# "Hack Forums" Hosts



## ComputerTrophy (Oct 31, 2013)

What is your stance on hosts born out of Hack Forums, mainly in the VPS hosting field?

Do you instantly think, "nah", or do you think "I'll give them a try since the ones that have been up for more than one year are better quality than I think"?

It's a controversial topic. HF hosts tend to not last three months but those who do thrive, yet they have to endure negative opinions from other communities.


----------



## Francisco (Oct 31, 2013)

It's a tough comment.

The fact of the matter is that the majority of hackforums hosts that get to LEB die within the first year. There's only 1 host i'm aware of that was born out of there and is still around to this day.

I'll leave his name out of it since he has worked hard to get away from it all.

Francisco


----------



## drmike (Oct 31, 2013)

Me, I think we should BAN hosts that mix it up on HackForums.  

HF is basically a bunch of criminals and juvenile delinquents.  Sure there is legitimate activity and DIY know-how, but far too much criminality.

Would I buy a house surrounded by a crack house, meth lab and place where they fight dogs to death? No, they make shitty neighbors and impact the community.  They diminish service quality and viability.  Get put on special lists (in physical world militarized police presence, SWAT, etc.).  In virtual world, block lists and risk assessment raised.

Some hosts get mentioned on HF by "customers".  Those hosts I have no issue with it.  Those that run ads though.  Tssk tsk... Do you rent IPs for mass spamming, not enforce DMCA's, allow hostile users?   I mean you must do something or support it since HF is all about the abuse and ToS violations.


----------



## wlanboy (Oct 31, 2013)

I can't remember anything good that has the origin in hack forums.

You can't stop people from recommending hosts but you can look at how hosts respond to that.

I like the analogy of drmike. Hosts should care about the neighborhood they are creating.

The red line is:


if they advertise
if they want such customers


----------



## Richard Leik (Oct 31, 2013)

drmike said:


> Me, I think we should BAN hosts that mix it up on HackForums.
> 
> HF is basically a bunch of criminals and juvenile delinquents.  Sure there is legitimate activity and DIY know-how, but far too much criminality.
> 
> ...


This is a good analogy. You have to call into question the ethics of any host that comes out of that forum. From what I've seen the site seems to be a crockpot of illegal activity.


----------



## ComputerTrophy (Oct 31, 2013)

*Full Disclosure* (almost forgot) - InvokeVM, my VPS hosting company, is mainly advertised on Hack Forums. We do get somebody trying to run dos.pl every month or so, but they're suspended (very) quickly. Otherwise, no abuse. The good thing is that we make it _very _clear that we're onshore. In the four months InvokeVM has been up, we've only seen one outgoing DoS (quickly suspended), of which the person apologised (unexpectedly). MaxMind also works efficiently, making sure all clients use legitimate information.



Francisco said:


> It's a tough comment.
> 
> The fact of the matter is that the majority of hackforums hosts that get to LEB die within the first year. There's only 1 host i'm aware of that was born out of there and is still around to this day.
> 
> ...


I believe you're referring to VMBox.Co. Even so, the owner DDoSed me a year back 'to surpress the competition'.



drmike said:


> Me, I think we should BAN hosts that mix it up on HackForums.
> 
> HF is basically a bunch of criminals and juvenile delinquents.  Sure there is legitimate activity and DIY know-how, but far too much criminality.
> 
> ...


Good analogy. Have you considered the whitehats and casual browsers who don't seem to go there for the hacking? 



wlanboy said:


> I can't remember anything good that has the origin in hack forums.
> 
> You can't stop people from recommending hosts but you can look at how hosts respond to that.
> 
> ...


Much truth in that. 



Richard Leik said:


> This is a good analogy. You have to call into question the ethics of any host that comes out of that forum. From what I've seen the site seems to be a crockpot of illegal activity.


Mhm. It's a good source of legitimate clients, but we have to monitor closely for abuse.


----------



## MartinD (Oct 31, 2013)

You cannot deny the fact that the majority of people from HF are not 'legitimate'. Unfortunately, shit sticks... so if you have any association with it you're going to be working had to get rid of that smell.


