New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Well, on the other hand, when people search buyvm, they might come here too.
Correction for me: Paying customer who runs production service on BuyVM. I'm a fan of people who do good work, I'm not of people who don't. No apologies there.
I know one accusation which can be easily refuted by anyone who knows me and my past issues with aldryic and buyvm.
And, while francisco does not look like saying everything straight from the start, you look much-much worse, and failure to answer questions about your own criminal past is really not looking good. Stop replying and you might get a chance at sinking, otherwise, no dice.
Now you are tagging people with the word "criminal". Make sure they are really a criminal otherwise you might get into a lot of trouble...
budget 500usd can get cnservers 40gb antiddos
i need tcp protected, disable udp and icmp & L7
OK:
http://www.csoonline.com/article/2120091/data-protection/microsoft--washington-ag-sue-alleged-spyware-company.html
http://www.pcworld.com/article/124508/article.html
http://connection.ebscohost.com/c/articles/22694814/spyware-man-convicted
Convicted criminal for taking 75% on referral sales, details above. Should I continue?
The State of Washington spells it out well, including the domain and use of netmsg: http://www.atg.wa.gov/news/news-releases/mckenna-announces-oregon-man-pay-under-washington-spyware-law
The owner and principal Zhijian Chen is a convicted criminal. Is that enough?
@CNSjack sure, you settled. You're still a worthless.
So where is word "criminal" ? Smartass
And they will still buy with confidence.. Its only you who is posting pics of wet pants all over... LET/Fran has seen bigger battles.. Anyway thanks for the honest review of CNServers. Much Appreciated.
@CNSjack What is absolutely hilarious to me is the utter stupidity of you and your company. You took what was a passive comment on past dealing with your company and turned it into a situation where anyone viewing this would likely never do business with you. I know I sure wouldn't, regardless of your policy on how you block or don't block specific clients.
Why wouldn't I do business with you? Well it's simple, you have no respect for your customers privacy or your customers in general as you have no issue with coming here and pasting private tickets in a public forum without permission of the other party and you failed to blur any personal information in them. Technically, if they really cared, you could be sued for this as it is a breach of their privacy, yet you obviously are not smart enough to realize this. Past that, who wants to do business with someone who comes on a forum and acts and talks like you are here, let me give you a hint, NO ONE. You have actually damaged not only CNServers reputation here, but made you self look like a total fool.
@CNSjack Please, continue, it is awesome watching you make an ass out of your self!
P.S. The only thing this thread has made me want to do is purchase services from BuyVM as it seems they are the only honest people in this thread.
Cheers!
So I'm not allowed to defend Cnservers when buyvm/frantech caught lying and badmouth their previous provider? Sure you fan boys are trying to steer away from the original topic. Good job guys.
I'm actually a competitor!
Your dropping of clamhost's name and IP = cause for me dropping that gem I've been holding on to.
Continue to lose face, you bring great shame to entire PRC.
OK, now comes the personal attacks. Whatever, this can keep going.
I'm not bad mouthing, someone asked me why we left and I provided it. We haven't been your customer in well over a year and this is the first time we've made mention past 'we werent happy with things'.
I have tickets where you claim you can't share the name of certain CN gameservers our users might be running 'for privacy reasons', yet here you are dumping some poor guys details public.
Please, read over #452689, a ticket where you told us the IP would NOT be un-nullrouted until the client was removed because the flood hit 1M pps SYN (more or less what our limit was you claim, besides the point) because they ran a chinese gameserver.
There's others where you picked on the CN gameservers and claimed 'they got the same attack'. Well no shit sherlock, they likely all used the same booters, etc. NTP floods were just cresting & DNS AMP floods. Of course it'll be the same attacking IP's and the likes when it's the same type of attack.
Francisco
ICMP is blocked automatically if you put your IP in 'always protect' mode. You can see a full break down on how our filtering with Voxility operates at http://wiki.buyvm.net/doku.php/ddos
You can control the filtering options in stallion w/o our help: http://imgur.com/a/QdMiH
Francisco
I'm not gonna argue the size of the attack although you got it wrong but the point is this - is this the first attack you experienced towards your chinese private game server customers? or we had discussed and experienced many times before this ticket on how risky these customers are and made clear that we need to protect out network and other customers?
If this is the first attack you got towards your chinese private game server customers, then we shouldn't ask you to remove the customer, I agree on that, but if this is a repeated issue, I don't think there were anything we did wrong.
Chinese people should know how risky these private game servers/sites are, they are called SF私服 or SF publish sites 私服发布站 in China.
So all we did was to protect our network and other customers.
We can tell from attack type and source etc, we picked on the other SF sites because they were getting big SYN attacks. You made it like we went through all your IPs and sites and then picked on them, who would do something like that, we certainly didn't have the time to do that.
We don't have anything against Chinese customers. It was just your Chinese SF private game server attracting lots attacks and affecting our network and other customers. It's that simple. You got it all wrong all the time.
Take a look at ticket #493131
We even told you that when you question us "So what you're telling me here is, because our client is Chinese you refuse to host them? That even though other clients also get attacked, you won't unblock these IPs just because our client happens to be Chinese?
"
Our replied:
"I'm going to say this one last time, It's not because they are chinese, it's because of the content and the attack they receive. "
If you need screenshot I can certainly provide, but I'm sure you can still access your tickets.
