$25 per month www.theboxnetwork.net/consulting.php

Hello my name is Tom from The Box Network Global Internet Solutions. We have introduced a new service after been asked for it many times as people saw we where offering it with our 2GHZ dedicated servers for 170 a month at EV1.

Security is a must in this day and age. No longer are "hackers" aiming for random targets, hacking scripts, mass routers and rootkits are getting more advanced and a lot easier to use. Instead of aiming for one server now a "hacker" can scan full A, B and C class subnets of ips for a certain root vulnerabilities or many root vulnerabilities. Your server could be on the C class in which he scans and because you have not updated something simple like your openssl or openssh server you could be hacked all your information destroyed and your server used for malicious attacks against other users! This is not sci-fi it happens all the time. We can secure and protect your server and also mange it for for a low monthly fee. You will then have the peace of mind that you have not been hacked and you will not be hacked. You will also have the reassurance that we will also install any server updates in which you may need at your request. You will receive a security report when first signup for for this service and the monthly fee is $25 a month.

Server and Security Management includes !

Firewall Install
Packet Filtering Install
24/7 Monitoring
Security Check
Virus Check
Software upgrades
Server Lockdown
Security Aduit
Security Report (emailed to you)
Netcraft block


Regards

Tom

www.theboxnetwork.net

will i know for sure im not going to get hacked?

For all known remote flaws yes, we also have active research group (data tap security) also run by The Box Network who's research group picks up tons of unknown flaws before they are released.

Regards

Tom

What exactly does 24/7 monitoring include??? Just security monitoring, or all the processes running on the server? I know you are focused on security but I'm checking to see whether if I contract with you I can stop monitoring the server myself since it says you manage the server in the post as well.

You also state that you install server updates upon our request. If a vulnerability comes up, do you patch right away, or do you wait for me to tell you I need it installed? Or is the per request feature just for things like installing the newest versions of php or something else that could possibly break our control panel?

Do you actively monitor the server 24/7? What if my server is getting hit with a ddos at 3:00am?

How long have you been doing this?
How many servers do you currently handle security for?
How many admins do you have working on these ___amount of servers?

I'm trying to make sure that my server will not be number 237 to be patched with only 4 techs working on it.

Thanks

after you do the initial audit, will i know for sure i havent been hacked before?

Greetings:

From reviewing http://www.theboxnetwork.net/consulting.php, it looks like you are installing open source technology to install a software-based firewall and port scanner.

The ending result looks like an unmanaged firewall with no instrusion detection system (IDS).

The domain name, theboxnetwork.net, was registered this May.

I congratulate you on starting this brand new business, but most companies in this space who have the experience and know how for what they are doing charge a minimum of $1,000 per month to provide managed firewall services. Even "unmanaged firewall" services usually run several hundred dollars per month.

The typical server administrator worth their salt get paid at least $40,000 per year plus benefits which typically translate to $50,000 per year (when you add in the dollar value of benfits).

This is in the $25 per hour range.

Certified security personnel are generally paid $75,000 per year to start, and experienced individuals can easily command $150,000 per year.

With benefits that translates to $45 to $90 per hour.

Given the hourly wages as a full time, full benefits, employee could make range from $25 to $90 per hour (given they do have the experience) and that companies often charge $100 to $325 per hour (several hundred to several thousand per month), I can only imagine what is given and not given for a mere $25 per month.

Most of the experts in this industry not only charge what they charge because of their expertise; they also have errors and ommisions insurance, EDS insurance, general liability insurance, and potentially are even bonded for each job.

At a mere $25 per month compared to what the proven experts charge, I cannot image you are also covered with the appropriate insurances.

Since September 11, 2001 there has been a cry for increased security, so I can see the desire of people like yourself to open a brand new business to meet the need.

Nowever, I am caused to wonder about what one is really getting and the liabilities of what they are getting or not getting given the mere $25 per month.

Thoughts? Comments?

Thank you.

dynamicnet

Thanks for the detailed post. I have a long list of questions here on my desk that I was going to ask if I got satisfactory answers to the first couple I asked and you just about covered all of them.

I would have to agree with the posts above.

I am a security Specialist, and I believe they said $25 a month for managed firewall service? Umm, OK if you can and want to work for $25 a pop go for it, but if you have the experience and know how I would seriously doubt the pricing. I work for a Large Tier1 ISP and in no way can I see $25 a month for managed firewall, updates, etc.

Also...http://www.google.com/search?q=%22data+tap+security%22&svnum=10&hl=en&lr=&ie=UTF-8&safe=off&sa=N&tab=iw
no links in google at all for data tap security

Originally posted by 7out
What exactly does 24/7 monitoring include??? Just security monitoring, or all the processes running on the server? I know you are focused on security but I'm checking to see whether if I contract with you I can stop monitoring the server myself since it says you manage the server in the post as well.

Yes The Box Network will monitor your server 24 hours a day. How we do this is by installing psad with bastille on your box if it is linux of coarse so when ever a scan or a ping hits your server a log goes straight into our mail boxes. Now you might think to you self we don’t check our mail 24/7 I can tell you this we have a lot of custom we have 3 partners working for us one in Ireland that’s me ;) I am the founder of The Box Network by the way, one in the u.s and one Switzerland this is our living not a hobbie there is always some one monitoring our servers and our network.

[i]
You also state that you install server updates upon our request. If a vulnerability comes up, do you patch right away, or do you wait for me to tell you I need it installed? Or is the per request feature just for things like installing the newest versions of php or something else that could possibly break our control panel?.[/B]

We patch right away most of the time before security sites even know of the flaw we run various research projects get a lot of code from the wild etc.... we are in tone with the going's on of the security industry.

heres a small list from one of our database of various rubbish and slime taken from the wild a lot of the code near the end has never even seen cert.org
(just words no files)
http://www.theboxnetwork.net/honey.txt

[i]
Do you actively monitor the server 24/7? What if my server is getting hit with a ddos at 3:00am?[/B]

DDos attacks will be filtered and icmp response will be blocked to your box so when some one pings your box it will always time out. I have done this for shell providers in the past and this sorted a lot of their dos problems.

[i]
How long have you been doing this?
How many servers do you currently handle security for?
How many admins do you have working on these ___amount of servers??[/B]

I have been doing security consulting for over five years. I cant tell you how many servers I manage I can tell you the servers below are mine and are secured by me.

scan, ping and do what ever you want to test the hosts.

lucky.theboxnetwork.net
bucky.theboxnetwork.net
money.theboxnetwork.net

There are only 3 admins in our security section. The support system has about five people covering it with myself and Aaron on most of the time. I like to have a owner of the company online at all times.

[i]


I'm trying to make sure that my server will not be number 237 to be patched with only 4 techs working on it.
??[/B]

I want your money, I want to keep getting your money every month. I want you to be happy and stay with my service. You will get a great service you will not just be a number.

Regards

Vline
www.theboxnetwork.net

.

Hey guys

A lot of posts about the price and stuff I am not offering a complex service it states what I am offering if you look at our netcraft info you will see the site was first registered in 2001. We have really only been hosting since this may yes. I do not want to stand a trial here lots of people use this service. If you dont want it dont get it. Its really good value for new hosts who want some one who have experience with unix and a security background. Thats all I have to say.

Regards

Tom.

