seflow review - stay far away: Scammers and liars

tr1cky

@Maounique said:

You clearly have more firepower than me.

Nyr

SeFlow network is up again after nearly another two hours of downtime. They are clearly taking a big hit today.

rm_

Still can't get to the management panel.

jar

@Nyr said:
SeFlow network is up again after nearly another two hours of downtime. They are clearly taking a big hit today.

Your VM was probably just powered off.

neqste

@matteob

I really do not understand, what are you doing here, and why after all of these problems you still loosing your clients. Why are you not sent emails to your CURRENT customers about problems with provider?

The most weird thing in next:
1. The problem with DDoS attacks affect customers & their services & their business.
2. The problem can happen with ANY small / middle hosting company, and all CEO must start to think about this problem, and what they should to do, if this shit happened to them...
3. There must be a pre-defined plan, against situations like this to all providers.

@matteob

What you should to do right now man (sure, it's your choise)

1. Status page

Create a status page "what is going on" somewhere at protected place (social networks, ddos-protected web-page, or etc)

2. Notify all your affected by DDoS customers against problem

(Amazon SES / mailgun / mandrill).

Please, do not tell to your customers your own opinion what is going on.
Do not tell about police, or other your fails.

Bla bla bla, force-majour, bla bla bla, sorry bla bla bla.
We are working hard to solve this.
The information what is going on, you can read there: status.seflot.it (or facebook page)

3. Go sleep well.

4. When you wake up, prepare your real money, to save your business

, and go to any specialist who can decrease a effect of your business cathastrophe. Do not try to build your own anti-ddos solution. You will get headcache with that, and lose a lot of time.
And finally got nothing. Let's another specialists to get headcache, while you will manage your community.

Hire some professional AntiDDoS protection for business. Call the operator above you, and talk with them about your problem, and what you can to do with them together to solve your problem faster.

5. Stop visit any websites except your main portal, status page.

Turn off all contacts with you for all, except specialists who will help you. Concentrate on your problem, and do not trow your time for nothing.

6. Get it all apologies to all those affected by downtime.

Promise your customers compensation for the inconvenience.

7. Turn on "i don't care mode", and "Publicly apologize to those whom you accused without proof."

8. Do not waste your time & money for searching the reason of the problem... Even if you find him / her, the main problem of current situation -> the reflection in the mirror.

Sorry, my english is very bad... But i hope, you will read it, and do some changes, and make any conclusions, and will save your business.

Issam2204

Some pro advices there neqste. Good!

hawc

@matteob - stop digging and do what @neqste said!

William

lbft said: Legality is not the only thing most people care about, you amoral fuck.

Uh, a German with morals, so typical. Legality is the only thing that matters in the end.

rds100 said: Even if it's approved by the DDoS protection provider, how do you do the testing exactly? Do you buy / rent a "booter"? These are usually botnets of hacked computers.

No, most booters are reflection attacks - While "abusing" a public service (like DNS) i don't see any legal issue with it, considering the service is public.

You can also legally "test" it without even touching a booter or botnet, i.e. if you piss off someone in IRC.

Then there are also the non-questionable booters that check if you really own the server and use their own BW for TCP attacks.

Neoon

For "you piss off someone in IRC", i can recommend effnet, try the channel #troll.

My KS1 had a 6 hours workout.

rm_

(deleted)

deadbeef

So has @tr1cky been raided yet or should I order more popcorn?

tr1cky

@deadbeef said:
So has tr1cky been raided yet or should I order more popcorn?

I'm the raid boss, raiding me isn't easy.

deadbeef

@tr1cky said:

Btw, I don't see seflow on your recommended hosts list on your sig - how come?

Mahfuz_SS_EHL

So, No Raid at @tr1cky 's House, No Proof what @matteob accused of ! So, the incident was something like this: "SeFlow got DDoSed when @tr1cky was facing Packet Loss & other user was also facing the same issue. @matteob behaved arrogantly ! So, now he needs some excuse so he made up a Story." (Though the story was full of adventure, I respect your creativity). It's Popcorn time ! Tell us some more stories / show us some movies on DDoS ! :P

tr1cky

@deadbeef said:

Moderators disable it all the time. I still don't know why.

deadbeef

Plot twist: @tr1cky is an undercover Interpol agent trying to tie @matteob with the Bill Cosby scandal.

jvnadr

Amitz said: once divorced and twice married

Your mistake is this, not the errors in English language... :-P

ehab

@deadbeef said:
Plot twist: tr1cky is an undercover Interpol agent trying to tie matteob with the Bill Cosby scandal.

thats the worst i read from you.

deadbeef

@ehab said:
thats the worst i read from you.

