.
still looking for that
Sounds like a nightmare customer
Sounds like we dodged a bullet
No, you were instead lucky that I did not chargeback despite you being an grade A asshole, and refusing to answer a simple question to a paying customer regarding basics of your service, and decided to quote your consulting prices instead because you feel like entitled asshole. Nobody is going to pay your sorry ass 120-160€ on top of the normal service prices for a basic "yes/no" question where I did not even ask for a solution. Only if it was possible or supported by your service.
I patiently even bought again to verify the issue myself, finally also paid to a third party LET member to verify it and then left quietly. You got free money since I canceled both services with zero usage.
I'll rather lose 30+40€ USD with you than get false report on fraudrecord.
Since we opened can of worms, lets go all out then.
I asked you a normal question regarding outgoing OpenVPN traffic: Is it possible to route traffic back in to the X4B, so that the tunnel works both way?
Your answer?
Yeah, fuck that.
This was the issue.
https://www.x4b.net/kb/OpenVPNDDoSProtection
In short, it was not possible. Your service only masks the connection IP and forwards traffic to the real one. When the user is connected, the server IP is being used as I cannot route any traffic out via X4B tunnel.
Then I try the same with single homed plan and I find out that its just overpriced BuyVM bandwidth which this guy is selling at 25€ per 650 GB.
Nice establishment for sure.. Make openvpn tutorial with ur multi-homed service, people sign up for it, notice how it simply just doesent work cause you cant predict the path, notice how theres stuff on the tutorial that single homed could work, buy single homed plan with equally expensive traffic, its buyVM with Saint Helena bandwidth prices.
first 2 dramas of 2022 spotted! amazing
@stefeman
Firstly, the majority of bandwidth we move is via our AS. Theres an upper limit to how much bandwidth we will sell you on the Budget line (despite as you put it being "overpriced"), if we wanted to sell you overpriced bandwidth I doubt that would be the case.
Secondly, if you think our services are over priced you need a lesson in real world costs. Wages are expensive. And our services are extremely low margin. Spending even a few hours to research a specific question regarding the capabilities of OpenVPN (both routing models) for you is not included for unmanaged services at any tier, and certainly not on the Budget line.
The budget line base cost should really be raised if it was to support itself. It's never been a tier thats made money (expecially when 90%+ of the support tickets and problems start there) we primarily offer that (expecially on the smaller plans) as a method to:
a) Help smaller hobby sites and services get started with protection
b) Provide some small cost effective services for those who need the absolute cheapest that we can offer.
Thirdly, regarding management. At $40/hour we have actively struggled to find competent techs who are:
a) Willing to schedule jobs 24/7 and be generally available 7 days per week to perform arbitary customer management jobs for 1-4 hours work per month often with little to no forewarning.
b) Able to maintain a level of expertise not only in our platform but on Windows, Linux and certain Router OS's and most popular game servers, web servers (including panel software) and (as is most often the case) troubleshooting tools.
c) Be willing to take care of all aspects of quotation, problem description and scheduling outside of the billable hours (most commonly for a 1 hour job)
It's always been an at or below cost offering (before accounting, before risk and before PayPal, currency conversion and all other overheads) for the sake of helping customers. Theres a good chance we won't be offering it in the future at all, it's a program that costs us significant money every year to offer. Complaints over it's cost (like this) and a lack of ability to find quality skilled staff (who could easily be on $120-150k $AUD/year with that skillset) who want to do it for a few hundred dollars a year certainly factor in too.
Additionally, I've done 90%+ of the management jobs for the past few years at a rate far less than I make when consulting (which I do regularly) simply because it's a requested feature. It isnt smart to do something yourself at a rate that others won't do it for you.
Most of our tutorials are:
While it's not something I've extensively polled for, given the views that tutorial has received I don't think spending the days to develop and test such a tutorial would be ecconomical.
If your open to paying the costs to develop the tutorial, then we can talk but by the sound of it that would be a non-starter. Costs we could refund if there was a proven number of signups expressing (say 50) interested in that particular setup.
TL;DR
I think the key statement there is "I cannot route any traffic out via X4B tunnel". I.e PEBACK
I can't answer whether it's possible with OpenVPN (and your particular environment) to do what you want, only that it is technically possible in general. The answering of the former is a management task (research, testing, development).
No shit mate, then at least state that your service is not a tunnel for OpenVPN. At least not two way one.. It's just a front end proxy for the connection IP.
By the same logic, any attacker is able to sniff the gameserver backend IP by listening to local traffic on gameserver port after he is connected.