Greetings:

1. Can you please respond to my first post?

2. "Yes The Box Network will monitor your server 24 hours a day. How we do this is by installing psad with bastille on your box if it is linux of coarse so when ever a scan or a ping hits your server a log goes straight into our mail boxes."

A. This does nothing to monitor the server being up or down, server performance, database availability, content hacking, etc.

B. PSAD provides a lot of false alerts, and only shows port scans which may or may not be innocent.

So you have no firewall management being done by your response, and no managed intrusion detection system.

You are relying on passive methods which may allow a hacker to get in, compromise or destroy, and get out before you and your associates even know about it.

"We patch right away most of the time before security sites even know of the flaw we run various research projects get a lot of code from the wild etc.... we are in tone with the going's on of the security industry."

What is your service level agreement for security patch application?

Do you have a guarantee about installing patches within a certain time period?

What happens when that guarantee is not met?

Do you have E&O insurance to cover the financial cost that your customers may go through in case you and your associates totally destroy their system out of negligence, fraud, or neglect?

Has your company ever been turned down for being bonded?

Has your company ever been bonded?

"we have 3 partners working for us one in Ireland"

How many individual people are on the actual support team?

Three?

What time zones?

Do you work separate shifts?

Is a human being accessible 24x7x365 within seconds?

Do you have a guaranteed response time? What is that guarantee?

What can your customer expect when you don't meet the guarantee?

Do you have a service level agreement that covers response time?

What does your service level agreement state on this issue?

Thank you.

No i could not be bothered to be honest, I think i would be wasting my time buddie. Any other people interested in the service you know where to find it.

Regards

Tom

www.theboxnetwork.net

Originally posted by rusko
after you do the initial audit, will i know for sure i havent been hacked before?

Yes you will.

Originally posted by Just_Kp
I would have to agree with the posts above.

I am a security Specialist, and I believe they said $25 a month for managed firewall service? Umm, OK if you can and want to work for $25 a pop go for it, but if you have the experience and know how I would seriously doubt the pricing. I work for a Large Tier1 ISP and in no way can I see $25 a month for managed firewall, updates, etc.


So if a lot of people started doing this would you loose a lot of business ?

Greetings:

"A lot of posts about the price and stuff I am not offering a complex service"

What do the experts deliver for $1,000 or more per month that you do not deliver for $25 per month?

What are your customers who pay $25 per month not getting compared to the $1,000+ month companies?

If a certified security specialist is able to command $75,000 to $150,000 per year not including full benefits, why do you feel $25 per month represents the value of your company?

Certainly you cannot have the experience of some one who is certified and able to get at least $75,000 per year PLUS benefits because at $25 per month per server you would have to have to be able to support 313 servers to break even on your old job (so to speak).

Supporting 313 servers with one person (it is 939 with three people of the same experience because they need to get paid too) by reviewing PSAD emails even with a toliet for a seat, a refigirator next to you, etc. is not humanly possible given that any one server can have PSAD generating hundreds of emails per day (sometimes per hour).

I'm sorry if these posts are harsh, but after September 11th, people need companies and individuals whose offerings are real and beneficial.

Thank you.

P.S. the example above about break even does not include what you would really have to charge (which means more servers to break even) to cover bonding, O&E insurance, EDS insurance, general liability insurance, DS-1 or faster connectivity to the Internet, your own network operations center, etc. in order to do your customer justice.

right and you dont think offering a simple little service that will make security a lot tighter on a guy who might not know that much about unix or security is a good thing ?

I dont know guys I have a good few customers with this service and they are pretty have.. but I know what you are talking about.

Regards

Tom

www.theboxnetwork.net

Greetings:

"right and you dont think offering a simple little service that will make security a lot tighter on a guy who might not know that much about unix or security is a good thing?"

There is an old saying, "if you are going to do something, take the time to do it right."

There is another old saying, "measure twice, saw once."

Both deal with the same concept that if you are going to do something, it should done correctly.

There is no way that your offering has any value for the customer. Here is why:

1. If you have no service level agreements (T.O.S. DOES NOT EQUAL S.L.A.) with the customer, then the customer has no assurance they will get the consideration for which they have paid.

2. If you do not have the proper insurances, and there is fraud, neglect, incompetence, etc. then the customer can loose more than the $25 per month they are paying.

If you are not properly certified and do not have the necessary experience, the probability that there will be neglect (purposeful or otherwise) and incompetence is extremely high.

If you did have the proper certficiations and credentials, then you would be commanding at least $75,000 per year plus full benefits in salary... and you would not be charging $25 per month per server.

3. As I stated earlier:

You ==> "Yes The Box Network will monitor your server 24 hours a day.

Response => How we do this is by installing psad with bastille on your box if it is linux of coarse so when ever a scan or a ping hits your server a log goes straight into our mail boxes."

A. This does nothing to monitor the server being up or down, server performance, database availability, content hacking, etc.

B. PSAD provides a lot of false alerts, and only shows port scans which may or may not be innocent.

So you have no firewall management being done by your response, and no managed intrusion detection system.

You are relying on passive methods which may allow a hacker to get in, compromise or destroy, and get out before you and your associates even know about it.

So in ending, the customer is getting nothing and paying you $25 per month for nothing.

They are getting the equivalent of having some one install Bastille for Linux (which comes with PSAD; both are free) on their server, and then letting the PSAD emails go in the trash can.

Thank you.

Greetings:

"right and you dont think offering a simple little service that will make security a lot tighter on a guy who might not know that much about unix or security is a good thing?"

Let me put it another way than what I just said.

Let's say you went to the F.A.A., and stated for $25 per month you would sit on each flight with your paint ball gun in first class waiting to stop terrorists.

You have no qualifications, are not licensed to carry a fire arm, have had no training, and lost most paint ball gun matches you've participated in.

You figure you'll get first class seating, and something is better than nothing. After all the terrorists might mistake your paint ball gun for the "real thing;" and might be fooled into believing you are a certified, trained, skilled person capable of stopping them.

Now, will the F.A.A. get their money's worth by hiring you?

What if your "niche" was single Cesna operators. Would they get their money's worth?

In both cases, it would be a joke because the offering has no value to the customer.

Security is an extremely important and sensitive issue in light of September 11, 2001.

If you are going to offer services in the security arena, know what you are doing. Know what to charge. Offer customer-oriented service level agreements. Have the right equipment. Have the proper insurance, etc.

Don't go around with a paint ball gun stating it is better than nothing.

Thank you.

Hmm..

I cant for the life of me see why someone would pay you $25 a month for that service. Remember the saying "You get what you pay for"? Security isnt something you should take lightly if its on your business. The mere fact that someone is selling themselves so short shows you the reasoning for their price, I would translate that as no confidence in your knowledge or... Not too knowledgable. I am not trying to be rude to you, but with 5 years experience, a) you should be able to be certified, and b) if you where certified you would have much better things to do then sell a $25 a month service.

Please let us know what Firewall are you installing? what monitoring are you doing? etc..

You mention nothing of the products you plan to use, yet want people to pay you, well I can run a win2k server and you can setup Zone Alarm on it, but I don't think that will honestly do much for me..

quote:
Originally posted by rusko
after you do the initial audit, will i know for sure i havent been hacked before?

