Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Shells Virtual Desktop
BMail.ag - Secure Email Service
Server.net
CPLicense.net
VPS Server
Buy VPN
Vultr
VMs for AI
HostDare
HostDare
ReliableSite White-Label Dedicated Hosting for Resellers
25% Recurring Discount on NVMe VPS
InterServer VPS
BMail.ag - Secure Email Service
Best VPN
High-Performance Bare Metal Server Solutions
Karvl.com
Server Mania Cloud Hosting
DataWagon Hosting
AlphaVPS Hosting
Evoxt.com
Clouvider
VPS Hosting with NVMe
Residential IPs in the US & 4G Mobile Proxies in EU & US with Unlimited Bandwidth
ReliableSite White-Label Dedicated Hosting for Resellers
Rabisu - Hosting Solutions
Shells Virtual Desktop
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

A deeper look into DataPasa: BGP Routing, Russian linked upstreams, and a Paraguayan individual

13»

Comments

  • AS203446AS203446 Member, Patron Provider

    @darkmaster said: @uk_netshield Nice attempt to hide behind the IXP Route Server excuse and look how you conveniently listed Rostelecom, MegaFon, and Vimpelcom while completely dodging DDoS-Guard (AS49612). Even if these sessions are established via public route servers, any competent network operator knows you can use standard BGP communities to filter out or reject announcements from high risk networks. You choose to actively participate in bidirectional route exchange with Aeza and DDoS-Guard. Trying to lump your entire peering profile together as just innocent consumer ISPs is pure gaslighting.

    I think it would make more sense to first verify the information and statements you post here before making false claims and accusations. What you wrote above is simply not true, and I don't know what "Filtering out announcements from high risk networks" means.

    That would mean rejecting access to Rostelecom, MegaFon, Vimpelcom as a Carrier/IP-Transit provider, which should provide access to ALL ISPs because carriers are considered neutral third parties?

    Since when is Rostelecom a high risk network? It's mainly a residential ISP.

    I'm not going to comment on the other points since I did not verify those but please, do more research before posting. According to your statement above, everybody that peers with either Aeza or Russian ISPs either via IX RS or PNI is shady and your expectation would be that everyone just rejects peering with those ISPs.

    Thanked by 3Alyx jsg fatchan
  • dpwddpwd Member

    @darkmaster said: Also, claiming that DePowered "simply decided not to change the comments in the AS object in RIPE" following a corporate acquisition is pure amateur hour. In professional network operations, maintaining accurate, cryptographic WHOIS/RIPE records is mandatory for basic BGP route filtering and anti spoofing validation.
    Leaving old corporate shells in the RIPE object isn't "forgetfulness", it is standard operating procedure when you want to keep the true owner of the routing assets as muddy as possible.

    So called old corporate shell was sold and become DePowered Limited's property. Why we should change it in a first place? You're right at the point of routing and anti-spoofing requirements, but that's false that the change was mandatory as "Rifty", "PureServers" and "M-Telecom" with their websites and infrastructure in Germany become the property. Servperso, InterLIR and Netshield are fine about working with us with updated credentials but old namings. In my opinion they won't work with non-compliant companies.

  • @darkmaster said: You choose to actively participate in bidirectional route exchange with Aeza and DDoS-Guard.

    show me at least one prefix where we are upstream for aeza?

  • Thanked by 2tentor forest
  • AlyxAlyx Member, Host Rep
    edited July 4

    @darkmaster said: [...] LIR to maintain their cryptographic network resources in the RIPE region.

    I have the feeling you don't understand what a sponsoring-org even does.

    @darkmaster said: The Private Tunnel (Hop 8): At Hop 8, we see a private IP address (10.101.17.3) accompanied by a sudden latency jump of ~6ms. This proves a private GRE/WireGuard backbone tunnel.

    None of this proves there is a tunnel.
    I see more and more private IP address space being used for transfer networks between providers and internally.
    On the other hand, nothing prevents you from using public IP address space for a tunnel either.

    The 6 ms latency jump also only proves distance, not the existence of a tunnel.

    The provider itself said in a different thread that they're using Netshield for remote DDoS protection, so yes, it is a tunnel. But the way you're trying to prove it is technically just BS.

