New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Yes, let's claim everyone visiting or stumbling upon your servers are botnet activists.
Then yes, send the ip owners/leasers emails in the hope they jump on our services. If they convert at 0.1-0.5% per spam mail sent, that's a really good income for mass mailing "evil botnet activist" IP owners!
Such business!
Also, what the heck is this?
https://bitninja.io/2015/10/26/abdullkarem-attack/
No, seriously, who wrote this? You're protecting people from "digital terrorists" now? Snake oil scam confirmed..
No mention of UDP, do you disregard this typw of traffic then?
I never said I was having an issue..
You get tons of people complaining about your false reports, its a happy outcome because you probably just stop sending emails to them. Win win.
Honestly, I think there's some sort of language barrier, or you're just plain stupid I'm going for the latter here.
8.8.8.8
You can still spoof TCP traffic, just not all the way
We do not include UDP data currently in our reports.
I mean an IP with 'fake report' as you call..
You guys are talking about a bug in our system, but nobody sent us an IP to check. I guess you are just angry with us b/c your server have been terminated regarding a report we sent and you could not trace it...
Hi
I wrote this article, and yes the point of the abdullkarem attack is to make sysadmins to blindly filter this world and this way rendering any content about it invisible for visitors and search engines. If you have a better explanation about it please feel free to share.
I have checked 8.8.8.8
We had a bug last year that generated false positive incidents about 8.8.8.8 when there was a lot of dns requests. We really sent reports about it to 1 email address. The bug have been fixed long ago and no report have been sent since 2015-03-06. Are you the tech contact for that IP?
>
That's a good one!
You are aware that 8.8.8.8 is one of the Google's public DNS servers? So it will obviously get like a lot (REALLY REALLY A LOT LOT LOT) DNS requests because a lot of people use it at home and in their servers to resolves domains quicker than their ISP DNS or other DNS servers and whatever else (a lot of countries have DNS censorship and many use Google's public DNS to bypass it).
You's funny, really funny to think someone here would be contact for that IP address. This is just LET and not Google.
Of course I know 8.8.8.8 and 8.8.4.4 are google.dns IPs. And as I wrote there was a bug, but have been fixed long ago.
I don t know you as you never introduced yourself and I am completely new here, so yeah, why can't you be someone from google? Sometimes we contact bing, microsoft, yahoo and they have a good communication all the time, and resolve the issue fast.
Anyway, we send incident reports to the tech contact of the IP so if you are not the tech contact, you probably haven t received a report from us regarding this IP.
Still waiting for an IP regarding a false positive report any of you received from us!
8.4.4.> @Hidden_Refuge said:
TL;DR Bitninja is a scam company that gets random IPs and sends fake reports to hosting providers as a con trick to get them to purchase "security services" from a company that constantly has bugs with their "successful" system and fails to correctly identify spoofed IPs and UDP based attacks, where a majority of attacks base from. The CEO can't type English if his life depended on it, and just reflects how much of a head clown he is for his circus of a service.
When I saw their site name for the first time I thought its a bitcoin related site.
Could some one just hack them? Would be fun to watch
that abdullkarem post has got to be the most retarded post a "security" company has ever made
Seriously, what a pathetic company. Trying to make it seem like they matter. Well you don't.
I just got a report on one of my ips this morning. The server that has the IP assigned has been offline for 2 days...
you nasty person
Can you provide them the IP? I wanna see what excuse they will say now.
I was thinking bitninja might be legit, but after reading that article...
*drops incoming e-mail from bitninja.io *
@four20 I PMed it to him.
This was so funny to watch:
Wtf, it took bitninja ~10s to block a single attacking IP. Very efficient
Good that I don't have such a system in place.
Yet you won't protect against any L4 attack in your current state, are they not common?
And what the hell is this?
https://bitninja.io/2015/10/26/abdullkarem-attack/
Learn to type you moron, are you 13 or something..
Look, you don't seem to be getting it, this has nothing to do with me. I've never had anything to do with your scam operation. I've never had a fake report from your scam company.
Please learn to read.
@bitninja_george You have not truly help yourself in this thread. It proves your company should not be providing this service to your customers. You are basically ripping them off. I told you in a prior thread that your reports are bogus. But you seemed to lack the technical knowledge to understand my answer. I will repeat it one more time for you. The ip's the abuse complaints came from we not even being announced (BGP). I will not provide the ip's because nothing relevant will happen, due to the fact that the ip are not BEING ANNOUNCED!!! So in turn I just shitcan your abuse complaints again to /dev/null. Plus just a little more information I handle all the abuse complaints for the company I work for. So I know if the compliant is joke or is for real. Your are a JOKE!
Bitninja had their pie not even eaten yet.
Why don't you expose the IP of your clients instead ?
Why should we expose ourselves or receive fake abuse without the IP of your customers?
I sent him an IP that they sent me an abuse complaint on... Not a thing.
"HOW TO PROTECT AGAINST BLACK HAT HACKERS
Grab this Free eBook and Boost your Server Protection"
Ebooks.. Hm, lol, which 14 year old from Hackforums runs this clown show?
Typical day at BitNinja:
Oh man, we have an abuse report for 127.0.0.1... * sends email to IANA *
Can anyone show me how their reports look like? Feel free to black out domains, IPs and names.
So far all I've been told is it was a port scan attempt from October but the report was dated December 5th
Here's what he inboxed me verbatim
Thank you for the IP. I am still not home yet, so I will reply more deeply later, but what I can tell you now is requestst like the ones below were captured from that IP earlyer and that is why we greylisted the IP originally. I saw some other requests too they didn t seem to be dangerous, but this ones are definitely scan attempts.
Can I publish my findings about this case on the forum, or shall I rather send it only to you in private?
Is there anything else I need to know about this IP? Were there any change in the ownership recently?
George
2015-10-30 11:24:26 | Url: [be###ub.hu/demo/GHH]
2015-10-30 11:24:26 | Url: [be###ub.hu/wp-admin/]
2015-10-30 11:24:26 | Url: [be###ub.hu/wp-includes/]
2015-10-30 11:24:26 | Url: [be###ub.hu/wp-content/plugins/] 2015-10-30 11:24:26 | Url: [be###ub.hu/wp-content/uploads/] 2015-10-30 11:24:26 | Url: [be###ub.hu/wp-content/themes/]
2015-10-30 11:24:26 | Url: [be###ub.hu/wp-content/] 2015-10-30 11:24:26 | Url: [be###ub.hu/images/] 2015-10-30 11:24:26 | Url: [be###ub.hu/blog/]
2015-10-30 11:24:26 | Url: [be###ub.hu/cache/]
2015-1
What kind of requests are they? Simple get requests lol?
A speed test from their blog "GET"s /wp-includes/ files.
http://tools.pingdom.com/fpt/#!/b45EnA/https://bitninja.io/2015/10/29/bitninja-waf-beta/