Originally posted by vline
Yes you will.

thats bull****. it a day and a bottle of vodka to modify any of the popular rootkits so they wouldnt be detected by chkrootkit. in fact, they wouldnt even be detected by more advanced stuff and people that know what they are doing.

bottom line: the only way you will know for sure that the box is clean is if you have just done a clean install of the OS from trusted/verified media, all while the network cables were unplugged.

unlike others, i think the service is worth the $25 (i spend more on my smokes in a week). its so dirt-cheap that anything that you do for that money (unless you are completely clueless and only make things worse) is actually a good deal. this is good for someone who has no idea about security and no money/time top invest. however, you should not give them a sense of false security. you need to explain (truthfully) the extent (limited) of assurance your service provides.

my qualms are with the sensationalist, uneducated, imprecise and improper advertising copy. no way you can guarantee that the box is clean to begin with and no way you can guarantee that the advisories/patches are correct. bull about your 'research team' finding vulns, i bet they hang out on efnet trading 0day.

be truthful and honest in your advertising. explain what your services do and what they dont.

good luck,
paul

http://www.theboxnetwork.net/dedicated.php

512k ram

mmm : )

Come on people. This guy is running his service on a dedicated Rackshack server running Ensim. How could you take it seriously enough to even waste time asking questions to show the problem with his 'service'? I personally can't justify the time to point out all the issues and I'll leave it at that.

Seems like a day to jump on the other host so lets just leave it here. As I said before those you want the service no where to get it.

Regards

Tom

www.theboxnetwork.net

Originally posted by Vline
Seems like a day to jump on the other host so lets just leave it here. As I said before those you want the service no where to get it.

Regards

Tom

www.--------------.net

If you come here offering a service, claiming people can "know they are secure" from having their servers compromised by a "hacker" (media word), then you should expect people will question this service for the price.

I don't personally have any issue with the price, albeit I admit I am skeptical. People usually charge low rates like this, because they aren't skilled enough to get a real job doing it. That's not to say that's the case for you.

That's also not to say that you providing them _some_ service isn't better than nothing, even if it's $25/mo. However, the problem is, with me anyway, that you offer this and make these claims, when your own server is running Ensim. This means your server can not be as secure as one without it. It's built to tie into the operation so much, that it does not allow you to secure it without breaking the program and functions of the web server.

No one in their right (security minded) mind, would use Ensim. Your packages and programs are out of date and you can't upgrade them without it breaking Ensim. The fact you are running Ensim means you do not have the ability to have custom, secure solutions on your own servers and I would have to question how you can be qualified to provide others with a real solution -- especially in the way of claiming they can know they are safe just by hiring out your services.

It's also been pointed out, that what you claim and how effective it is, is far from the facts, seeing it doesn't actually seem to provide much in the way of security after all. Yes, upgrading often or keeping up to date with security patches is better than nothing, but it's hardly everything. I am 100% convinced that someone that posses the skills you confidently claim to have, would never run Ensim, because this alone limits their abilities to secure their own servers.

If you don't know what I'm talking about, that says a lot. If you do, then why didn't you go for a white box from rackshack instead of a crappy Ensim install? If you had and had your services up to date and truly customized (which you need to do), you would not be hearing me complain or question this thread.

I realize that your boxes are not your client boxes, but this does tend to reflect on your choices of what you personally run on your own business, when you make poor choices. It makes people question why you'd not go with a better solution, since you should know better.

I'm not sure what to say, but price isn't the factor here, as much as the reflection of your choices, which provide some insight into your alleged skills. This makes me wonder, and for those reasons. Those and reasons others in this thread have mentioned. It's nothing personal, but who of us should stand by and say nothing for fear of looking like we are "attacking the competition" or something, because we feel it's a risk to these people. It is our duty to say something. Again, it's nothing personal.

Usually, I don't get involved in threads like this one, because I AM the competition, but let's clear a few things up here.

Any sort of security audit for $25 will NOT tell you you've never been hacked before. It's physically impossible to detect previous hack attempts without getting deep into system data (logs, users, queries, more logs, more queries, etc). All this for $25? Riiiiiiiiiiiiight.

Monitoring for $25 a month? Possible, but doubtful. I know what I'm talking about here, because I DO monitor all activity on my clients servers, and go through it with a fine toothed comb. what is involved in monitoring? Certainly more than looking at a minor portion of the logs every few days. Try looking at them at LEAST once every half hour. This adds up, and evenif you hve 3 people working on it, it's gonna take at least minutes (per half hou) per client.. Before you say 'logs are automatically looked at', I'll say again 'I don't think so'. Unless your logs are parsed and sent to you every half hour for YOUR looking at, you, that's far from secure.

I would agree wholeheartedly with 2host re: ensim. If your own servers aren't updated and secure, how can you assure your customers that THEIRS are? Ensim is outdated as can be, and relies on antequated, outdated software. I believe redhat 7.2 was released what, in what, 2001?? It's been too long for me to recall. So, you'e looking at a 2 year old Operating System, not to mention the kernel that they recommend and support being out of date.

One of the most important features in security is keeping yourself honest and having your clients be able to rely and depend upon you. This is WhY I don't advertise my services as "security specialist", even though I DO perform security enhancements on client's servers, and I DO go through their logs (manually, mind you, as any good sysadmin should) every half hour (well, the new entries that are mailed to me anyways).

I DO think security should be made affordable to everyone, and that's one of the very things I do for my clients, but $25 is too good to be true. There's no physical way that you can ensure your clients safety, not for that mere amount of money.

I find it amusing that individuals actually try to sell services like this for $25 a month. Affordable is one thing (and my services again, border on that, I realize), but this has every smell of fraud.

Just as a side note:
Has anyone actually purchased this offer, what kind of reports were mailed back? I'd love to see the outputs of some of this.. Chances are it's just someone who's picked up Grsecurity ( a freely available tool) and is running with it.

I'll jump in here too. dynamicnet, Tom can offer the service and charge whatever he likes. You're comparing his offerring to what else is out there. How do you know that what you're using as a comparison isn't wrong in the first place?? What is right and wrong? How can these 2 parameters be defined?? You define the first parameter based on your experiences and understanding. That is not "reality". The laws of supply and demand come into play here folks.

If Tom wants to offer a cheap affordable and very basic security service for $25/mth, then that's ok. If your claim is that it is impossible for Tom to offer this service, then that's a valid claim/opinion.

Greetings:

"Tom can offer the service and charge whatever he likes."

Correct.

"You're comparing his offerring to what else is out there."

Correct.

"How do you know that what you're using as a comparison isn't wrong in the first place?"

It is called, doing your home work :-)

"What is right and wrong?"

Well, trained, armed, highly skilled, highly certified, agents on a plane compared to a wanna-be person with a paint ball gun who has no experience with a real gun, no permit, looses most paint ball gun matches...

You tell me.

Security has always been important. Since September 11th it has increased in importance.

So much so that there is a gigantic difference between offerings that are the equivalent of the untrained, paint ball gun wielder who has no permit to carry a real gun let alone ever used one and an armed, trained, highly skilled professional.

Oh... only need the paint ball gun user? Then know what you are getting.

Based on the responses to date, here are the known facts:

1. No service level agreement (if there was wone, it would have been noted, expressed, etc.).

2. No errors and ommissions insurance.

3. No EDS, general liability, or other forms of insurance.

4. No bonding.

5. No managed firewall.

6. No managed intrusion detection system (IDS).

7. The site offering the security services had its domain name registered in May of this year.

8. The monitoring consists of reading emails generated from PSAD.

9. PSAD is known to generate a large quantity of email per server; and, can generate hundreds of messages per day (sometimes per hour).