----------



## RiotSecurity (Oct 31, 2013)

InvokeVM-Kelvin said:


> What is your stance on hosts born out of Hack Forums, mainly in the VPS hosting field?
> 
> Do you instantly think, "nah", or do you think "I'll give them a try since the ones that have been up for more than one year are better quality than I think"?
> 
> It's a controversial topic. HF hosts tend to not last three months but those who do thrive, yet they have to endure negative opinions from other communities.


As long as they don't have shady business practices (like most) then I don't care.


----------



## WelltodoInformalCattle (Oct 31, 2013)

As a customer, I wouldn't even consider them. I'm fairly picky so I'm not sure if others do the same thing. I don't only care about stability and the price but also who the host used to be in bed with.

Are there any HF success stories?


----------



## RiotSecurity (Oct 31, 2013)

WelltodoInformalCattle said:


> As a customer, I wouldn't even consider them. I'm fairly picky so I'm not sure if others do the same thing. I don't only care about stability and the price but also who the host used to be in bed with.
> 
> Are there any HF success stories?


Why be that guy whom would just dislike due to marketing places, it's just like saying "I'll never use your company because *you advertise on lowendbox *which is affiliated with *colocrossing*"


----------



## texteditor (Oct 31, 2013)

RiotSecurity said:


> Why be that guy whom would just dislike due to marketing places, it's just like saying "I'll never use your company because *you advertise on lowendbox *which is affiliated with *colocrossing*"


I do this


----------



## tchen (Oct 31, 2013)

There's also the issue of trust. If I'm going to place proprietary code somewhere, I'd like to be able to trust the host to take VM/container security seriously. And while you might be the whitest white hat in the bunch, guilt by association is a bad mark to shake. As an active member, there's also the high chance you might hire another member from there to do support - adding to the worry.


That's not to say I wouldn't buy from a HF host, but I'd likely use it as a honeypot or some lowsec remote monitoring station.


----------



## ComputerTrophy (Oct 31, 2013)

tchen said:


> There's also the issue of trust. If I'm going to place proprietary code somewhere, I'd like to be able to trust the host to take VM/container security seriously. And while you might be the whitest white hat in the bunch, guilt by association is a bad mark to shake. As an active member, there's also the high chance you might hire another member from there to do support - adding to the worry.
> 
> 
> That's not to say I wouldn't buy from a HF host, but I'd likely use it as a honeypot or some lowsec monitoring station.


Tip: Request a trial and place a honeypot there. You'll see 'vzctl' as the admin's process on OpenVZ. 

If you're smart, never hire people from anywhere except from reputable industry focused communities. You also need to make sure you have their ID on hand. God knows what random people wanting money can do.


----------



## Magiobiwan (Oct 31, 2013)

If the HOST advertises themselves on HF, or is active there and up to no good, then I wouldn't consider them. If random HF users recommend them, I don't care too much, unless there are a LOT of people who recommend them for things like spam, Torrents, etc. Just because one person who isn't staff mentions them there won't make me choose not to use them.


----------



## RiotSecurity (Oct 31, 2013)

Magiobiwan said:


> If the HOST advertises themselves on HF, or is active there and up to no good, then I wouldn't consider them. If random HF users recommend them, I don't care too much, unless there are a LOT of people who recommend them for things like spam, Torrents, etc. Just because one person who isn't staff mentions them there won't make me choose not to use them.


What's wrong with advertising on HF? Personally I see it's a big community, with a dedicated section to it and even though its name is hackforums, typically you won't find tons of abusers ordering, etc.

This is what bugs me, you thin just because of the content and name that all companies on hf, etc. are bad.


----------



## drmike (Oct 31, 2013)

RiotSecurity said:


> This is what bugs me, you thin just because of the content and name that all companies on hf, etc. are bad.


Come on now, let's be honest.  Hack forums.   Pretty clear what the focus and interest is.  It's isn't the Computer DIY network... or something less malicious --- it's hacking.

White hats, sure there are some over there.  But even most white hats are running afoul of laws and subjecting you to government, raids, etc. by association.  Every white hat I've ever know has plenty of non-white behavior, they just do their public reputation and covering it up better.

FYI: I support whistleblowers, tinkers and even hacking per se.   But the hacking in limited doses and in permission granted style environments.