Happy to serve.

jar

@Mahfuz_SS_EHL said:
So, No Raid at tr1cky 's House, No Proof what matteob accused of ! So, the incident was something like this: "SeFlow got DDoSed when tr1cky was facing Packet Loss & other user was also facing the same issue. matteob behaved arrogantly ! So, now he needs some excuse so he made up a Story." (Though the story was full of adventure, I respect your creativity). It's Popcorn time ! Tell us some more stories / show us some movies on DDoS ! :P

I've been trying to avoid jumping to any further conclusions but this is what has been rolling around in my head as well.

1. Was a dick to a customer.
2. Got a DDOS.
3. Reported attack to local police, who did nothing.
4. Made up the rest.

It's the only thing that makes sense to me, and as a long time fan of this place being a strong platform for calling out BS, I can't shake the feeling that the BS detector is working properly.

If he was just like "I'm an ass to customers, it's who I am and what I do" I wouldn't be able to care less. It's his right to be, and the right of everyone here to make purchase decisions based on the knowledge of it.

Mahfuz_SS_EHL

@Jar Ha ha, Jar, yours conclusion also complies with current state. However, in our Country, Maybe Police has never heard the word "DDoS", so I thought the Part of Police good for nothing :P

Mahfuz_SS_EHL

By the way, I don't know why this type of Discussion / Post gets too much hit (i.e. 8K till now). Undoubtedly, people have more time to spend here than helping / doing something better :v

Francisco

@Maounique said:
You can be sure the attack is way higher than 10 Gbit, we have experts here controlling big botnets.

Don't be silly.

A $10 booter can push up to 200gbit these days with a combo of NTP + DNS at the same time. With the XOR-DDOS botnet starting to grow and people duplicating their attack style, those bust well past 150gbit.

I had a customer at one point that wanted to 'test before he bought' and with a spoofing CC box and a list of a couple hundred NTP servers he was able to blast ~80gbit. NTP has a ~500x amplification factor and DNS has ~50x. It's pretty easy to blast pretty damn hard.

Remember, (almost) none of these people, not even the booter operator, is running a botnet. They either lease 'API access' from someone to do their attacks, or they literally buy a couple CC/Ecatel/VolumeDrive boxes and scan/buy lists.

Francisco

tr1cky

Francisco said: CC/Ecatel/VolumeDrive boxes

Those are your favourite booter hosts?

William

They are for the idiots that have no idea about the other hosts that support spoofing and just slap a ready-made booter script on it

Francisco

@tr1cky said:

We get a half dozen or so people per week asking if we allow spoofing on our network and they always list those 3 as 'other hosts that allow it and make good money'. Even when you're under the microscope you're still throwing punches mr. booter.

@William said:
They are for the idiots that have no idea about the other hosts that support spoofing and just slap a ready-made booter script on it

People go to the cheapest place they can find. CC got its bad rep because of nuggets selling his stuff on hackforums with 'spoofing allowed'. As CC rolls out their Juniper MX's they'll have the horsepower to properly stop it instead of just rate limiting.

Francisco

alexvolk

@Jar said:
If he was just like "I'm an ass to customers, it's who I am and what I do" I wouldn't be able to care less. It's his right to be, and the right of everyone here to make purchase decisions based on the knowledge of it.

Yep, when @Incero does same things to customers you're always trying to protect their side but hey you don't have friend from seflow and you can freely accuse them for anything you'd like!

ATHK

@alexvolk said:

Sure, but in this case, if you read the whole thread instead of just that one reply, you'd see that what @Jar has said makes perfect sense...

Nekki

alexvolk said: Yep, when @Incero does same things to customers you're always trying to protect their side

When did Gordon and co tell anyone they were being investigated by Interpol and refuse to refund a customer's credit balance?

gsrdgrdghd

matteob said: matteob@ ... and tomorrow morning i will call contact to know what to do and will inform you privately.

So apparently @matteob didn't contact tr1cky although he said he would?