Talk Show Host Starts IP Spoofing Friendly VPS Service In Buffalo

Discussion in 'Hosting Talk & Reviews' started by DomainBop, Sep 19, 2014.

  1. DomainBop

    DomainBop Dormant VPSB Pathogen

    2,260
    2,190
    Oct 11, 2013
    I'm torn between laughing and a massive facepalm.

    I found this offer on LET and thought I'd share because every line of the offer, WHOIS, and website is flashing a warning sign.

    Jerry Springer, hee hee.

    Fake WHOIS, fake address on site, fake LLC, IP spoofing enabled, lorem ipsum text, blank TOS,  a ripped template, HackForums advertiser,...what more could you want  (OK, maybe a nulled WHMCS to complete the picture but they disappoint on this score by actually licensing their WHMCS). :p
     
  2. yomero

    yomero New Member

    72
    21
    May 16, 2013
    On a serious note, probably I need a host which allow this to fake some UDP packets send to the master list of Quake 3 and get one of my servers listed.

    But despite that, this provider doesn't seem to be the best choice hehe...
     
  3. Francisco

    Francisco Company Lube Verified Provider

    2,476
    1,770
    May 15, 2013
    That's amazing.

    If spoofing is enabled in Buffalo that's sooooo sketchy.

    I mean, it'd make sense, it's likely the cisco 3500's don't do ACL's in hardware.

    Francisco
     
    MannDude likes this.
  4. drmike

    drmike 100% Tier-1 Gogent

    8,573
    2,717
    May 13, 2013
    The fncking pain!

    512MB RAM 25GB Disk Space 1000GB Bandwidth 1Gbps Port Speed 1 IP Address 1 CPU Core Spoofing Enabled $6
    Website: http:// bigbucks .cc Contact: bigbuckshelp @ outlook.com

    1. Spoofing enabled?!?!??!?!?!?!?!?!??!  Jon Biloh is this the type of sh!t you promote in Buffalo?

    2. .cc domain?!?!?!?! Yeah.

    3. Outlook.com email?!?!?! Wheee

    4. From their website banner === "You can choose between Windows 2003, 2008 and 2012 operation systems!"

    Engwish?

    5. From their website banner == "At BigBucks we utilize our next generation top of the tier datacenter to be able to protect from attacks u to 125gbps."

    Next generation top of their tier.... KING OF THE BUFFALO SHIT HEAP.   Live from the ___6th___ floor?  Overlooking glorious Buff-a-whoa, with a view of lake mistake... Whee!

    6. http://bigbucks.cc/pricing.htm

     = Lorem Ipsum

    7. Twitter block on their website = filler

    8. From their website the phone number = a copied template details:

    https://www.google.com/?gws_rd=ssl#q=%22020+1345+3434%22

    64 results.

    Was this really an offer or just someone having fun?

    BUT... if you throw the whois info on this you see some name servers... and those are in the same region....

    Domain Name: SHOCKHOSTING.NET
    Registry Domain ID: 1793569093_DOMAIN_NET-VRSN
    Registrar WHOIS Server: whois.godaddy.com
    Registrar URL: http://www.godaddy.com
    Update Date: 2014-07-10 11:13:59
    Creation Date: 2013-04-13 14:07:33
    Registrar Registration Expiration Date: 2015-04-13 14:07:33
    Registrar: GoDaddy.com, LLC
    Registrar IANA ID: 146
    Registrar Abuse Contact Email: [email protected]
    Registrar Abuse Contact Phone: +1.480-624-2505
    Domain Status: clientTransferProhibited
    Domain Status: clientUpdateProhibited
    Domain Status: clientRenewProhibited
    Domain Status: clientDeleteProhibited
    Registry Registrant ID:
    Registrant Name: Ashton Sherman
    Registrant Organization: Shock Hosting
    Registrant Street: 596 15 Hwy Lombardy
    Registrant City: Smith Falls
    Registrant State/Province: Ontario
    Registrant Postal Code: K0G 1L0
    Registrant Country: Canada
    Registrant Phone: +1.6473814653
    Registrant Phone Ext:
    Registrant Fax:
    Registrant Fax Ext:
    Registrant Email: [email protected]ShockHosting.net
    Registry Admin ID:
    Admin Name: Ashton Sherman
    Admin Organization: Shock Hosting
    Admin Street: 596 15 Hwy Lombardy
    Admin City: Smith Falls
    Admin State/Province: Ontario
    Admin Postal Code: K0G 1L0
    Admin Country: Canada
    Admin Phone: +1.6473814653
    Admin Phone Ext:
    Admin Fax:
    Admin Fax Ext:
    Admin Email: [email protected]ShockHosting.net
    Registry Tech ID:
    Tech Name: Ashton Sherman
    Tech Organization: Shock Hosting
    Tech Street: 596 15 Hwy Lombardy
    Tech City: Smith Falls
    Tech State/Province: Ontario
    Tech Postal Code: K0G 1L0
    Tech Country: Canada
    Tech Phone: +1.6473814653
    Tech Phone Ext:
    Tech Fax:
    Tech Fax Ext:
    Tech Email: [email protected]ShockHosting.net
    Name Server: NS1.SHOCKHOSTING.NET
    Name Server: NS2.SHOCKHOSTING.NET

    Unsure if someone is trolling Shockhosting or what...  They don't appear to use CC, well yet.  But they do use Limestone (which LEB had prior issues with)...
     