10. The read the emails from PSAD to determine if there is a security problem.

11. PSAD is known to generate emails that have no meaning or relevance.

12. Bastille for Linux (which includes) PSAD is free.

13. Instructions for installation of Bastille are available in a variety of sources.

14. Certified security personnel's salary (not including the dollar value of benefits) start at $75,000 per year.

15. They've already answered questions dealing with their experience -- never been hacked question -- that show they don't know what they are doing.

16. Some one not knowing what they are doing reading several hundred (or more) PSAD emails per server per day is going to be able to add what benefits for the customer?

Thank you.

Tom can offer his service for $25.00/mth. What is provided for that is questionable. You get what you pay for.

BTW dynamicnet, how about replying to posts properly with quotes and not just " ". It's not the proper netiquite. :)

Ok this is turning into a waste of time. The post has pushed sales for this service btw as there have been 4 signups today ;) (what sort of marketing would you call that) But really guys you are bad mouthing ensim saying it cant be secure and a load of other rubbish..
its a cheap service yes
its worth the money to hosting companys new to the industry who dont know much about unix or security yes.

Now lets drop it.

IF YOU DONT WONT IT DONT GET IT!

with a bit of luck this topic will be locked



btw there was a lot of talk about certs I have just for the record
I have my mcsa , ccna and rhce , I have worked for Iomega as a Linux consultant and am currently also working in I.T in consulting earning 32 000 a year for a 3 day week.

Regards

Tom

www.theboxnetwork.net
hosting from $3.95 200mb 1000mb bandwith with ENSIM!
hosting from $4.95 500mb 3000mb bandwith with ENSIM!

Originally posted by Aussie Bob
What is provided for that is questionable. You get what you pay for.

In some cases, that is true, but not in all.

I have to let you all know that I personally know one of theboxnetwork admins and there very genuine guys with enough knowledge.
You are definetly getting your $25 per month with this package.

Personally we deal with our own security. But for some new comers this would be the perfect package.

As for the comments about ensim being un-secure, and "unable to update" critical components, that is a load of rubbish.

We have the latest and most up to date version of everything, it just takes a bit of knowledge and sense to install them.

"oh no rpm -Uvh might break ensim".

Learn how to install packages correctly, and you can install them with ensim on the server.

Good luck Vline, your providing a service worth a lot more than $25.
I have actually seen people asking in the region of $100-$300 to install Bastille & PSAD - and that doesnt include monitoring it.

Originally posted by Vline
Ok this is turning into a waste of time.


If you can't respond to the points made, why waste people's time going on about irrelevant things?


The post has pushed sales for this service btw as there have been 4 signups today ;)


Who, oh why, do people always respond with how many people signed up because of their crappy ad? So? Want to know how many people would buy a bridge? Put a post up about it.


(what sort of marketing would you call that)


What can you do.


But really guys you are bad mouthing ensim saying it cant be secure and a load of other rubbish..


You have absolutely no idea what you're doing.


its a cheap service yes


Yes, if you'd qualify it as a service.

Am I being too blunt? I was being nice in my comments and they were valid points, and you respond acting like everyone with a valid point is the person that lacks a clue. Hmm, ironic.


its worth the money to hosting companys new to the industry who dont know much about unix or security yes.


If someone was so poor at the task of doing hosting to think this is of any value or need help on such a level, they have no business calling themselves a web host (my opinion).


Now lets drop it.


Sure. We don't dare converse on a web forum.


IF YOU DONT WONT IT DONT GET IT!


Yes, that is a valid point. Yet, another valid point is to make clear what is going on, so no one that is ignorant about this doesn't fall into this 'service' and regret it later. You claiming this so-called service will remove their worries and make them secure.


with a bit of luck this topic will be locked


Perhaps.


btw there was a lot of talk about certs I have just for the record


I didn't notice and I don't care.


I have my mcsa , ccna and rhce ,


I know of a guy that has all these and doesn't know a thing. It just shows how non valuable these certifications are. I know of a guy that's "one of the leading security experts in the world", runs a high profile security consulting service and probably doesn't know what a shell prompt is. I know a 45 year old woman that doesn't know much beyond how to use her email and mouse, and she works at Intel as a support rep and security analyst, and has certifications too. What's your point?


I have worked for Iomega as a Linux consultant and am currently also working in I.T in consulting earning 32 000 a year for a 3 day week.


And that's why you're excited to earn a whopping $25, totaling $100/mo, from 4 people you allegedly got business from due to this thread, right? Besides, that's not great pay. Besides, what in the heck do you think "working in IT" means anyway? This could mean anything. "I change the TP roll in the office bathroom at Quest each week, I work in IT!".



Regards

Tom

www.theboxnetwork.net
hosting from $3.95 200mb 1000mb bandwith with ENSIM!
hosting from $4.95 500mb 3000mb bandwith with ENSIM!

Don't be so proud of using Ensim. Learn to use a real sig, IT boy. Learn to not put anchored URL tags in your sig. Learn how to respond to the points that are brought up. yes, Ensim is insecure, it is bad, it limits you and it says a lot about your alleged knowledge. Perhaps I was a little blunt and not so polite, but oh well. Like you said, your choice. If people are interested, they'll contact you. Good luck.

Originally posted by STX-Hosting

...

As for the comments about ensim being un-secure, and "unable to update" critical components, that is a load of rubbish.


Uh huh. Okay, I'll give you 20 hours with an account on my server, for 2 minutes with an account on your server. We can test each other's security. Sound fair?


We have the latest and most up to date version of everything, it just takes a bit of knowledge and sense to install them.

"oh no rpm -Uvh might break ensim".


If you rely on RPM's to do everything for you, you might not be so well off.


Learn how to install packages correctly, and you can install them with ensim on the server.


If you say so. I'm sorry you would rather just support someone that makes poor choices and defend them so aggressively given the facts, and I'm sorry you believe that an Ensim system can be secure, without actually uninstalling Ensim itself. However, that's none of my business. Contact me if you'd like for me to example some of the reasons I made my comments in this thread about, and we can offer each other access. Really.

Originally posted by Vline
But really guys you are bad mouthing ensim saying it cant be secure and a load of other rubbish..
[/B]
Take a look at the software required by ensim.. Redhat 7.2... We've been here, the software is antiquated, the kernel is old, there's MORE bugs in Ensim than I can pull out my tail (not to mention the fact it's based on years old software).
Originally posted by Vline
its a cheap service yes
[/B]
Too cheap for what you're offering, entirely too cheap. Take it from someone with experience in the field, you can NOT do a correct audit on a server for such a low price.. In addition, more than one of your lies has been pointed out (You'll know for SuRe if you've been hacked or not.. imposible).

Originally posted by Vline
its worth the money to hosting companys new to the industry who dont know much about unix or security yes.
[/B]
No, it's not worth a new company getting ripped off, which is EXACTLY what your offer reeks of.
Originally posted by Vline
I have just for the record I have my mcsa , ccna and rhce , I have worked for Iomega as a Linux consultant and am currently also working in I.T in consulting earning 32 000 a year for a 3 day week.
[/B]
PROVE IT
<< edited to remove someone else's sig.. oops>>

Uh huh. Okay, I'll give you 20 hours with an account on my server, for 2 minutes with an account on your server. We can test each other's security. Sound fair?