HF is really what it is.  It's a pit of [email protected] behavior.   People are selling stolen goods in open air market.   Does that happen in reality? To less severe degree. Stolen PayPal account vs. DVD copy.

Yeah, I support the hacker culture and always have so don't think I am some blowhard.


----------



## ComputerTrophy (Nov 1, 2013)

drmike said:


> Come on now, let's be honest.  Hack forums.   Pretty clear what the focus and interest is.  It's isn't the Computer DIY network... or something less malicious --- it's hacking.
> 
> White hats, sure there are some over there.  But even most white hats are running afoul of laws and subjecting you to government, raids, etc. by association.  Every white hat I've ever know has plenty of non-white behavior, they just do their public reputation and covering it up better.
> 
> ...


Just to clear up common misconceptions about HF, here's Hack Forums in a nutshell: 5% people who are actually proficient at hacking; 50% people adults who don't go there for 'HACK' forums but go there 'for the lulz', just to hang out due to their forum addiction; 25% kids who are immature and obsessed with 'SWAT'ing' , 'DDoS' and 'doxing'; 30% people who use the marketplace.

Needless to say, we'd very much like that 25% gone, but we can't do anything.

Omniscient has actually cracked down on carding and fraud; totally banned it and those associated with it. He hosts Hack Forums in the United States as well, showing his intent to prevent stuff which should stay in deep-web sites.

But yes, there is a high level of immaturity on HF, and most of the active members there who sell 'legitimate' hosting have a bad history.


----------



## RiotSecurity (Nov 1, 2013)

drmike said:


> Come on now, let's be honest.  Hack forums.   Pretty clear what the focus and interest is.  It's isn't the Computer DIY network... or something less malicious --- it's hacking.
> 
> White hats, sure there are some over there.  But even most white hats are running afoul of laws and subjecting you to government, raids, etc. by association.  Every white hat I've ever know has plenty of non-white behavior, they just do their public reputation and covering it up better.
> 
> ...


If you actually have browsed hackforums, you will see that its 99% non-hacking, it's more a marketplace and gaming due to the fact HF is hosted onshore, so the owner Omni (Jesse) censors almost-everything hacking related "unethical" hacking.

Therefore the only thing that goes on there is ethical.


----------



## mikho (Nov 1, 2013)

I once signed up on HF to see what it was all about, after I clicked the confirmation link I was IP-banned.


So I have no experience regarding that forum.


----------



## Kakashi (Nov 1, 2013)

You can't be serious about the well being of your company if you advertise/promote on sites like that. Red Flag all the way.


----------



## Dedispec (Nov 2, 2013)

I personally always have avoided interacting with these kinds of hosts. This is dangerous territory if you're running a clean business, it's always good to avoid bad PR 

I will say though, the handful that make it past a year or two in business surprise me...


----------



## scv (Nov 3, 2013)

I'm not even sure what to think about this thread - it should be a no brainer. If you're going to advertise on HF, you're pretty much saying "We don't care where the users come from" and throwing up a red flag for anybody who even remotely takes the security of their server into account.


----------



## LiamCyrus (Nov 3, 2013)

I mentioned how I myself was a HF host in the VPSBoard the IRC last week and a witchhunt ensued. A lot of people are ready to lynch HF host owners (with reason), though it clouds their judgement on the several legitimate hosts that advertise on HF.

Overall I'd rate offering hosting on HF as a positive experience. When I first joined, I offered free hosting from an OVH box for a couple months. This way I could learn how to manage cPanel and WHMCS and properly administrate a server. I learned how to diligently monitor resources and users (as OP said, there are many a dos.pl when you advertise on HF), which is a skill I may not have had otherwise. I also learned the proper ways to deal with DDoS attacks, because as you could imagine HF hosts are constantly berated with DDoS attacks from their competitors. The 12 year olds who opened eight tickets for me to set up a wordpress blog for their Minecraft server were great ways for me to get into the industry and work on my customer support skills It was a great learning experience, and I don't have any regrets.

I understand that it can hurts my credibility, but I think that at the end of the day if you offer a great and legitimate product you will attract a following regardless of where you advertise.