No, the first such ticket was literally within the first 6 hours of our subnets being announced in your location and you claiming a '10gbit SYN flood'. I pulled the subnet off instantly to awknet to get a sample of WTF was going on and sure enough...nothing at all. I'm not like one of your uninformed customers that doesn't know how to use tcpdump or know how to spot spoofed floods, etc. Prior to you we did all of our own TCP filtering.
Again, it isn't even about if you 'did wrong'. It was a problem and you had beef with those users and instead of simply putting them on autonull at our limit points like anyone else would do (and does), your option was to blacklist our client.
But you did though, because you went finding all the domains pointed towards these IP's.
208257, shows you digging up random domains for a private server forum supposedly
493131, claims a 10gbit SYN flood, no logs provided other than 'CHINESE!!'
568792, you allowed one of our clients (your customer as well) to make ACL changes to IP's under our control
I don't doubt you got plenty of happy customers & are constantly sold out - Keep it up. We weren't one of them, though, and we had our issues as we discussed.
In the end, we showed our issues, you confirmed them more or less, and made a total ass of yourself.
GG.
Francisco
That is my problem with you, blocking on content type, even if you are right and the content is that, IT IS NOT YOUR JOB TO EVEN LOOK AT THE CONTENT!
Your job is to look at the flood size and say, hey, the IP was nulled because of this and that, see our ToS/AUP or the negotiated terms.
If BuyVM chooses to host risky content and expose themselves to nulled IPs, their business, you just apply the contract and null when necessary, automatically and provide them access to check the nullrouted table to see their IPs with automated recorded floods in there. That and nothing more.
Expecting to have customers which are not at risk of being DDoSed but still paying you to provide a mitigation service makes me wonder what are you on.
And it happens.
While Aldryic's tough on account details, we've also dealt with the feds on both sides of the border when doing data requests and if they don't have court orders, they aren't getting it.
Whenever a user tickets in requesting help we always ask for permission to enter their container, even though we could just as easily 'vzctl enter $CTID' and work on whatever we need.
We don't go out of our way to pull in 'risky customers'. Isn't that the very definition of needing DDOS protection? I mean, I highly doubt some guys blog about his corgi/cat is going to cop a multi gbit/Mpps flood, but the guy running a teamspeak you better believe is going to get their teeth knocked out.
Francisco
If they didn't affect our network and other customers then we have no problem putting them on autonull, but it wasn't the case. Take a look at #292931 as well. They are causing lots issues back then, 20G, 30G, 40G SYN attacks. These size maybe not much nowadays but they were huge back in 2013.
208257 We told you "209.141.38.106 received same type of attack around the same time", where did you come to a conclusion that we did up random domains? That's crazy
493131 "You always have logs http://xxx you just don't look at them, never." We told you where to look at the logs, and that IP did actually get attacked.
568792 Yes we did a favor to your customer, for whatever reason he had to contact us to make this change instead of you. I agreed that's the only one time we did wrong, but not the other times.
The issue you had is not telling the truth. And you still are. You don't have anything to backup your claims.
Generally yes, but if they have been contracted to filter Layer7 attacks they HAVE to look at the content.
We do look at their content by doing a reverse IP lookup to find their domain since different content required different kind of filter, and they are getting big attacks. We don't go randomly digging out domains. Why you purposely remove the second part of what I said "and the attack". If it was UDP attack we would have probably filtered for them, but sadly it was SYN, and it was huge that cause issues. I don't think any provider would let someone on their network that constantly causing network issues.
Then your approach is flawed. You need to design a system where automation works in such a way that your other customers and network are not affected by any kind of flood, where null kicks in timely, you have a serious capacity to absorb short shocks, etc. You may need to increase prices, but that is the way of doing it correctly, anything else is shoddy and will fall over itself more often than not.
My claims are 100% backed. Why in the world are you sinking your blackholes at your own doorstep instead of announcing them upstream if they were causing you problems locally? It's just really dumb.
You started randomly picking on other clients too who weren't even chinese or have anything to do with chinese gameservers (one was an IRC network leaf) yet you went and nullrouted a half dozen IP's in a single ticket, claiming it was all the same guy, etc.
They weren't, nor do you have to. At the time their L7 filtering required OPT-IN via ticket and it was done inline w/ automatic proxying of port 80. Voxility does something similar as far as I can tell and requires no interaction from Voxility. They simply provided us a list of all the ranges their proxy platform will contact the webservers from so we can add client-ip checks from the FORWARDING_FOR headers.
Francisco
@CNSjack
You're really doing great, soiling your name and company to new levels. Keep going.
OMG, OK, now it is clear, this guy does not know what he is doing.
I agreed, but no mitigation provider is perfect. Even Prolexic is having a hard time fighting some of the attacks for us.
We told Buyvm/Frantech that we have to ask them to remove those high risk clients, which happened to be most of them are Chinese hosting SF/private game server, if they don't do that we have to terminate their(buyvm) service. I don't think there is anything wrong with what we did.
I don't know why you reach that conclusion.
We always announce blackholes upstream if the attacks are big, but that doesn't mean these attacks didn't cause issues before they were detected and BGP announcement takes in affect. That's why we said in ticket #493131 since you were not the one doing that mitigation, you don't know what the problem these attacks are causing.
We don't randomly picking on others, if they got nulled, then they were getting big attacks.