Is that offer open to us all? Sure locally is no fun how about remotely ?

Uh huh. Okay, I'll give you 20 hours with an account on my server, for 2 minutes with an account on your server. We can test each other's security. Sound fair?

sorry we dont open our servers up to just anyone.



If you rely on RPM's to do everything for you, you might not be so well off.

That was my point, hence the "" and the sarcasm.



If you say so. I'm sorry you would rather just support someone that makes poor choices and defend them so aggressively given the facts


I wasnt defending him, i was stating that they provide a good deal for $25 for new comers.


and I'm sorry you believe that an Ensim system can be secure, without actually uninstalling Ensim itself.


Ensim is simply an addon, providing you have the correct implementation of the latest packages you can be about as secure as any other linux box with a web based control panel.

I do agree ensim is anything but secure when it is first installed though.

Originally posted by Vline
[QUOTE]Originally posted by 2host.com
[B]

Uh huh. Okay, I'll give you 20 hours with an account on my server, for 2 minutes with an account on your server. We can test each other's security. Sound fair?



will you give me that offer ?

Yes, definitely. Email me. I'll give you a FAX number and you give me one in return. I'm not joking about this and I don't want to be sued or be accused of something, so we'll put it in writing with permission for the set duration. Surely if you are into security you realize this protocol. I await your contact information.

I wouldnt mind seeing the outcome of this little trade... results could be bad for both sides of this deal.

Originally posted by STX-Hosting
sorry we dont open our servers up to just anyone.


But, but, but I'm not just anyone. :-)



That was my point, hence the "" and the sarcasm.


Right, I got it. But you were indicating that it's just a simple matter of upgrading RPM's.


I wasnt defending him, i was stating that they provide a good deal for $25 for new comers.


Okay, fair enough. It just seemed to me that you came into say that "yes, Ensim is secure, as long as you know what you're doing". Well, I do, and I know it's not. As for the value for the money, $25 isn't much, so it's difficult to say that near any service would not be worth it.

I don't find any value in it, but if someone doesn't know the most basic things, it might be worth something. Yet at the same time, they shouldn't be calling themselves a host and have no business running a host if they truly know that little, in my opinion. Regardless, this individual is claiming people will be secure from this service, which is grossly inaccurate and untrue.


Ensim is simply an addon, providing you have the correct implementation of the latest packages you can be about as secure as any other linux box with a web based control panel.


I don't agree with that. There are more secure alternatives and Ensim is more than an add-on, since it limits you and the only way to get around the limits to properly secure the system is to uninstall it. Otherwise you can not configure and upgrade things to have a properly configured system, as Ensim will break. So it's either Enism and insecure or it's removing it. Using is means just that, it's not secure (as as secure as it can be). This was my point, it is a fact.


I do agree ensim is anything but secure when it is first installed though.

And until it's removed, it remains insecure.

PS: Is there a reason why you type almost exactly the same as Vline? (No accusations, just curious).

yeah,but it's easy to rig somethin like that, quite so. not on 2host's part,but on the other person's.
"Quick, eeryone go in and make sure his site is secure, secure it so we look good".

Originally posted by STX-Hosting
I wouldnt mind seeing the outcome of this little trade... results could be bad for both sides of this deal.

Sure, anything's possible. However, let's just say that I'm not worried at all about it. (No arrogance intended).

"PS: Is there a reason why you type almost exactly the same as Vline? (No accusations, just curious)."

LOL. I can tell you now we're not the same person.
I didnt even know that Vline was one of theboxnetwork admins until I read this thread.

Although I am also from Ireland so perhaps its the way we are taught to type over here ? :eek:

Originally posted by STX-Hosting
"PS: Is there a reason why you type almost exactly the same as Vline? (No accusations, just curious)."

LOL. I can tell you now we're not the same person.
I didnt even know that Vline was one of theboxnetwork admins until I read this thread.

Although I am also from Ireland so perhaps its the way we are taught to type over here ? :eek:

Yeah, I noticed that you are both from the same place. Perhaps that's it. Again, it wasn't mean to accuse you of anything, I just should have worded it better.

Originally posted by Vline
Uh huh. Okay, I'll give you 20 hours with an account on my server, for 2 minutes with an account on your server. We can test each other's security. Sound fair?



Is that offer open to us all? Sure locally is no fun how about remotely ?

I will go for that, let me set up a server and you set up a server.

Now be sure to setup the server with what you would give me for $25 a month, also let me know what OS, etc you are setting up I will do the exact same install except possibly a different firewall depending on what you are using. I dont use garbage firewalls...

BTW in your earlier post you mentioned making $32k a year for a short work week.. man no wonder you charge $25 a hour or you live in a really cheap part of the country.

Originally posted by Just_Kp


I will go for that, let me set up a server and you set up a server.

Now be sure to setup the server with what you would give me for $25 a month, also let me know what OS, etc you are setting up I will do the exact same install except possibly a different firewall depending on what you are using. I dont use garbage firewalls...


No, no. No setting up servers. My deal with him anyway, would be to get my dirty paws on his server he runs his business from. Something he should have and claims is secure. There shouldn't need to be any protective or special set ups. As it is now, I test. The same for him on my server. I don't do anything special or different. We take 'em as we get 'em. It's the only accurate way to test and example the problems or not.

Greetings:

"You are definetly getting your $25 per month with this package."

That states a lot ;-)

The same could be true for hiring the paint ball gun person for $25 per month to hold off terrorists. You are definately getting your $25 per month for that service ;-)

Thank you.

Vline,

The problem people are having is that your offering services and making promises which are not possible. If you want to provide entry level security for new hosts and charge an entry level fee ($25), go for it. There are a lot of people here who could use that. BUT, don't oversell yourself with something you can't deliver. You'll get the same response the "unlimited" webhost providers get.

agreed. we dont object to your service, we object to the false and uneducated claims you have made and felt obligated to point them so the potential clients would know exactly what they are (and are not) getting.

ive done some security work and ill tell you this: i have never ever guaranteed anyone that their server has not been previously compromised unless i just did a clean OS install from trusted media. in security there are no guarantees, only probabilities. granted, under certain conditions the probabilities are such that you can guarantee certain things without taking too much risk, but nothing that you advertised gets the probabilties anywhere near that.

with that said, your service is needed and with a proper/accurate description of it, you should be rather successful.

good luck,
paul

Gesssh, some of you need to get a life and or a job!

Sorry guys but 25 dollars a month is too cheap. I have customers who do 50 a week or more depending on the type of services i provide. If you take this job seriously you need to charge for the service.

borg,

where is that 0day pureftpd sploit you promised? you never replied to my pm, perhaps because you dont have it?

I'm still waiting for your email, Vline. If you weren't interested in the offer, be clear and say so. It's not a big deal, but you seemed to indicate you were interested and willing. What happened?

Originally posted by 2host.com
I'm still waiting for your email, Vline. If you weren't interested in the offer, be clear and say so. It's not a big deal, but you seemed to indicate you were interested and willing. What happened?

I think he's Skeerd :)

I was honestly just wanting to prove something to him, for his own good, and not to make a big deal about it. I'm not sure what to think. I'm not sure what he thinks or intends. He seemed to indicate interest. I guess I'll wait to see if he contacts me.

heh

2host needs an account:)

Originally posted by Abaddon
heh

2host needs an account:)

Ha ha. I just want to 'share'. :-)

25$ a month to maintain a iptables firewall for someone isn't a bad deal if they don't know what they are doing.