I'm sorry you missread, missunderstood or over estimated your technical ability in regards to the tutorial. When I have some free time I'll take a look at it and see if it requires any edits.
At a glance however it seems pretty self explanitory (and meets the customer who requested it's logged requirements).
It's funny cause I paid another well known member to setup it according to your guides, and he failed to feed back traffic into the tunnel too.
Try proving us that a customer is able to make a full 2-way tunnel with OpenVPN so that the VPN client is assigned X4B IP for any web browsing/gaming, with your multi-homed service plan, and I will deliver a public apology video where I call myself a retarded and incompetent PMS:ing sandwich.
Because thats how your "OpenVPN Tunnel" is expected to work anyway. At least to a normal client.
Better option if you are so sure, put up an escrow.com $1,000 reward for succesful completion instead. Not only will that cover all costs many times over but I'll take a long weekend on your dime
I'll take the gamble as to OpenVPNs capability (which at the end of the day is what this is). At-least for tun I can't see why it would be too difficult (mostly just witing an appropriate openvpn config)
Unless the traffic is being filtered out at the far end, it should just be a bit of routing setup to get the traffic through the OpenVPN tunnel. I'd be happy to take up the challenge (for a fee, if successful) to set it up on a test system.
Indeed thats my theory for tun mode and some SNAT if he intends to support multiple clients. Although there are a couple pitfalls, complexities and requirement problems I can think of (off hand).
Oh, we tried a lot of possible routing configurations inside the server.
Basically I managed to get it into either one of the situations.
A: The connection works perfectly, except that all clients have backend server IP address rather than 103.77.224.45
B: The connection works, but nothing loads for the end user
This was the provided details.
No matter what SNAT or other rules you use, it kept dropping outbound traffic at X4B end.
Wow! the first soap opera of 2022
Indeed thats my theory for tun mode and some SNAT if he intends to support multiple clients. Although there are a couple pitfalls, complexities and requirement problems I can think of (off hand).
So this is something like:
X4B<>Backend<> VPN users?
I bet you could just setup a PBR and match a fwmark on
ip rule. Then you can just have iptables match the user interface and bounce it.The backend isn't doing any NAT, that's all done upstream.
Francisco
@Francisco I think theres a little bit more to it then that, but not substantially. It really depends on the exact setup.
The possible traps in no particular order:
MTU, MSS, Fragmentation, Contrack configuration, rp_filter, PBR, how traffic directed at OpenVPN vs out of OpenVPN is differentiated (since both sides of OpenVPN are being targeted PBR rules need to be sensible), DNS servers, how SNAT (or masquerade) rules are installed and their compatibility (if using a private network for multiple clients) PBR if not. How all this is spun up (systemd, init.d, or hopefully in the openvpn config - I'm pretty sure theres a pre-up type script). Compatibility with any other usages of iptables or nftables too of course (incl firewalls and/or fail2ban). Network namespaces if also dealing with docker (or any containerization).
Massive grain of salt with this list regarding completeness as this entirely off the top of my head. Generally you start checking what the symptoms / findings of troubleshooting and work from there (not work down a complete list)
Some of that that is in our general checklist anyway for a managed tunnel service and some things that are more specific to managed customer needs / as appropriate.
Anyway he attempted his setup back in September, 2021. I skimmed the ticket when looking him up, it looks well enough handled by me (I even got a thank you). The only mistake I see was when I interpreted "rather, it is the backend IP" (on re-read refering to the IP of his backend server) to be refering to the "backend communication IP" (as it's labeled in the panel). Other than that all looks like correct advice and a correct point to indicate that his later inquiry was best handled under management.
TL;DR None of this troubleshooting is relevant now. He isnt a customer, and hasnt been for quite a while.
And anyway this isnt his thread, and I'm sorry @malitoowned for taking your thread over (and subsequently for your inbox). I hope you found what you were looking for.
they want u paid... for basic configuration of service.
First, we have never threatened any of your staff, we have always been courteous as long as there has been no disrespect. Furthermore, you had the brilliant idea to change the contractual terms after 1 month of service that we already had with you. By law, if the contractual terms are changed, the customer must be notified and then it must decide whether to accept them or not. Also you have completely disabled the DDoS protection on the additional subnets without even seeing that the .1 address of the subnets was inside your network but you are justified by saying "TUNNEL SO WE DON'T PROTECT".
Also, after these replies from a painful hosting, I, the owner of private-hosting.eu, immediately decided to leave this low-quality hosting and rely on someone more serious. My friend receives a 7-8Gbit / S attack (VERY SMALL DDOS) and has been kicked out of the cloudvider infrastructure.