amuck-landowner

I'm speechless...

KuJoe

Well-Known Member
Verified Provider
Here's a quick summary of what happened:

Client posted SSH login info for his VPS on Twitter that was re-tweeted by some Anon account.

Clients VPS is used to attack our internal servers and attempts multple kernel exploits to gain root access to our hardware node.

Client is terminated for the above activities (I understand it wasn't the client themselves but this isn't the first time they've broken out TOS either).

Client demands a refund for "poor service" after they have been a client for over 6 months.

Client posts this: http://schoolofprivacy.eu/post/52040655394/our-server-was-cancelled-for-abuse-and-our-money

I love how a blog dedicated to freedom and openness only posts half of the story.  <_<

[/rant] I feel better. :D
 
Last edited by a moderator:

texteditor

Premium Buffalo-based Hosting
Even if it wasn't his first offense I'd still shut him off anyways, just offering up ssh access publicly is really dumb, like so dumb it should require punishment
 

Chronic

Member
Some people are unbelievable. What else did they expect when they gave their details out to people? It's like leaving your front door wide open and going for vacation.
 

nunim

VPS Junkie
I still can't stop laughing about them posting the user account on their website and being shocked when problems occur..  Especially on a site like that...

Can't figure out how to leave a comment on their page :( 
 

Marc M.

Phoenix VPS
Verified Provider
Here's a quick summary of what happened...
@KuJoe I'm not surprised that they didn't post it on a hosting forum as they would have probably been laughed at really hard. Hmm, comments were disabled, looks like borderline sabotage on their part. That .eu site is hosted here in the US - TUMBLR, INC. (AS33612) - IP 66.6.44.4 (very nice IP) so you might want to write a few lines to their provider explaining what happened (if you want that taken down of course).
 

Jack

Active Member
@KuJoe I'm not surprised that they didn't post it on a hosting forum as they would have probably been laughed at really hard. Hmm, comments were disabled, looks like borderline sabotage on their part. That .eu site is hosted here in the US - TUMBLR, INC. (AS33612) - IP 66.6.44.4 (very nice IP) so you might want to write a few lines to their provider explaining what happened (if you want that taken down of course).
https://www.tumblr.com/

tumblr aren't going to be bothered, he won't have access to much other than an admincp to write content.
 

Mun

Never Forget
The moment when understanding that you can easily create a DDOS that no one can trace and have the ability to do it, but realizing it is still illegal.

Sigh

Can't we have an approval process!!!!1

Mun
 

drmike

100% Tier-1 Gogent
People are ridiculous.

Account was posted in public, account was used to attack internal systems.

Account cancelled.

Me, I'd be looking to see if you can determine where this customer came from originally and steer away from promotion/visibility there.
 

mikho

Not to be taken seriously, ever!
I've seen that url over at lowendspirit, better to let Anthony know about it so he can keep his eyes open.
 

wearehidden

New Member
Ok so i signed up here to address this....

your accusing me of telling half a story well if im guilty of telling half a story that makes you guilty of telling a quarter of a story.

firstly we weren't slamming you in anyway we where publicly addressing what happened and that someone had ruined something that was a genuinely good thing we where trying to do. So trying to slam us is rather silly we didn't blame you in anyway and we told the truth of what happened....

to explain what actually happened since you didn't..

we made a public ssh user with no privalleges it was a regular user for SSH tunneling and with access to IRSSI for the people in turkey the turkish regime is cracking down because of wide spread protests and is censoring the internet in attempts to thwart peoples ability to organize. we where genuinely trying to help some people and because of the user having no real privaleges and our readers are usually decent people we didn't think any real harm could come from it.

we where wrong and we did publicly apologize about it and any damages that came from it , which i am gladly willing to pay for any damages done.

the server was bought for us by reader and friend and donated originally to run an IRC (which you don't allow) and the person who bought the server knows very little about hosting and didn't think to read the TOS so when we first got the VPS we setup an IRC which your staff asked us to shut down and we did.

we said we where unhappy with your service because we where, It was donated to us and we where greatful and tried putting it to good use since we couldn't do alot with it do to your TOS (do things we would have liked to with it)

the quality of your service isn't bad an we had never said it was.

we had asked for a refund for the remaining months because we would have liked the person who donated it to us to receive some of their money back for the months we didn't get to use, which i didn't expect to receive but i figured i would ask and try to get some of their money back.

also you did not address the fact that we where asked to disable the proxy, WHICH WE DID and the proxy was shut off immediately after that ticket and we removed the user, then a whole 39 minutes after (keep in mind the server was off most of that time, and the proxy had been disabled) you said someone had attempted to use our server to hack your "hardware node" but the server was off most of that time, and the SSH user was removed no one was on the server during the 39 minutes between you asking us to remove it, and you telling us someone abused it.

so was the hack attempt before you asked us to disable it and you didn't notice? or was someone able to hack into one of  the ssh users that wasn't public? If you don't mind me asking.

and since we didn't buy the VPS and weren't the only people using it we regrettably didn't spend the time to read your terms of service fully which in retrospect we should have. 

If you want to be paid for damages let me know, but tell the full story we didn't attack you in anyway about suspending us,and we didn't decline to comply or behave like jerks in anyway. We where trying to help others.

It was an error on our part but we where planning on allowing people to SSH tunnel for a few hours just so some of our followers in turkey could get on facebook and twitter it was a rash decision that we made.

so sorry securedragon, let me know what damages to pay for and how much. If you want send me logs of the hack attempt and what was damaged and i will gladly pay for it.
 

Marc M.

Phoenix VPS
Verified Provider
@wearehidden seriously that is TL;DR so I won't even bother. If you have a point to make then your valid arguments should fit in no more than 3 to 4 coherent sentences.
 

wearehidden

New Member
Tl;DR

I was asked to remove the proxy , we did, 

39 minutes later where told someone tried hacking them and shut off.

the server was donated from one of our readers, and I didn't make any attempt to bash securedragon.

we ran a SSH user with no real privileges so people in turkey could ssh tunnel to get on facebook and twitter since they where being blocked during protests.

and im offering to pay for any damages done if any.
 

Marc M.

Phoenix VPS
Verified Provider
I was asked to remove the proxy , we did, 39 minutes later where told someone tried hacking them and shut off. the server was donated from one of our readers, and I didn't make any attempt to bash securedragon. we ran a SSH user with no real privileges so people in turkey could ssh tunnel to get on facebook and twitter since they where being blocked during protests. and im offering to pay for any damages done if any.
I hope that you understand that whoever signs up for that VPS is responsible for it. An unprivileged user account under Linux does not make that VPS hack proof. If people want to get out to the Internet and they are blocked they can easily purchase access to a VPN, like http://vpn.sh. I have been to Turkey more than once and it doesn't strike me as a totalitarian country, I'd say that most people there are more business oriented than some of us in the west. It is their right to keep some of the things that happen in their country out of the international media. Unless I am missing something, I fail to see why Securedragon was so unfairly slammed. Normally for such activities in addition to revoking your right to a refund, an administrative fee would have been in order as well.
 

texteditor

Premium Buffalo-based Hosting
Was it too much effort to jail the user to a restricted shell or setup some kind of VPN?

Congrats on finding a way to make slacktivism even lazier
 
Top
amuck-landowner