• Reliable VPS hosting needed
    102 replies, posted
[QUOTE=VisBits;22362089]Really because you still have every port in the world open.. Nmap scan report for fanaticalvps.com (69.162.122.30) Host is up (0.059s latency). rDNS record for 69.162.122.30: 30-122-162-69.reverse.lstn.net Not shown: 977 filtered ports PORT STATE SERVICE 20/tcp closed ftp-data 21/tcp open ftp 22/tcp open ssh 25/tcp open smtp 26/tcp open rsftp 53/tcp open domain 80/tcp open http 110/tcp open pop3 143/tcp open imap 443/tcp open https 465/tcp open smtps 587/tcp closed submission 873/tcp closed rsync 993/tcp open imaps 995/tcp open pop3s 2525/tcp closed unknown 49160/tcp closed unknown 49161/tcp closed unknown 49163/tcp closed unknown 49165/tcp closed unknown 49167/tcp closed unknown 49175/tcp closed unknown 49176/tcp closed unknown That's not secure and it even looks like you're box is open to hammering. You need to address these issues because you get exploited.[/QUOTE] I don't think you quite understand what you're pasting here. You sound like that script kiddy who ended up wiping his C:\ drive because he was told his antagonist's IP was 127.0.0.1. Let me state this clearly: [b]NONE OF THOSE FUCKING PORTS ARE GOING TO LET YOU GET ONTO THE SERVER![/b] Ports like 21, 22, 25, 80 and 443 have to be open! They provide a fucking service for the server that will be accessed REMOTELY. :downsbravo:
[QUOTE=Zayfox;22363059]I don't think you quite understand what you're pasting here. You sound like that script kiddy who ended up wiping his C:\ drive because he was told his antagonist's IP was 127.0.0.1. Let me state this clearly: [b]NONE OF THOSE FUCKING PORTS ARE GOING TO LET YOU GET ONTO THE SERVER![/b] Ports like 21, 22, 25, 80 and 443 have to be open! They provide a fucking service for the server that will be accessed REMOTELY. :downsbravo:[/QUOTE] What I find really disturbing about this post is that you got three agree ratings... VisBits is saying (albeit while being an asshole) that he has no firewall in place to control how users access the ports. For example (from what I understand, didn't look into it myself) I could try and bruteforce the ssh and it wouldn't complain, whereas on my server even if you find the ssh port, it refuses connections unless you have a private key (this would be unrealistic for a VPS host but still). [editline]08:38AM[/editline] [QUOTE=Zayfox;22363059] [b]NONE OF THOSE FUCKING PORTS ARE GOING TO LET YOU GET ONTO THE SERVER![/b] [/QUOTE] You don't really seem to know what you're talking about, you seem to have understood that VisBits was saying that if you connect to those ports you magically get some kind of access to server. That's not what he was saying and if you didn't understand that you really must have no idea what you're talking about. Don't mean to dis Nick, though. He's a great guy and his service seems nice. Also: [QUOTE=Zayfox;22363059]that script kiddy who ended up wiping his C:\ drive[/QUOTE] That's not how it works. Example: VisBits' server detected that I was scanning it and it stopped responding. That doesn't necessarily mean it's secure though.
[QUOTE=sseug;22364420]What I find really disturbing about this post is that you got three agree ratings... VisBits is saying (albeit while being an asshole) that he has no firewall in place to control how users access the ports. For example (from what I understand, didn't look into it myself) I could try and bruteforce the ssh and it wouldn't complain, whereas on my server even if you find the ssh port, it refuses connections unless you have a private key (this would be unrealistic for a VPS host but still).[/QUOTE] That's not unrealistic, that's just impossible for a VPS host. An SSH server has to respond to any requests, as does an HTTP server, as does an FTP server, et cetera. None of those will be easy to exploit though.