----------



## ComputerTrophy (Nov 3, 2013)

It is bad PR if you think about it. What about those who _initially_ used HF actively for whitehat purposes, yet do not use it other than to advertise (keeping in mind they also advertise everywhere else like WHT)? Would that still be bad for the company? Even if it's been up for a year (looking at you, Vmbox.co)?


----------



## devonblzx (Nov 3, 2013)

I can't say I have ever advertised at HF, but I will say I see a little bit of where Kelvin is coming from.   The term hacker has been misused quite a bit by the average person that people automatically assume hacking means black hat.  I can't say I know too much about the activity of HF, but within most IT departments you will find people that refer themselves as hackers and refer to criminals as crackers.  It is important to understand that there is legitimate hacking and hack doesn't really mean what people have come to coin it as.


----------



## jarland (Nov 3, 2013)

HF isn't just a community. It exists purely for abuse and, to be as kind as I can be, questionably legal activity. It's not a call of duty forum where you have a mix of skids and cool people. It's HACK forums. The word HACK isn't just a cute dictionary word, it defines the site just like it was intended to.


People grow up and they can admit their mistakes going forward, but if you stand by marketing there I stand by calling you a skid host and you can do with that what you want.


If you were a knife dealer who wanted to get started by approaching and actively seeking to grow your business with street gangs, why would you expect me to call you legit? Sure the example is more extreme, but is the logic not equivalent?


----------



## jarland (Nov 3, 2013)

devonblzx said:


> I can't say I have ever advertised at HF, but I will say I see a little bit of where Kelvin is coming from. The term hacker has been misused quite a bit by the average person that people automatically assume hacking means black hat. I can't say I know too much about the activity of HF, but within most IT departments you will find people that refer themselves as hackers and refer to criminals as crackers. It is important to understand that there is legitimate hacking and hack doesn't really mean what people have come to coin it as.


I've spent some time there. It's about two things:


1. Black hat


2. Piracy


That's HF in a nutshell.


----------



## jarland (Nov 3, 2013)

InvokeVM-Kelvin said:


> It is bad PR if you think about it. What about those who _initially_ used HF actively for whitehat purposes, yet do not use it other than to advertise (keeping in mind they also advertise everywhere else like WHT)? Would that still be bad for the company? Even if it's been up for a year (looking at you, Vmbox.co)?


Why would you go to HF for white hat and end up thinking, after observing the dominant culture, think there was any reason to advertise there other than to make a buck at any cost?


LiamCyrus said:


> I mentioned how I myself was a HF host in the VPSBoard the IRC last week and a witchhunt ensued. A lot of people are ready to lynch HF host owners (with reason), though it clouds their judgement on the several legitimate hosts that advertise on HF.
> 
> 
> Overall I'd rate offering hosting on HF as a positive experience. When I first joined, I offered free hosting from an OVH box for a couple months. This way I could learn how to manage cPanel and WHMCS and properly administrate a server. I learned how to diligently monitor resources and users (as OP said, there are many a dos.pl when you advertise on HF), which is a skill I may not have had otherwise. I also learned the proper ways to deal with DDoS attacks, because as you could imagine HF hosts are constantly berated with DDoS attacks from their competitors. The 12 year olds who opened eight tickets for me to set up a wordpress blog for their Minecraft server were great ways for me to get into the industry and work on my customer support skills It was a great learning experience, and I don't have any regrets.
> ...


I literally got every bit of that experience without HF. In a relatively short time frame too. I mean you can learn self defense by punching a guy but that doesn't mean it's the best way to get started.


RiotSecurity said:


> Therefore the only thing that goes on there is ethical.


You and I both know that statements holds 0 weight. I've browsed the site plenty of times. It isn't hard to get into without registering. It's mostly about piracy and booters.


----------



## MannDude (Nov 3, 2013)

For the longest time I could never visit the site, as it'd just prompt me with some white page and an error message from any VPN I used. I've got no interest in participating there, mind you, and don't wish to connect via my home IP. The entire site seems like a honey pot to me anyway.

Though within the past two or three weeks I was able to connect and register to follow up on a lead that a person of interest in the industry that works for a company we all know and love has been there looking for booters, hacked RDP accounts, etc. He's since changed his name several times but I still lurk his activity. Damn kids.