As for promising that they can stop DOS attacks and keep you from being hacked is a far fetched claim. I can "lock down" a linux box in about 30 minutes but, if I give someone that doesn't know what they are doing the root password how secure can it be?
I think mayhap vline would like to rephrase his advert and perhaps put in what his deal will not cover.

abaddon,

after you 'lock down' the box, you still need to have: apche, smtpd, pop3d, sshd and ftpd running and open if you intend to host on that box. one 0day and you are done

I find it amusing that someone who's offering such a 'great' service hasn't got anyone in here backing them up. Maybe that's a warning in and of itself. Where's the customers? What do THEY have to say (not friends, but clients, REAL people they're dealing with).

What I DON'T find amusing are the lies that have been made by this user "Ensim can be secured", "We will tell you if your server has been hacked (complete bull)", "I have all these certifications", "I work for this big network".

What else I don't find amusing is the fact that when these are brought up, they are discarded by the user making the original post and ignored. You ask people to trust YOU with their servers, yet you won't answer direct and honest questions here? I don't think so!

Even more that I don't find amusing is the attitude of yourself "it's worth $25 a month." I just recovered a server last night from someone with the SAME attitude that you had. He'd decided to move installed rpm libs where they didn't belong , causing MASSIVE system problems, and claiming "It's worth $50 a month"... NO, it's not!!! These people run REAL servers here, YOU are responsible for securing them, and from what your attitude has shown, you are NEITHER responsible or trustworthy!!

Even if I were not familliar enough with Linux to offer these services myself, I have the streetsmarts and more importantly headsmarts to KNOW that if it smells like fraud, looks like fraud, even acts like fraud it probably IS fraud. Your posts and your own attitude declare just that. You avoid honest answers to direct questions, you lie to your (potential) clients, you make claims that are not only outrageous, but they're impossible to backup, because they're untruthful (what person in their RIGHT freaking mind who has 5+ certs and works for a respectable company making $30+k a year would offer this? like you don't have enough demands on your time).


Don't like what I'm saying? PROVE ME WRONG You can't just walk into this forum and claim you know all of this and expect us to believe you, ESPECIALLY considering your own attitude here regarding confrontations, proof and the like. Again, you don't like it? I dare you to PROVE ME WRONG .

bringing a box online for this project

I will fax you over details.

Originally posted by 2host.com


No, no. No setting up servers. My deal with him anyway, would be to get my dirty paws on his server he runs his business from. Something he should have and claims is secure. There shouldn't need to be any protective or special set ups. As it is now, I test. The same for him on my server. I don't do anything special or different. We take 'em as we get 'em. It's the only accurate way to test and example the problems or not.


I will not be using any of the six servers my company run off due to the fact my clients will be on them. I will however setup a box secured by myself running openbsd and you give me a target and we can both play remotly localy is too easy.

Regards

Tom

rusko i do have it but i contact author and he doesnt want me to publish it .. i can provide you with any other daemon .. but i can show you some old pureftpd not new ones.

and vline most of the code you posted from your honey pot is old and half of it is fake .. hehe i have a bigger archive than that from my collection.

Originally posted by Borg
and vline most of the code you posted from your honey pot is old and half of it is fake .. hehe i have a bigger archive than that from my collection.


right

This post is taken all the slugs out of the wood work, I will reply via email for any other questions. 2host contact me

Regards

Tom.

Originally posted by Vline
This post is taken all the slugs out of the wood work, I will reply via email for any other questions. 2host contact me

Regards

Tom.
**roflmao**
NO, IT hasn't, you come in here and offer a service "securing" servers, yet you hide from the blunt, pointed questions that prove you know NOTHING about what you're doing
.
Not only is this shady business practice, and quite bordering on fraud, but it's not exactly building a great image for you here either:

Date Registered: 10-09-2002
Status: Junior Guru Wannabe
Total Posts: 50 (2.10 posts per day)

That says it all right there. YOU are responsible for presenting yourself and your services in a professional manner. YOU are responsible for building trust in yourself and your services (especially in a "security" industry).

I could come in here and claim 'I'm Bill Gates, or I'm Linus Torvalds", does this make it true? HELL no! It means I have to work to back my crap up!

I've seen not ONE post in here from a "client" of yours, yet you expect everyone to believe your claims. You're a newbie to this world, to this forum (as am I), hell, half your own posts probably came from this one thread, yet you expect us to just give in and believe you? I don't think so.

Again, if it walks like a duck, acts like a duck, even quacks like a duck, it's a duck.. Your post and offers in this thread REEK of fraudulence. You avoid the real issues (from the people who DO know what they're doing), because you are DEAD wrong.

As far as your few customers, hey, there's a sucker born every minute. Unfortunately, they probably know nothing at all about Linux and will be needing the services of a REAL security administrator eventually, not some child who can't face the bitter truth and deal with the real issues posted by those who know what they're doing (not just myself, butothers as well).

Originally posted by Vline
bringing a box online for this project

I will fax you over details.

Wouldn't you need to actually contact me to get a FAX number? You also never said anything about setting up a system specifically for this. We also talked about Ensim. You were going to prove a point, right? I sure was. What happened?

Originally posted by Vline

I will not be using any of the six servers my company run off due to the fact my clients will be on them.


Excuses, excuses. No one said anything about a server with clients on them. The server that was discussed was your server you run on Rackshack, with Ensim. What are you afraid will happen? Or does that tell us something?


I will however setup a box secured by myself running openbsd


OpenBSD? We talked about Ensim, your servers, not some completely different system. That proves nothing. I'm not asking you to put up a box specifically for this, you genius. You come two days later and post this nonsense. I guess that says it all. What a waste of time.


and you give me a target and we can both play remotly localy is too easy.

Regards

Tom

What in the world are you talking about "locally is too easy"!? Who said anything about local anything!? Is that all the experience you have, is testing stuff locally? What does that have to do with anything I said or the offer I made? If you want to back out because you can't prove your system is secure with Ensim, then just say so. I'm not interested in playing games.

Originally posted by 2host.com

You were going to prove a point, right? I sure was. What happened?
He took the cheap road out, just like when confronted with everything else. This actually surprises you?? Not me

Originally posted by Vline
This post is taken all the slugs out of the wood work, I will reply via email for any other questions. 2host contact me

Regards

Tom.

You're a joke. Go crawl back under your rock, excuse boy. Consider not advertising fraudulent services while you're at it.

Originally posted by wolfstream

He took the cheap road out, just like when confronted with everything else. This actually surprises you?? Not me

I know and I expected it, yes. However, ironically I never made him that offer initially, he asked if it was open to him too. I said absolutely, definitely. Now this. What a crock. I wasn't posting to challenge him (be it that sounds fun) about how we can each set up a non-real world server that is configured so you can't put clients on, but an actual server, Ensim server which he said can be secure. A server that is a web server that he promotes his services about. Not some rinky dink set up with another OS not running Ensim. Not that I mind, and he can still contact me, but the entire point of that offer was nullified and it just shows him snaking out. I think we all know why. So be it.