  5. DomainBop

    DomainBop Dormant VPSB Pathogen

    2,260
    2,190
    Oct 11, 2013
    LET deleted the offer so for anyone who missed it google cache

    BigBucks has been advertising on the skiddie forums so an offer on LET is usually the next step up the ladder for many of these HF hosts (and probably very fertile ground for customer acquisition).

    They also allow "small time ddosing". Scroll down on this ad and read the TOS snippets they included in their ad: "No HEAVY ddos, small time ddosing etc is acceptable"
     
    ftpitnipon likes this.
  6. Francisco

    Francisco Company Lube Verified Provider

    2,476
    1,770
    May 15, 2013
    I doubt he's condoning it, but he shouldn't be allowing it to happen, period. ACL's should be in place for all outbound traffic. No, not prefix lists, but actual ACL's to stop spoofing. Any decent router will do ACL's in hardware which means there's minimal overhead doing so.

    HF hosts are always fun. I was looking to buy a brand the other week, but after I figured out what brand it was (due to him sending the NDA via his companies [email protected] email), I found their entire customer base was hackforums. No thanks.

    Francisco
     
    k0nsl and drmike like this.
  7. Wintereise

    Wintereise New Member

    241
    159
    May 16, 2013
    I doubt he's condoning it, but he shouldn't be allowing it to happen, period. ACL's should be in place for all outbound traffic. No, not prefix lists, but actual ACL's to stop spoofing

    Or, just don't use collapsed edges / cores if your router can't handle it.

    If you don't have to worry about symmetric / asymmetric routing, unicast rpf is a very basic feature in most new switches.
     
    drmike likes this.
  8. GIANT_CRAB

    GIANT_CRAB New Member

    525
    270
    May 21, 2013
    Someone will still buy from them.
     
  9. drmike

    drmike 100% Tier-1 Gogent

    8,573
    2,717
    May 13, 2013
    Anyone here who is familiar said spoofing willing to give this offerer a try or CC Buffalo for that matter?

    Obviously something that should be documented as networks where such is "enabled" are in the far minority and origins of lots of trouble.

    Always good to have more dried timber for burning their castle down.
     
  10. ftpitnipon

    ftpitnipon New Member

    31
    13
    Jan 4, 2014
    Small time ddosing lol

    Some days ago, I got offer from someone who needs a dedi with spoofing enabled.He even said he will pay twice.I refused him
     
    Last edited by a moderator: Sep 20, 2014
  11. Francisco

    Francisco Company Lube Verified Provider

    2,476
    1,770
    May 15, 2013
    I'm sure he'd pay 10x the normal price, it isn't like he's using a legit CC, it'd be stolen.

    I'm still waiting for Ecatel to get depeered again. Oh those were the days~

    Francisco
     
  12. Deleted

    Deleted Jail

    125
    94
    Aug 26, 2013
    Their upstream providers all use BCP-38.. spoofing is pointless on modern networks.
     
    Kris likes this.
  13. Francisco

    Francisco Company Lube Verified Provider

    2,476
    1,770
    May 15, 2013
  14. MannDude

    MannDude Just a dude vpsBoard Founder Moderator

    5,036
    2,634
    Mar 8, 2013
    MannDude
    The dude has got to be a troll.
     
  15. Francisco

    Francisco Company Lube Verified Provider

    2,476
    1,770
    May 15, 2013
    No, he's just the usual HF host. If you ever browsed the site you'd see it's really common. What's not common

    is seeing people trying to pull this crap in the US, usually it's a EU only thing (ecatel, voxility, random hosts in Ukraine, etc).

    Someone has to be dumb as a cinder block to do that crap in a country the feds can walk on over and take an image of your drive.

    Francisco
     
  16. k0nsl

    k0nsl Bad Goy

    444
    191
    Dec 15, 2013
  17. MannDude

    MannDude Just a dude vpsBoard Founder Moderator

    5,036
    2,634
    Mar 8, 2013
    MannDude
    Maybe he was behind 7 proxies?

    Source for those who don't get the reference (though you probably do: http://knowyourmeme.com/memes/good-luck-im-behind-7-proxies )
     
    Last edited by a moderator: Sep 22, 2014
  18. BrianHarrison

    BrianHarrison Member

    92
    12
    Jan 30, 2014
    Now that is just hilarious.