I'm sure there are some good folks there, but it does seem to attract a certain 'type' of individual. Even if they're there just for the 'lulz', it's safe to assume that these are the same folks who may test things out that they're not certain what exactly it does and compromise your or someone elses server.

Not going to call names out, but think in recent history of people we all know who used SlowLoris to flood another site ("testing it"), someone else who used a published exploit to "test" on other providers who caused a lot of headache for another reputable provider that participates here, etc. Curiosity is a great thing, but not when it has a negative impact on services provided to other paying customers or to other companies or individuals.

There are also certain providers and datacenters I won't use, for similar but unrelated reasons. I don't like being in a bad neighborhood of clients. Some providers could care less what their clients do so long as they continue to get that monthly $3 or whatever. I don't want to share a node or IP range with some of those folks.


----------



## ComputerTrophy (Nov 3, 2013)

MannDude said:


> For the longest time I could never visit the site, as it'd just prompt me with some white page and an error message from any VPN I used. I've got no interest in participating there, mind you, and don't wish to connect via my home IP. The entire site seems like a honey pot to me anyway.
> 
> Though within the past two or three weeks I was able to connect and register to follow up on a lead that a person of interest in the industry that works for a company we all know and love has been there looking for booters, hacked RDP accounts, etc. He's since changed his name several times but I still lurk his activity. Damn kids.
> 
> ...


What if those clients are running Minecraft servers? Judge by the person's background, or who they are?


----------



## MannDude (Nov 3, 2013)

InvokeVM-Kelvin said:


> What if those clients are running Minecraft servers? Judge by the person's background, or who they are?


That's fine. I'm just saying if I wanted to attract Minecraft clients, I'd be active on Minecraft related forums or gameserver forums.

I understand where you're coming from, and I'm sure there are some great folks who just get rounded up and judged because of others.


----------



## VMBox (Nov 4, 2013)

InvokeVM-Kelvin said:


> It is bad PR if you think about it. What about those who _initially_ used HF actively for whitehat purposes, yet do not use it other than to advertise (keeping in mind they also advertise everywhere else like WHT)? Would that still be bad for the company? Even if it's been up for a year (looking at you, Vmbox.co)?


Oh hi 14 year old Kelvin.

Thanks for bringing my name up here and spreading lies without proof. Much appreciated.


I have some fun screenshots of you asking for help with your http botnets, RAT's, DDoS tools and offering your website hacking services out publicly on HF, if you would like me to post them? I also remember I used to host you and you was suspended for malware and hosting porn sites with underage looking girls, remember? Just before you sold you clients and shut down your old host was it?


I urge you to stay away from me and don't post about my business again.


----------



## scv (Nov 4, 2013)




----------



## Magiobiwan (Nov 4, 2013)




----------



## bfj (Nov 4, 2013)




----------



## MartinD (Nov 4, 2013)




----------



## MannDude (Nov 4, 2013)




----------



## drmike (Nov 4, 2013)

Do we really have a 14 year old company owner?   (shakes head).

I won't revisit my take on HackForums, but yeppers... and we are supposed to trust hosts advertising there with our data.

opcorn:


----------



## switsys (Nov 4, 2013)

VMBox said:


> Oh hi 14 year old Kelvin.
> 
> 
> Thanks for bringing my name up here and spreading lies without proof. Much appreciated.
> ...


Did he really do all those things ?


----------



## HFMaster (Nov 4, 2013)

VMBox said:


> Oh hi 14 year old Kelvin.
> 
> 
> Thanks for bringing my name up here and spreading lies without proof. Much appreciated.
> ...


Here is the kicker, @VMBox is also known as NozHost. Maybe we need to remind him of how he was caught DDoS other hosts.


----------



## MartinD (Nov 4, 2013)

And thread locked.

That's enough of that.


----------



## MannDude (Nov 4, 2013)

MartinD said:


> And thread locked.
> 
> That's enough of that.


Sorry, I want to keep this going a bit. I'll be around to make sure things stay civil.


----------



## VMBox (Nov 4, 2013)

HFMaster said:


> Here is the kicker, @VMBox is also known as NozHost. Maybe we need to remind him of how he was caught DDoS other hosts.