[QUOTE=sseug;22364420]What I find really disturbing about this post is that you got three agree ratings... VisBits is saying (albeit while being an asshole) that he has no firewall in place to control how users access the ports. For example (from what I understand, didn't look into it myself) I could try and bruteforce the ssh and it wouldn't complain, whereas on my server even if you find the ssh port, it refuses connections unless you have a private key (this would be unrealistic for a VPS host but still). [/QUOTE] Four agree ratings. I'm pretty sure that after a certain number of tries (on my server, three or four) it'll simply block you in the iptables. No dice. [b]Edit:[/b] In fact, do you know what you're talking about either? 80: HTTP. Needs to be open for web traffic. 21: FTP. Needs to be open for file transfer. 22: SSH. Needs to be open for remote access. 25: SMTP. Needs to be open for sending mails. 110: POP. Needs to be open for receiving mails. 143: IMAP. Needs to be open for receiving mails in a different way. 443: HTTPS. Needs to be open for secure HTTP, like billing. Get the picture? [QUOTE=sseug;22364420] You don't really seem to know what you're talking about, you seem to have understood that VisBits was saying that if you connect to those ports you magically get some kind of access to server. That's not what he was saying and if you didn't understand that you really must have no idea what you're talking about. [/QUOTE] That's what I understood it as. Him flaunting his e-cock around going "UR SERVER ISNT SECUR!" gave me the impression he thought he had a magic key because he can run nmap. [QUOTE=sseug;22364420] Don't mean to dis Nick, though. He's a great guy and his service seems nice. Also: That's not how it works. Example: VisBits' server detected that I was scanning it and it stopped responding. That doesn't necessarily mean it's secure though.[/QUOTE] Yes, it is. He had this little hacktool that he ran and ended up basically rm / -rf Window style. I don't know the Windows command for it though. [editline]08:16PM[/editline] [QUOTE=arienh4;22364751]That's not unrealistic, that's just impossible for a VPS host. An SSH server has to respond to any requests, as does an HTTP server, as does an FTP server, et cetera. None of those will be easy to exploit though.[/QUOTE] This.
[QUOTE=Zayfox;22365329] [b]Edit:[/b] In fact, do you know what you're talking about either? 80: HTTP. Needs to be open for web traffic. 21: FTP. Needs to be open for file transfer. 22: SSH. Needs to be open for remote access. 25: SMTP. Needs to be open for sending mails. 110: POP. Needs to be open for receiving mails. 143: IMAP. Needs to be open for receiving mails in a different way. 443: HTTPS. Needs to be open for secure HTTP, like billing. Get the picture? [/quote] I do. And no shit, I never said that those ports don't need to be opened. [QUOTE=Zayfox;22365329] Yes, it is. He had this little hacktool that he ran and ended up basically rm / -rf Window style. I don't know the Windows command for it though. [/QUOTE] No, you have absolutely no idea what you're talking about, and let me tell you why. The "hacker" had something like a flood/DDoS tool, where you would put your IP in, because obviously that's what he asked the guy for. The guy said his IP was 127.0.0.1 and the "hacker" probably DoS'd his own network interface. The "rm -rf / Windows style" (your syntax for it was wrong btw) is impossible for two reasons: 1. it was supposed to take place over a network/the internet, because that's why it took an IP. you can't magically delete files on other people's computers thus it would be useless. 2. Windows doesn't let you do that. Even if you run stuff as Local Service you just don't have enough permissions to wipe your C drive, not even to delete most of the essential files in the Windows folder (well you can delete stuff like hal.dll and it won't boot up anymore but that has nothing to do with "rm -rf / Windows style" and certainly nothing to do with DDoSing). [QUOTE=Zayfox;22365329] This.[/QUOTE] I know. Anyway, fuck this argument, I have shit to do, and you're too lame as a person (outside of FP) to be worth bothering with (trust me, I know).
[QUOTE=sseug;22365552]No, you have absolutely no idea what you're talking about, and let me tell you why. The "hacker" had something like a flood/DDoS tool, where you would put your IP in, because obviously that's what he asked the guy for. The guy said his IP was 127.0.0.1 and the "hacker" probably DoS'd his own network interface. The "rm -rf / Windows style" (your syntax for it was wrong btw) is impossible for two reasons: 1. it was supposed to take place over a network/the internet, because that's why it took an IP. you can't magically delete files on other people's computers thus it would be useless. 2. Windows doesn't let you do that. Even if you run stuff as Local Service you just don't have enough permissions to wipe your C drive, not even to delete most of the essential files in the Windows folder (well you can delete stuff like hal.dll and it won't boot up anymore but that has nothing to do with "rm -rf / Windows style" and certainly nothing to do with DDoSing). [/QUOTE] Actually no, the hacker thought he was deleting his antagonist's files, that's why I brought it up, due to the sheer ridiculousness of it. And no, my syntax isn't wrong: [IMG]http://anyhub.net/file/youlosegooddaysir.png[/IMG]
[QUOTE=sseug;22365552]I do.[/QUOTE] Come on [QUOTE=sseug;22365552]"rm -rf / Windows style" and certainly nothing to do with DDoSing.[/QUOTE] When did he say that?
The fact of the matter is, CSF is enabled, and brute forcing SSH won't work, since it'll block you. [editline]08:15AM[/editline] I can't see any proof in VisBits post that there is 'no firewall'.
This is going off-topic, quit it.
if anyone goes with fanatical could you please use my link [url]https://client.fanaticalvps.com/aff.php?aff=007[/url]
Dang it. Figured out the vsftpd thing. I had the server installed but not the ftp protocol.
Sorry, you need to Log In to post a reply to this thread.