Originally posted by 2host.com


I know and I expected it, yes. However, ironically I never made him that offer initially, he asked if it was open to him too. I said absolutely, definitely. Now this. What a crock. I wasn't posting to challenge him (be it that sounds fun) about how we can each set up a non-real world server that is configured so you can't put clients on, but an actual server, Ensim server which he said can be secure. A server that is a web server that he promotes his services about. Not some rinky dink set up with another OS not running Ensim. Not that I mind, and he can still contact me, but the entire point of that offer was nullified and it just shows him snaking out. I think we all know why. So be it.

Its just another case of a guy who has a dedicated server at "Name Colo provider here" who all of a sudden thinks since he setup a firewall and cansetup MRTG, or Cricket to monitor BW and have the firewall send him the alerts he is doing some service.

Which if he had just said I will setup a firewall and report any issues, etc. I would have not said a word, thats a service probably worth $25 bucks to a bunch of uneducated new webhosts.

But you start making claims of being able to tell if someones system has ever been hacked and well.. Come ON! I have been in security with over 8 years professional experience and I would like to say I can do that to fill up my own pathetic ego, but anyone in the industry knows your only as good as the next exploit. All entries are not detectable its unfortunate and you guard against it to prevent it, but thats like me trying to sell you a burglar alarm and saying by looking at your house I could tell if it was ever burglarized before... Complete bull**** anyone who respects themselves and their knowledge of the issues would never make a claim like that..


If you look at this guys "Credentials" It would lead me to think anyone with a copy of maximum security and openbsd can be a security consultant

I noted in a recent locked thread that Vline was "giggling" at someone's comment about how he backed out of this 'offer' to test each other's servers.

My comment was in regards to his Linux servers running Ensim. He later said he'd set up a special box running OpenBSD (or NetBSD, I don't recall which).

This was not what the discussion was about. I told him that the set up he uses can't be as secure. I said "Give me 2 minutes on your box, and I'll give you 20 hours on mine".

This was not an offer to set up a custom box, that would not be a real-world server environment. Anyone can set up any OS on any network and take it off line or not run any services like a real hosting server would run.

I am not saying even Vline couldn't make a custom box fairly secure. I'm sure he could. I'm sure anyone could. It's simple. You install very minimal services, if any, and you have a non real-world server that doesn't show us anything.

Nonetheless, I said "Okay, that sounds fun anyway, but that wasn't the offer". I have yet to be contacted. I asked him to email me, I asked him to PM me. Still no word. I'm not saying this as a challenge, but to simply illustrate that if he's going to try and label me as some "muppet" agreeing with wolfstream or other's he doesn't agree with (which I'm not and I don't, I'm ny own person), then at least be truthful and say you aren't sure you are confident in this 'offer' (which you asked to be included in), or that you're not interested. Say something. Don't come in trying to pass doubt on someone, because you backed out of the offer you asked to be included in.

Again, that is not a challenge, just a simple statement to be fair. Don't act like you have interest and that I've somehow backed out on the offer, because you dramatically changed the variables of it to moot the point, and even so, to not contact me at all. I was serious, I'm not just here bashing you. I only asked that you be honest. You said what you offer in the new thread and I can live with that. That is all I pointed out as the problem, didn't I? So, why make the effort to say that I'm some muppet because you are arguing with other people, which have no relevance or relation to me?

The fact is, no security expert would dare run Enism. Your system is using out of date and vulnerable services. You can test wolfies system and point out flaws, but he's not me. That all has no relation to me. I stated facts, about what I feel and why. You asked for the offer, I said yes. You changed it. I still said okay, even though that's not the agreement. You still never contacted me. Don't waste my time. Really, what were you 'snickering' at? Because you don't like to hear what I said? I said the truth. If you want to snicker about an offer you asked for and then backed out on, just say you don't want to, or don't say you do in the first place.

I don't even need access to your system to show you that you'll be dead in your tracks on mine. After all, are you wanting to try and see who can get root on who's system? Or were you trying to show me that your systems that I say are insecure aren't? Either way, move on or get it over with. I have nothing more to say.

Hey Vline,

So, after seeing you mention this 'guest' account on wolfie's system, I recall the logs and alerts from the other day of someone trying that, among many others. Apparently you think if Wolfie's running something, I must be too? Or have it running in the same manner? Find anything interesting? Disappointed there was no exploits? You amateur! Trying to brute force your way into FTP accounts blindly. What is this? 1988? Get with the program!

Ironically, you said that you don't want me to test (even with your permission) any of your live servers, yet you take it upon yourself to test other people's live servers? When did we agree to this via FAX? That was the deal. This was more than merely curiosity of you seeing what I might be running, you literally tried to maliciously brute your way into nonexistent accounts. What kind of an 'expert' method is that? Is that your skill set showcased? Someone said you seem like you try and break into systems to sell your service. I think that must be it. Unfortunately for you, it's not the most ethical method -- not to mention you lack the skills (given your poor attempts).

I think it's rather humorous that you snicker in another thread mentioning my name (my business name anyway), because I said you could take the offer as well. And you do this? Is this a joke? Again, when did we agree to this? What happened to the FAX? What happened to an email or PM, or anything? Not that I'm concerned, I did make the offer, but do you know it was for this server? What makes it okay for you to try anyway, without my agreeing?

You can see by the logs below that I only have my system set to monitor connections, not any real rules in place unless things get very bad. Still, what gave you the right? All you had to do was ask, it was what I was offering. I was offering you a physical account. So why sneak around trying to brute your way into the system? Why didn't you just ask? Are you really this confused?

Should I construe this as an invitation to hit your servers? Is that how you play it? Like I said, if we agree, we sign and FAX this agreement, so we're covered legally. This isn't a challenge to try and brute your way into a server or do any damage. Obviously you don't quite grasp the concept. Not only do you have a lot to learn skill wise, but in the appropriate actions as well.

I conclude this was a weak attempt (below, which points to an IP in Dublin Ireland (your location)) (and I know you didn't find anything) to try and get into the system without being embarrassed that you couldn't do anything even when given an account. So you tried this first to see if there was any 4 year old exploits running on the system before you agreed, since you don't have the talent to do any real work. Nothing else stands for this, even if you like to try and talk to impress yourself. Joker.


/var/chrootlog/log/messages:Nov 3 16:34:10 server sshd[1274]: Did not receive identification string from 213.105.179.33
/var/chrootlog/log/messages.1:Nov 2 10:58:37 server sshd[5576]: Did not receive identification string from 213.105.179.19
/var/logmessages.1:Nov 2 11:23:00 server sshd[6764]: Did not receive identification string from 213.105.179.27

/var/chrootlog/log/flog.1: Fierce log: Warning level (warn): ProFTPD: 88 connection attempts for user "opened" from (213.105.179.27[213.105.179.27]).

/var/chrootlog/log/messages.1:Nov 2 11:22:58 server proftpd[6763]: 209.120.180.153 (213.105.179.27[213.105.179.27]) - FTP session opened.
/var/chrootlog/log/messages.1:Nov 2 11:23:01 server proftpd[6771]: 209.120.180.153 (213.105.179.27[213.105.179.27]) - FTP session opened.
/var/chrootlog/log/messages.1:Nov 2 11:23:01 server proftpd[6777]: 209.120.180.153 (213.105.179.27[213.105.179.27]) - FTP session opened.

...

/var/chrootlog/log/flog.1: Fierce log: Warning level (warn): ProFTPD: 84 connection attempts for user "closed" from (213.105.179.27[213.105.179.27]).