    I'm not even sure why you're trying to prove this in the first place, considering they already stated it publicly before your post.

    @darkmaster said: Your active BGP records show direct, bidirectional peering sessions with both Aeza Group LLC (AS216246) and Aéza International Limited (AS210644).

    Others have already addressed this, but peering between networks is nothing unusual.

    ISPs are meant to provide communication between each other from a neutral position. The world is in a bad state, but communication itself, fortunately, isn't something that's being sanctioned yet.

    You'll find plenty of Western providers peering with Russian networks, including sanctioned entities.

    I'm not really sure what you're suggesting here. Should all Western ISPs just decide on their own to cut Russia off from the internet and the telephone network?

    @darkmaster said: Also, claiming that DePowered "simply decided not to change the comments in the AS object in RIPE" following a corporate acquisition is pure amateur hour. In professional network operations, maintaining accurate, cryptographic WHOIS/RIPE records is mandatory for basic BGP route filtering and anti spoofing validation. Leaving old corporate shells in the RIPE object isn't "forgetfulness", it is standard operating procedure when you want to keep the true owner of the routing assets as muddy as possible.

    Comments in the RIPE database have nothing to do with cryptography at all. They are also not required for routing or BGP filtering.

    As the name suggests, they're just comments and nothing more.

    I see it all the time: these records often aren't updated for years or even decades, especially after one company acquires another.

    For example, the German ISP Vodafone acquired Arcor AG over 15 years ago, and Arcor AG has not existed since 2011. Yet you'll still find plenty of Arcor references throughout Vodafone's IP resources.

    For example, 82.82.0.0/20 hasn't been updated since 2003 and still lists the old Arcor AG name and headquarters address, even though neither exists anymore.

    That building is an LG office now, lol.


    I'm not trying to defend datapasa here.
    I don't know them and I honestly don't really care about yet another tunneled Hetzner provider.

    But if you make accusations, ensure they are not based on made up slop.

  • forestforest Member

    So let me get this straight. The drama is that @datapasa is Russian and that his setup is reminiscent of bulletproof hosts. That's all? Guilt by association and nothing else?

    On a unrelated note, @datapasa do you allow Tor relays on your network? What about Tor exit relays? I see that your AUP says that public proxies require written permission.

  • datapasadatapasa Member, Patron Provider
    edited July 5

    @forest said:
    So let me get this straight. The drama is that @datapasa is Russian and that his setup is reminiscent of bulletproof hosts. That's all? Guilt by association and nothing else?

    On a unrelated note, @datapasa do you allow Tor relays on your network? What about Tor exit relays? I see that your AUP says that public proxies require written permission.

    Unfortunately, we are not a Tor-friendly hosting provider, so we have nothing to offer you.

    As for standard VPNs and proxies, they are permitted provided you either pay for a dedicated bandwidth or adhere to fair use policies, starting with the VPS-3 plan.

  • rpqurpqu Member
    edited July 5

    @forest said:
    So let me get this straight. The drama is that @datapasa is Russian and that his setup is reminiscent of bulletproof hosts. That's all? Guilt by association and nothing else?

    Yes. And I think this is going to be written on @rustelekom diary
    🤣🤣🤣🤣🤣🤣
    Just kidding

  • JasonMJasonM Member

    @Levi said: If person is avoiding sanctions, then it is a matter of time when institutions will hunt down person/Ltd and close it. OP I guess tried to warn community about this and be vigilant.

    yeah.. something like PQ Hosting/the.hosting such things can happen. all operations shutdown.

  • rustelekomrustelekom Member, Patron Provider

    @rpqu said:

    @forest said:
    So let me get this straight. The drama is that @datapasa is Russian and that his setup is reminiscent of bulletproof hosts. That's all? Guilt by association and nothing else?

    Yes. And I think this is going to be written on @rustelekom diary
    🤣🤣🤣🤣🤣🤣
    Just kidding

    This is how standard Western propaganda works: anything related to Russia or the Russians is presented in a negative light, and as much information as possible is spread about it. X.com, Facebook, and Twitch are all filled with stories about how bad Russia and the Russians are.

    I don't think it's worth refuting, as no one believes Western propaganda anymore. And if someone still does, it's their personal IQ issue, nothing more.

