New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
has anyone gone through this
This discussion has been closed.
Comments
you are another stupid that you are getting into they may have a compromised network
for any vulnerability because the panel shows traffic exiting with the server off
apart from the reports that exist without me even being a customer
Right, I'm stupid because i can lock down SSH and monitor my service. You're smart because you're too good to address your compromised machine. We're all dumb here, and we're so happy to be graced by your fine administrative abilities.
Let's just say that if you slow down, you'll find that the time of the outbound attacks logged in the report comments are sometimes earlier than the time of the reports -- so there could be a lag time in reporting for an incident occurring earlier.
server is completely offline how am i going to monitor and block on something off
do you know the word off/down?
and the ghost is inside it turned off doing brute force and sending traffic to the solusvm control panel
I guess you don't understand that "the most recent report was 7 hours ago" does not mean "the attack took place 7 hours ago".
By the way, were you using a weak password?
I think you didn't read or didn't understand that the machine was suspended more than 24 hours ago it was activated for 1 hour and formatted and turned off more than 12 hours ago and before being a client it already had the reports and the server is still offline and reports are coming .... are they using an analog machine to make these reports?
Do you know that the abuse reporting site you just used isn't real-time tracking of your abuse complaints right? IPDB is stating 7 hours ago, and no new ones since. Since you're obviously a 420IQ wizard, you should know what a delay is ... right?
I don't understand how you can be so defensively stupid about your ineptitudes.
I see you are stupid as their team is defending.
trafficking is incompatible with brute force
they only read the last 5 reports out of 249 over 6 months
after 249 reports and they decided to take some action or find someone to blame because the reports came before I had the services active
Bandwidth logging is incompatible with brute force syslog has no ssh output
HD read and write same thing
what capacity does a vps single core 2gb brute force without crashing and push 5.1tb of traffic in 24 hours
Still want what this guy is smoking?
Someones going to need to slap a prop 65 warning on OP.
if it were to use or make attacks I would do it through these other 12 servers
I just wouldn't use a single core vps with 2gb
Since you have reformatted your machine, this is an excellent chance to commence logging on all outbound packets destined for port 22. Those very logs can exonerate you of subsequent attacks attributed to your VPS.
I would also consider performing hourly incremental backup of your work until the attacks are resolved (excellent for rollback during troubleshooting). Since node.js is primarily used on your VPS, you should not rule out that the node.js libraries used are not compromised -- the packet logging will point clearly to the node.js process if indeed the problem.
Best of luck Sherlock!
if it were the node, there would still be output logs in the syslog problem is that it does not have this and it is impossible for a single core vps to push 5tb in 24 hours
Just by the subject of this thread we all knew PEBKAC.
Seriously, why is a useful subject describing the point of the thread so fucking hard? People like this should get their Internet suspended.
mmm tasty drama
lol we checked with our team of lawyers and very interesting the ceo/owner has 52 lawsuits by racknerd this will soon be a bankruptcy estate they won't have money to recoup
He is only right here rest everyone is lying
I think another one who didn't read and took the plane walking
the logs and abuses exist in ipabuse
however there is no log inside the vps server with 2gb of single core ram
push 5tb in 24 hours by brute force on a single core machine with 2gb
I want to know what magic is this for a single core vps to do this miracle
I want this magic so I don't have to pay for multiple servers and balance with a single core working multithreaded miracles
Yup, this is a psyop against OP. I confirmed this by consuming some mescaline and talked to the logging gods. Racknard obviously paid all these other people into reporting the IP so he can stave off bankruptcy for another week.
The world is out against OP by reporting his IP for ssh brute forces. They did nothing wrong. We're all wrong, and we should feel like ourselves - very stupids.
Edit:
And to confirm, I consulted my friend who runs a minecraft server - you need a 69THz 420core CPU with SMT-8 and a 1Pbit port to send SSH bruteforce attacks. There was absolutely no way he could've done this!
112 cores with load avg. 73. What the..
That's a lot of ssh key exchanges..
Either OP got hacked and turned into a node on a botnet or OP is a skid who is abusing ones and zeros.
My bet is the latter.
If OP is hacked, he will be willing to do things like many said here, instead he keep on bashing the host and people here and trying prove verbally that he is not the one who abuses but the network is hacked.
I think I'm the one who looked for the company to deal with the solution, they just ignored it and wanted to abuse it, nothing more, not very concerned about customers their rule I simply do it my way and that's it, you customer, let yourself customer I let them down and let's take this to the law for company abuse it's not for the money or for the server, yes, for the abuse of the company, let's give him work in court
I don't think you can imagine what it would be like to work with a big tech streaming
that's just one of the small servers there are others at peak hours that use 90%
Let me draw your attention to the reasons why service providers are only willing to run a server after it has been reinstalled. This measure is necessary to prevent hackers from gaining access to stolen data and then using it to launch new attacks against systems hosted on the Internet.
let me alert you that the system / vps / machine had no output logs just the ip and network
it is clearly configured that their network allows spoofing or someone has not been compromised it is impossible for a single core vps 2gb to push 5tb of traffic in 1 day running brute force attack it does not run 200 threads ever from a bruteforce
I respectfully refuse to delve into the specifics of this case in detail. Instead, I tried to explain the reasons behind the actions taken by the service provider in certain circumstances.
I have no authority or trust in you to make any accusations against you.
You can't argue with him so don't waste your time on him.
He's bashing everyone who either trying to help him or pointing his mistakes.
I'm just answering... idiots who want to accuse without knowing the case one of them would be you
throughout my career I've seen so many whmcs being hacked from these hosts and for many years hackers roamed inside enabling servers to create vps install rootkits in node
they hacked WHMCS, and decided your VM was the lucky number out of a /24 to send bruteforce attacks.
Whos the crazy one here?