New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
You have a score of 0 so far, I took November's reports prior to blocking them:
Not one of the corresponds to the traffic you mention. They are all http (80) requests, there is no port 80/443 traffic coming from those servers for the day prior, the day alleged or the day after. In fact the IPs are being used by a customer to run a MongoDB cluster and he has shown us that he has all ports other than SSH firewalled on the public interface.
Seriously, please tell me that was a typo or you were just overtired.
You're running a security company and you make comments like that? That's inexcusable statement.
@bitninja_George the original complaint against the IP in question did not go to the abuse contact. You sent it to @qps and then the one you sent on 12-05-2015 was sent to me. So I think your system is seriously fucked.
He said somewhere they spammail the tech contact.
That's where you're wrong Mark. It's more like an advertising company.
The last incident was at 2015-12-05 14:51:55. We send one report per week, if there was new incidents about an IP. I think we have sent 3 reports to you:
But I am not sure about it, as we have already rotated the mail sending logs.. I changed the rotation frequency so next time I can tell you more precise information about report sendings.
Why do you think we only know apache and wp? BitNinja is compatible with any http server and of course any CMS systems. There are a lot of attack against WP-s that's all.
All of our modules were designed to be compatible with any server technology. Greylisting, log analyzer, DoS detection or the bitninja WAF they are all compatible with any server side technology.
Yes, you can use fail2ban, and it is a clever script. But it has limitations too. In case of distributed scan or scan against more servers fail2ban is useless. Also banning an IP for a specific time and then simply releasing it has a lot of drawbacks.
Fail2ban limitations:
So fail2ban is a good tool, we also used it before bitninja, but it has limitations, and I think is not enough against modern botnets.
You're also using a "botnet" as "honey pots" to spamvertise to DCs and hosting companies, so go home.
If you send the IP I can tell you more.
Correct me if you think I'm wrong, but you can't see in the https datastream, unless you have the cert to decode it. I assume, you do not have it, so all you can see is 0-s an 1-s. But, ok I see your point, there was no traffic on port 80 and 443. So let's find out what happened. Send me the IP!
We will review this part tomorrow but the system picks up the e-mail address at the first time it sends a report, so it should not change it, but our programmers are do improvements on it currently, so maybe that's the reason.
@glent1 has Hukot rectified yet?
https://bitninja.io/team/
I don't see a George on that page.. Who are you really?
LET accounts are cheap nowadays.
Profile photo clearly matches Zsolt Egri unless I'm blind. Maybe George is a nickname or something?
Either way this company is 100% bull shit and a waste of time to talk to.
I didn't see the resemblance, I looked a few times (they all look like stock photos anyway) its kind of early in the morning maybe that's it....
Where was I, oh yea. Down with Bitninja and their false reports that cause innocent people to lose money!
BitNinja is essentially a ransomeware scheme pretending to be a blacklist however that aside, if your choosing to run Windows XP on a VPS (illegal) on a public IP and XP has been end of life for about a year now you have to expect LOTS of issues.
As my original name, Zsolt is a Hungarian name, and no one knows how to pronounce, I have choosen George, as this is the nearest to Zsolt.
You don't pronounce on a forum..
Yeah, but you know, I think people are more convenient with a name they can pronounce and also we are exhibiting regularly. We exhibited on HostingCon Global in San Diego, and we attended the HostingCon Europe too and plan to exhibit next year on WHD. George is easy to remember, and there is even no such sound in english like Zs, the sound my name starts with. But you can call me Zsolt too, if you like it better :-) And what is your name? What ATHK stands for?
My name doesn't matter, I'm not representing a scam company...
Me neither.. Honestly, have you even tried bitninja before judging it?
Man, George when are you going to understand you are not going to win! Just stop and let it be. It has been proven your service is a joke. But you might find some person to buy your service. Hahaha it wont be any REAL hosting company!
No, thank you. I will keep defending our service.
We have users like Arvixe.com and Canadian Web Hosting
http://www.thewhir.com/web-hosting-news/canadian-web-hosting-partners-with-bitninja-for-security and many others. Since we launched more than 100 hosting companies have trusted bitninja to protect their servers.
Just because many use snakeoil, doesn't make it less snakeoil-y.
Thx for telling us who to stay away from
Exactly my thought.
Canadian Webhosting is a joke. They're not even Canadian. It's American hosting billed in CAD.... More snakeoil
Bitninja does not provide any evidence on "attacks" and has caused trouble to my upstream provider. They never reveal ip addresses of their "clients"
We always reveal the ip addresses if we are asked for it by e-mail.
You should send it with your initial email.. A company with over a 1000 VMs isn't going to waste time trawling through each one for your complaint.
In fact, any abuse email should include you know the relevant information..
We will discuss this question with my team, and maybe change the reports to include the IP too if it does not comes with further security risk. Thank you for the idea!
If you're seeing malicious requests you should always send the report to the provider anyway.. I doubt they'll use the IP against you.
Unless it's Jonny Nuggets, that twat would have.