    The web is now full of stories published by investigators. In most cases, they are anonymous, but the main thing is the information they spread. They claim once again that Russia and the Russians are so bad that no one wants to work with them. No fact, no evidence only speculations all the time.

    In fact, you don't need to be an investigator; you just need to read what your Western governments are openly stating. For example, the United Kingdom. The British have openly stated that they launched a cyberwar against Russia two or three years ago.

    PS. I know only one well-known investigator who has been working on such cases for a long time: https://krebsonsecurity.com/

  • AlyxAlyx Member, Host Rep

    Great, now they summoned the crazy people again 🙄

    Thanked by 2tentor Nekopara
  • edited July 5

    @Alyx said:
    Great, now they summoned the crazy people again 🙄

    I wouldn't put it that way but it's been kinda overdue for this thread, wasn't it? Someone just had to not only put fire to the fuse but also bring their own fuse to put fire to. It's kinda hard to blame people when this shit gets provoked again and again and again because lololololol.

    Thanked by 2Alyx tentor
  • rpqurpqu Member

    @totally_not_banned said:

    @Alyx said:
    Great, now they summoned the crazy people again 🙄

    because lololololol.

    Thanked by 1Murv
  • fatchanfatchan Member, Host Rep
    edited July 5

    I often browse bgp.tools and see all the interesting networks and companies. I find it fascinating.
    But I wonder how people like OP even operates in daily life if they shit themselves and make a massive writeup over a random innocent hosting company with owners from another country.
    Do they realise that there are countless companies like this, and there is no problem with it whatsoever?

    Thanked by 2datapasa dpwd
  • datapasadatapasa Member, Patron Provider
    edited July 5

    Anyway, to wrap up this debate, I want to say that DataPasa has absolutely no ties to sanctioned organizations.

    However, when you buy a server from DataPasa, you’re effectively investing in my purchase of Coca-Cola and pizza.

  • rpqurpqu Member

    @datapasa said:
    However, when you buy a server from DataPasa, you’re effectively investing in my purchase of Coca-Cola and pizza.

    Would love a blog with mukbang/cooking content

    Thanked by 1datapasa
  • @datapasa said:
    Anyway, to wrap up this debate, I want to say that DataPasa has absolutely no ties to sanctioned organizations.

    However, when you buy a server from DataPasa, you’re effectively investing in my purchase of Coca-Cola and pizza.

    I was afraid there were ties to Pepsi, that would have been shocking

    Thanked by 1Alyx
  • AlyxAlyx Member, Host Rep

    @datapasa said: [...] you’re effectively investing in my purchase of Coca-Cola and pizza.

    Wait, so OP was right after all?
    Money send to you will end up in evil, tax-evading, (should be) sanctioned companies 🤣

    Thanked by 1datapasa
  • datapasadatapasa Member, Patron Provider

    @Mainfrezzer said:

    @datapasa said:
    Anyway, to wrap up this debate, I want to say that DataPasa has absolutely no ties to sanctioned organizations.

    However, when you buy a server from DataPasa, you’re effectively investing in my purchase of Coca-Cola and pizza.

    I was afraid there were ties to Pepsi, that would have been shocking

    Coca Cola only B)

    Thanked by 1Alyx
  • stefemanstefeman Member

    Based on this thread, this host could be very suitable for malware hosting :p

  • datapasadatapasa Member, Patron Provider

    @stefeman said:
    Based on this thread, this host could be very suitable for malware hosting :p

    we're not allowing to host malware

  • forestforest Member

    @datapasa said:

    @forest said:
    So let me get this straight. The drama is that @datapasa is Russian and that his setup is reminiscent of bulletproof hosts. That's all? Guilt by association and nothing else?

    On a unrelated note, @datapasa do you allow Tor relays on your network? What about Tor exit relays? I see that your AUP says that public proxies require written permission.

    Unfortunately, we are not a Tor-friendly hosting provider, so we have nothing to offer you.

    As for standard VPNs and proxies, they are permitted provided you either pay for a dedicated bandwidth or adhere to fair use policies, starting with the VPS-3 plan.

    What about non-exit Tor relays, which don't attract abuse complaints and act more like private/internal VPNs?

Sign In or Register to comment.