Actually a casual employee, who was immediately let go, did this. I apologised and offered to pay bw costs.


----------



## HFMaster (Nov 4, 2013)

VMBox said:


> Actually a casual employee, who was immediately let go, did this. I apologised and offered to pay bw costs.


Ha nice try! You and the person I wont name are butt buddies, you can lie all you want. But you DDoS the other hosts. I will gladly play this game with you!


----------



## VMBox (Nov 4, 2013)

No idea of what your definition of 'butt buddies' is but I can assure you I'm not in any homosexual relationship at present, if that's what you're insinuating.


I'm not here to play games. The thread is already long enough at LET. No need for round two here.


----------



## HFMaster (Nov 4, 2013)

VMBox said:


> No idea of what your definition of 'butt buddies' is but I can assure you I'm not in any homosexual relationship at present, if that's what you're insinuating.
> 
> 
> I'm not here to play games. The thread is already long enough at LET. No need for round two here.


Pardon me while I type up a big reply, but incase anybody is wondering, it is in reference to this post:

http://lowendtalk.com/discussion/1448/attention-jack-dotvps-steven-nozhost-dosing-off-our-servers-similar-relationship/p1


----------



## VMBox (Nov 4, 2013)

I'm don't care for your long reply. I'm not entertaining this thread any more.


----------



## drmike (Nov 4, 2013)

Damn did HackForums crash vpsBoard  ?


----------



## HFMaster (Nov 4, 2013)

@InvokeVM-Kelvin, you are digging yourself in this huge whole:

I have found some interesting data on InvokeVM

http://www.hackforums.net/showthread.php?pid=5914599

On 08-19-2010 on that thread he claimed he was 11, so that would put him around 14 currently.



Here is InvokeVM showing off how he hacked a website:

http://www.hackforums.net/showthread.php?tid=651527

Another website he hacked:

http://www.hackforums.net/showthread.php?tid=653781

Talking about DDoS shells:

http://www.hackforums.net/showthread.php?tid=1369207

First Failed Hosting Company:

http://www.hackforums.net/showthread.php?tid=1257386

Another Website he Hacked:

http://www.hackforums.net/showthread.php?tid=1823896

How to Social Engineer from Microsoft

http://www.hackforums.net/showthread.php?tid=1881875

This is a good one:

http://www.hackforums.net/showthread.php?tid=2594502

"I owe a My Little Pony forum a program to download FiM episodes, but I have insufficient investment. Do you know of any public file sharing hosts that have already stayed up for long and will continue to do so that allow copyrighted content?”

Computer RAT questions:

http://www.hackforums.net/showthread.php?tid=3378028

Asking about a HTTP Rat that will be hosted offshore:

http://www.hackforums.net/showthread.php?tid=3684466

Give it up for the best host of the year, InvokeVM!


----------



## Aldryic C'boas (Nov 4, 2013)

Regardless of how true any of these claims are, Kelvin needs a swift kick in the ass for bringing the short bus here.  We've gone for quite some time without this nonsense;  it was rather nice while it lasted.


----------



## scv (Nov 4, 2013)

HFMaster said:


>


I don't really care about what's being discussed here but I'd like to say this is one of my favourite reaction gifs of all time.


----------



## drmike (Nov 4, 2013)

But I thought HF was all white hat and pretty horses. Hehehe!  opcorn:


----------



## MannDude (Nov 4, 2013)

drmike said:


> Damn did HackForums crash vpsBoard  ?


http://vpsboard.com/topic/2485-rfo-wednesday-november-4th/

Was scheduled maintenance combined with the server coming back 'online' with a lemon for a network config


----------



## MannDude (Nov 4, 2013)

Well, I think we've all learned enough today. If anyone wants to continue the conversation, feel free to utilize the Private Message feature and include other people to have a private airing of dirty laundry.


----------



## jarland (Nov 4, 2013)

MannDude said:


> Well, I think we've all learned enough today. If anyone wants to continue the conversation, feel free to utilize the Private Message feature and include other people to have a private airing of dirty laundry.


I actually do have something I would like to state here in reference to this discussion for public record.







K, done.


----------