/var/chrootlog/log/messages.1:Nov 2 11:23:01 server proftpd[6763]: 209.120.180.153 (213.105.179.27[213.105.179.27]) - FTP session closed.

...

/var/chrootlog/log/flog.1: Fierce log: Warning level (warn): ProFTPD: 30 connection attempts for user "user" from (213.105.179.27[213.105.179.27]).


/var/chrootlog/log/messages.1:Nov 2 11:27:29 server proftpd[7003]: 209.120.180.153 (213.105.179.27[213.105.179.27]) - no such user 'user'
/var/chrootlog/log/messages.1:Nov 2 11:27:29 server proftpd[7007]: 209.120.180.153 (213.105.179.27[213.105.179.27]) - no such user 'user'
/var/chrootlog/log/messages.1:Nov 2 11:27:29 server proftpd[7008]: 209.120.180.153 (213.105.179.27[213.105.179.27]) - no such user 'user'

/var/chrootlog/log/secure.1:Nov 2 11:27:29 server proftpd[7007]: 209.120.180.153 (213.105.179.27[213.105.179.27]) - USER user: no such user found from 213.105.179.27 [213.105.179.27] to 209.120.180.153:21
/var/chrootlog/log/secure.1:Nov 2 11:27:29 server proftpd[7008]: 209.120.180.153 (213.105.179.27[213.105.179.27]) - USER user: no such user found from 213.105.179.27 [213.105.179.27] to 209.120.180.153:21
/var/chrootlog/log/secure.1:Nov 2 11:27:29 server proftpd[7004]: 209.120.180.153 (213.105.179.27[213.105.179.27]) - USER user: no such user found from 213.105.179.27 [213.105.179.27] to 209.120.180.153:21

/var/chrootlog/log/flog.1: Fierce log: Warning level (warn): ProFTPD: 30 connection attempts for user "ftpuser" from (213.105.179.27[213.105.179.27]).

/var/chrootlog/log/messages.1:Nov 2 11:27:29 server proftpd[7018]: 209.120.180.153 (213.105.179.27[213.105.179.27]) - no such user 'ftpuser'
/var/chrootlog/log/messages.1:Nov 2 11:27:29 server proftpd[7019]: 209.120.180.153 (213.105.179.27[213.105.179.27]) - no such user 'ftpuser'
/var/chrootlog/log/messages.1:Nov 2 11:27:29 server proftpd[7020]: 209.120.180.153 (213.105.179.27[213.105.179.27]) - no such user 'ftpuser'

/var/chrootlog/log/secure.1:Nov 2 11:27:29 server proftpd[7018]: 209.120.180.153 (213.105.179.27[213.105.179.27]) - USER ftpuser: no such user found from 213.105.179.27 [213.105.179.27] to 209.120.180.153:21
/var/chrootlog/log/secure.1:Nov 2 11:27:29 server proftpd[7019]: 209.120.180.153 (213.105.179.27[213.105.179.27]) - USER ftpuser: no such user found from 213.105.179.27 [213.105.179.27] to 209.120.180.153:21
/var/chrootlog/log/secure.1:Nov 2 11:27:29 server proftpd[7020]: 209.120.180.153 (213.105.179.27[213.105.179.27]) - USER ftpuser: no such user found from 213.105.179.27 [213.105.179.27] to 209.120.180.153:21


/var/chrootlog/log/messages.1:Nov 2 11:27:28 server proftpd[7002]: 209.120.180.153 (213.105.179.27[213.105.179.27]) - no such user 'anonymous'
/var/chrootlog/log/secure.1:Nov 2 11:27:28 server proftpd[7002]: 209.120.180.153 (213.105.179.27[213.105.179.27]) - USER anonymous: no such user found from 213.105.179.27 [213.105.179.27] to 209.120.180.153:21


/var/chrootlog/log/flog.1: Fierce log: Warning level (warn): ProFTPD: 14 connection attempts for user "admin" from (213.105.179.27[213.105.179.27]).

/var/chrootlog/log/flog.1: Fierce log: Warning level (warn): ProFTPD: 16 connection attempts for user "password" from (213.105.179.27[213.105.179.27]).

/var/chrootlog/log/flog.1: Fierce log: Warning level (warn): ProFTPD: 16 connection attempts for user "xxx" from (213.105.179.27[213.105.179.27]).

/var/chrootlog/log/flog.1: Fierce log: Warning level (warn): ProFTPD: 16 connection attempts for user "root" from (213.105.179.27[213.105.179.27]).

/var/chrootlog/log/flog.1: Fierce log: Warning level (warn): ProFTPD: 16 connection attempts for user "adm" from (213.105.179.27[213.105.179.27]).


/var/chrootlog/log/messages.1:Nov 2 11:27:30 server proftpd[7033]: 209.120.180.153 (213.105.179.27[213.105.179.27]) - no such user 'free'
/var/chrootlog/log/messages.1:Nov 2 11:27:30 server proftpd[7036]: 209.120.180.153 (213.105.179.27[213.105.179.27]) - no such user 'free'

/var/chrootlog/log/secure.1:Nov 2 11:27:30 server proftpd[7033]: 209.120.180.153 (213.105.179.27[213.105.179.27]) - USER free: no such user found from 213.105.179.27 [213.105.179.27] to 209.120.180.153:21
/var/chrootlog/log/secure.1:Nov 2 11:27:30 server proftpd[7036]: 209.120.180.153 (213.105.179.27[213.105.179.27]) - USER free: no such user found from 213.105.179.27 [213.105.179.27] to 209.120.180.153:21


/var/chrootlog/log/messages.1:Nov 2 11:27:31 server proftpd[7080]: 209.120.180.153 (213.105.179.27[213.105.179.27]) - no such user '082263'
/var/chrootlog/log/secure.1:Nov 2 11:27:31 server proftpd[7080]: 209.120.180.153 (213.105.179.27[213.105.179.27]) - USER 082263: no such user found from 213.105.179.27 [213.105.179.27] to 209.120.180.153:21


/var/chrootlog/log/messages.1:Nov 2 11:27:32 server proftpd[7080]: 209.120.180.153 (213.105.179.27[213.105.179.27]) - no such user '293736'
/var/chrootlog/log/secure.1:Nov 2 11:27:32 server proftpd[7080]: 209.120.180.153 (213.105.179.27[213.105.179.27]) - USER 293736: no such user found from 213.105.179.27 [213.105.179.27] to 209.120.180.153:21

/var/chrootlog/log/messages.1:Nov 2 11:27:32 server proftpd[7080]: 209.120.180.153 (213.105.179.27[213.105.179.27]) - no such user '241827'
/var/chrootlog/log/secure.1:Nov 2 11:27:32 server proftpd[7080]: 209.120.180.153 (213.105.179.27[213.105.179.27]) - USER 241827: no such user found from 213.105.179.27 [213.105.179.27] to 209.120.180.153:21

/var/chrootlog/log/secure.1:Nov 2 11:27:32 server proftpd[7080]: 209.120.180.153 (213.105.179.27[213.105.179.27]) - Maximum login attempts exceeded.

Total login attempts: 359.

heh
he got about the same response from me. Although, his "hack" didn't get 'im aywheres, except finding out that ~/ wasn't accessible.. Cute, but definitely enough to warrant a nasty email to his provider (not once but twice).