New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Any reason NOT to drop packets from psychz.net?
10 failed login attempts to account root (system) -- Large number of attempts from this IP: 199.83.91.99 Reverse DNS: unassigned.psychz.net
10 failed login attempts to account root (system) -- Large number of attempts from this IP: 74.117.58.96 Reverse DNS: unassigned.psychz.net
10 failed login attempts to account root (system) -- Large number of attempts from this IP: 216.24.201.7 Reverse DNS: unassigned.psychz.net
10 failed login attempts to account test1 (system) -- Large number of attempts from this IP: 199.71.214.141 Reverse DNS: unassigned.psychz.net
Some cursory searching on WHT demonstrates that they're part of the WHT Good Ol' Boys Club, AND they don't respond to abuse complaints.
They're not an ISP, and we don't allow sales to individuals using obvious VPN's, so I can't think we'd lose any business from dropping traffic from all of their IP blocks.
Anyone think of a situation where this would be untrue?
Thanked by 1[Deleted User]
Comments
They're photonvps and yardvps. Drmike had wars with them on LEB
Actual wars with good reason, or drmike-is-a-little-punchy-about-everything wars?
It looked pretty justified. Lookup yardvps on the front page and check the 2nd offers comments.
Mike had it out with them every time they got listed.
yeah photon + yard are like the buyvm of wht
(in terms of their position in teh community)
no offense meant
@drmike was a cool guy and didn't afraid of anything.
drop 'em then
More info:
http://s2.imghst.info/psychz.jpg
@DotVPS @DanielM : You guys are my heroes. Thanks!
you can block CIDR's with iptables just fine
Francisco
I'll be adding them to the ACL on our router. I was dropping them in iptables on each system, one by one, but now that I see they have several blocks ranging from /20 to /22, then I'll need to do whole blocks.
aah
Besides, using blackholes is the better idea since it doesn't cause any CPU usage handling it.
Francisco
ip route add blackhole 192.168.1.0/24
"ATAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACK GUYS!!!"
http://en.wikipedia.org/wiki/Null_route
Yep but you could blackhole on your nodes by hand
ip route add blackhole subnet
Francisco
Just FYI or as a future reference:
Profuse Solutions = Gazzin Networks = Psychz Networks = YardVPS = PhotonVPS = Chimehost
There are tons of replica sites on their network too.
If there's abuse coming from our network, please contact [email protected]
@eLohkCalb We manage multiple brands each with their own niche.
Which brand doesn't respond to abuse complaints?
I was their customer about 2 years ago when they offered free web-hosting, and it's stupidly funny how even to this date they keep sending me unpaid invoice notices.
AND yes I have emailed them to fix this on a few occasions!
Most i amagine. For rogue and criminal networks this is comon.
@Kairus We resolve all our abuse complaints, if there isn't one resolved please message me the ticket number and I'll see what's the delay on it.
I've had a handful of incidents originating from your network over the past couple of years, every one reported to abuse@. Never received a response from any, and the most recent (maybe 4-5 months ago) continued go to on for several weeks after being reported.
Yeah, that's actually why I posted this. Between this WHT post: http://www.webhostingtalk.com/showthread.php?t=1095650 and the lack of response from abuse@, I've pretty much decided that we don't need to be open to the traffic anymore.
@PhotonVPS: You seem to like to pull the "do you have a valid open ticket" line. How are we supposed to get ticket numbers? Emailing abuse@ results in.. nothing happening:
And your website doesn't have information on abuse complaints.
@Damian What email address are you sending them to?
@Damian Did you even read this ticket?
http://www.webhostingtalk.com/showthread.php?t=1095650
Without a DMCA, there's nothing our support desk can do. You try suspending a server without a proper DMCA and let us know what your client says.
@PhotonVPS - My reports sent to [email protected] were malicious network activity (two incoming synfloods, a scanner/bruter, and someone trying to compromise our WHMCS) went totally unanswered, and none of them were DMCA-related.
And no, I don't have a ticket reference for you, as these were emails sent in months ago. We may likely continue to send abuse reports to you as a courtesy for future offenses; but like @Damian we will primarily be simply placing blackholes for traffic from your networks.
Just my .02 from lurking
http://www.webhostingtalk.com/showpost.php?p=7778054&postcount=7
They don't have a fundamental understanding of DMCA.
DMCA is pretty much all Civil complaints form one person to another IE "my sites picures have been ripped", where the provider first acts as a proxy and depending on many factors could take action.
Abuse complaints are entirely different and could perhaps even be a completely different department than DMCA/TD depending on the size of the organization.
Further its even more irresponsible to be so ignorant to non DMCA abuse since it effects your network as well.
So you're saying that if you receive an abuse complaint that someone is DoSing a server from your network, you won't do anything because it's not a DMCA?
It seems.. dumb