# Spoofable Network ColoCrossing Now Official HackForums Member



## drmike (Feb 8, 2015)

Around here we know of the ColoCrossing spoofable network and the interest such attracts from HackF*rums.
 
In a similar spoof, someone on HF has created or renamed an account to promote ColoCrossing:
 
 







This should get interesting as a takedown isn't going to happen with HF.


----------



## drmike (Feb 8, 2015)




----------



## drmike (Feb 8, 2015)




----------



## Francisco (Feb 8, 2015)

Gotta feel bad for Jon on this one.

Then again, if he'd place proper ACL's on his edge he'd not be earning an Ecatel reputation.

Francisco


----------



## RTGHM (Feb 8, 2015)

I want to find the person who did that, and high-five them.


----------



## drmike (Feb 8, 2015)

This a community resource of sorts over there... Recommending SPOOF friendly abuse tolerant networks...


----------



## drmike (Feb 8, 2015)

Hudson Valley Reseller abusing first month discount to sell spoofable dedicated servers.  Scanning allowed too...


----------



## RTGHM (Feb 8, 2015)

@drmike I'm still shocked to see ecatel isn't on that list, typically they are. I know they cracked down on it, now you have to buy streaming servers to spoof with them.


----------



## drmike (Feb 8, 2015)

RTGHM said:


> @drmike I'm still shocked to see ecatel isn't on that list, typically they are. I know they cracked down on it, now you have to buy streaming servers to spoof with them.


Someone there has an abbreviated list at best.  Ecatel is long documented as troubled network and widely.


----------



## RTGHM (Feb 8, 2015)

drmike said:


> Someone there has an abbreviated list at best.  Ecatel is long documented as troubled network and widely.


They're turning around for the good Ecatel, I actually really enjoy them now. I have two /29's with them, all clean, never used for spam/dos/etc, only used for storing files, and for a little development, testing, etc. They're good at the price point.


----------



## drmike (Feb 8, 2015)

RTGHM said:


> They're turning around for the good Ecatel, I actually really enjoy them now. I have two /29's with them, all clean, never used for spam/dos/etc, only used for storing files, and for a little development, testing, etc. They're good at the price point.


I wonder why Ecatel is having a change of face?


----------



## RTGHM (Feb 8, 2015)

drmike said:


> I wonder why Ecatel is having a change of face?


_legal issues_

However, you know I hate to call out some names but CrownCloud, their german datacenter they use, the dedicated servers can be spoofed (Accelerated IT Services GmbH), if you get free time, scan the subnets, the amount of "booters" you will find that use them as API servers to ddos, host their sites, etc. will amaze you. They power 90% of Hackforums booters. The funnest part is when they use API keys like api123booter and you just boot their booter offline for 999999 seconds since they don't know how to properly secure their shit.


----------



## drmike (Feb 8, 2015)

RTGHM said:


> _legal issues_


Can you point me to some official Ecatel legal matters?  I entirely missed such.   Glad to see them appearing to run right.  Sad it take legal heat to make folks do the right thing.  Very sad.


----------



## RTGHM (Feb 8, 2015)

drmike said:


> Can you point me to some official Ecatel legal matters?  I entirely missed such.   Glad to see them appearing to run right.  Sad it take legal heat to make folks do the right thing.  Very sad.


Don't have any specific links, but iirc they were going on about a lawsuit or something, they also wanted to clean up their network space, etc.


----------



## SpeedBus (Feb 9, 2015)

RTGHM said:


> _legal issues_
> 
> However, you know I hate to call out some names but CrownCloud, their german datacenter they use, the dedicated servers can be spoofed (Accelerated IT Services GmbH), if you get free time, scan the subnets, the amount of "booters" you will find that use them as API servers to ddos, host their sites, etc. will amaze you. They power 90% of Hackforums booters. The funnest part is when they use API keys like api123booter and you just boot their booter offline for 999999 seconds since they don't know how to properly secure their shit.


If you have an IP list that you'd like to share via PM, please send it in and if any are our clients we'll have them shutoff. Apart from this, when ever we get an abuse report we take them down right away be at any of our locations.


----------



## DomainBop (Feb 9, 2015)

drmike said:


> Can you point me to some official Ecatel legal matters?  I entirely missed such.   Glad to see them appearing to run right.  Sad it take legal heat to make folks do the right thing.  Very sad.


thread I started on LET November 2013: http://lowendtalk.com/discussion/16414/ecatel-gets-their-ass-handed-to-them-in-court

copy of the court documents .pdf, (in Dutch) for the court case referenced in that thread:

That is just one of several legal cases and police actions taken against Ecatel in recent years. 

Lizard Squad used servers at Ecatel (and a few other scummy hosts) to DDoS Playstation Network and XBox live in December.



> Gotta feel bad for Jon on this one.


Sorry, no sympathies for someone who derives a good chunk of his income from hosting criminals and whose network is used to launch criminal attacks on other businesses.  I'd love to see the US ISP immunity laws (USC 230) changed so that scumbag companies like CC who have a long history of hosting criminals can be held liable for damages and their executives jailed.


----------



## RTGHM (Feb 9, 2015)

SpeedBus said:


> If you have an IP list that you'd like to share via PM, please send it in and if any are our clients we'll have them shutoff. Apart from this, when ever we get an abuse report we take them down right away be at any of our locations.


iirc there are a few on your network, and some at the dc directly. I'll do a bit of scanning when I am back from vacation and let you know.


----------



## SpeedBus (Feb 9, 2015)

RTGHM said:


> iirc there are a few on your network, and some at the dc directly. I'll do a bit of scanning when I am back from vacation and let you know.


Yep, please do drop the list in. Also just adding in, we share a few /24's with other clients who are direct from the DC as well since we don't have our own RIPE IP allocations.


----------



## RTGHM (Feb 9, 2015)

SpeedBus said:


> Yep, please do drop the list in. Also just adding in, we share a few /24's with other clients who are direct from the DC as well since we don't have our own RIPE IP allocations.


Whats your email? I don't want to publicly post the list here.


----------



## William (Feb 10, 2015)

Ecatel will never stop, the money flow to Belarus is too large for the owner to really do anything against their server usage. Spoofing traffic (even for DDoS) is also not really illegal in NL, Ecatel has far worse customers.


----------



## drmike (Feb 10, 2015)

Good to see you @William !  Hope things are well.


----------



## SpeedBus (Feb 10, 2015)

RTGHM said:


> Whats your email? I don't want to publicly post the list here.


PM'd 

Thanks!


----------

