We adverted this a while ago and got a good response, we are taken the service off line to new customers next week due to the volume of signups we are getting. So just to let the rest of you know if you want this service signup for it now.

Server and Basic Security Management

Firewall Install (bastille)
Packet Filtering Install (bastille)
24/7 Monitoring (psad)
Security Check (various security auditing tools)
Virus Check (CHKrootkit)
Software upgrades (ssh,sendmail,ftp,bind etc..)
Server Lockdown (unused ports etc... closed)
Security Aduit (on all services running)
Security Report (emailed to you)
Netcraft block ( via http.conf)

All for $25 per month
LAST WEEK !!!

www.theboxnetwork.net
for details.

Any questions directed to tom@theboxnetwork.net

please do not post questions here.

Greetings:

http://www.webhostingtalk.com/showthread.php?s=&threadid=85254 shows the response you received.

==> 24/7 Monitoring (psad)

1. Will not let you know if the server or services are down.

2. Generates how many emails per hour?

3. And you read them all?

==> are taken the service off line to new customers next week due to the volume of signups we are getting.

Sigh.....

Theres the local flamer now ;) questions by email buddie

Once again, this individual is a fraud, a fake, a crook and a phony. He's avoided the real questions and shown a complete lack of knowledge in this field.

You'd be well advised NOT to order anything from this individual without viewing the thread that was posted by dynamicnet first.

In short:
Vline has shown zero knowledge in the area of linux security. In fact, he's lied, been caught bold faced doing so (by the experts), and refuses to respond to those lies.

If you're after security, this is definitely NOT the individual you want securing your systems.

Originally posted by wolfstream
Once again, this individual is a fraud, a fake, a crook and a phony. He's avoided the real questions and shown a complete lack of knowledge in this field.

You'd be well advised NOT to order anything from this individual without viewing the thread that was posted by dynamicnet first.

In short:
Vline has shown zero knowledge in the area of linux security. In fact, he's lied, been caught bold faced doing so (by the experts), and refuses to respond to those lies.

If you're after security, this is definitely NOT the individual you want securing your systems.

Ok firstly wolfstream is linked into another security group offering the same services at linux-tech.net which is open to a remote ftp sploit if you get a ftp account there is a guest ftp account as it happens

login guest pass guest
they are also open to one local unkown ssl flaw and their openssh3.5 server is configured wrong

read the forum where they flamed me for offering my services cheaper than theres

if any one has any real questions mail me and I will promtly answer you dont listen to these muppets ;)

Regards

Tom

Who's callin who a flamer here?

Firstly, Vline, your attempts were reported to your ISP. What they chose to do with it is not my concern. If it happens again, stricter measures will be taken.

Secondly, please, get things right.. I'm not advertising security, I'm advertising administration. I DO secure servers to the best of my ability. In addition, I had just purchased that server, and hadn't quite had it secured yet (it was < 2 days old). I've also removed guest privs from ftp in order to prevent this from happening again.

I find it mildly amusing that you specialize in attacking other individuals servers, simply to prove you're all that, instead of answering TRUE questions and concerns from those of us who've been in the field and know what they're doing.

Grow up a little, quit trying to hack into other people's servers. NOT only is it illegal to do, but it's highly unethical.

read the edit I was told about the flaws buddie

just letting you know

;)

there are a few others if you are interested?

mail me



if you where in my shoes you would more than likly deface me ;)

I am openly stating what i am supplying for a mire 25 bucks a month, no hidden fees and I have started all of what i will do for that money. I dont see your problem the other forum was rubbish flamed to bits I couldnt be bothered spending hours replying to all the abuse that was brought up. WHT is well know by many people as a flame board this is notting new thats why I still sold services via the adverts even after you childish flamings. I care not for you, nore for your little box or you **** looking site I run a couple of high volume web hosts over six servers if you want to keep on flaming go ahead. We laugh it off ;)

Regards

Thomas O'Connor

www.theboxnetwork.net

Originally posted by wolfstream
Who's callin who a flamer here?

Firstly, Vline, your attempts were reported to your ISP. What they chose to do with it is not my concern. If it happens again, stricter measures will be taken.



As I said I was given the files report me to who you like.

Cute, but I'm not the ONLY individual who's brought up your lies, and I'm most DEFINITELY not your "buddy".

So, I don't have the latest and greatest of everything ( I never claimed I did, again). I am bound to what CPanel uses which is MUCH better than what you're using on your servers as far as updates and the like.

Once again, I NEVER claimed to offer security services. I claim to administrate servers, and DO administrate servers.. part of that deals with a very low end security setup, yes, but NOBODY can be 100% secure using any control panel, or anything of the like. Nor, can any 1 server online be 100% secure (though mine are as secure as I choose to make them).

Funny, you try to mask your attempts to hack into my servers, but the truth will be shown, quite quickly, as to who is doing what. Hacking or attempting to hack or gain unauthorized access into servers is 1000% illegal.

I've had zero problems with hacks untill you, and , amazingly enough, don't intend to have any more, because I DO know what I'm doing, unlike yourself who makes false claims that can NOT be backed up (please, tell me where I guarantee servers are secure... You CANT because I DON'T!!).. I DO however have a highly advanced knowledge of the operating systems you claim to know, and KNOW your claims are just that, LIES.

YOU, however claim to be a security "expert", yet you know nothing about security measures:

"OH, we can tell you if your server has been hacked "---- NOT!!! ------

"Oh, Ensim is as secure as it can be, we've updated this and that" --- NOT ----


Unlike you, I don't avoid direct questions. I answer them. I don't hide myself behind lies and the like.. Sure, you may THINK my servers are vulnerable, but if they are so vulnerable, and insecure, how did I get your ip address and report your hacking attempts to the proper authorities?

I've had -=2=- attempted hacks in the past 3 years, ALL of which have been reported. One resulted in termination of an account on another server. The other, I wouldn't know the result, but I'm quite positive the results are not in the hacker's favor.

You're only digging yourself a deeper grave here Vline, I suggest you stop while you're ahead, unless you LIKE having your own flaws being pointed out! I'm not the only one who's said you're a crook, as anyone that reads that other thread will see.. the facts speak for themselves, and your puny attempts to hack into MY personal server don't exactly speak wonders for your trustworthiness.

Originally posted by wolfstream
Who's callin who a flamer here?



Secondly, please, get things right.. I'm not advertising security, I'm advertising administration. I DO secure servers to the best of my ability. In addition, I had just purchased that server, and hadn't quite had it secured yet (it was < 2 days old). I've also removed guest privs from ftp in order to prevent this from happening again.


Ok so its secure now yeah?

and you offer Administration right and Secure Servers ?

and you are mocking me your server is wide ****en open gwan say its secure

i dont care how many buddies you have online to flame me you are the fake the crook. Do a search on packet storm for Thomas O'Connor why dont ya.. flippin kids...

Do you think I have time to be posting replys against your flames?

Originally posted by wolfstream
Cute, but I'm not the ONLY individual who's brought up your lies, and I'm most DEFINITELY not your "buddy".

Right so its me you dont like not my services ok thats out of the way.


So, I don't have the latest and greatest of everything ( I never claimed I did, again). I am bound to what CPanel uses which is MUCH better than what you're using on your servers as far as updates and the like.".

No you mean your server is wide open and you have not got a clue you just stated you secured servers in your last post so now you are a lier too. How can you admin servers if you cant secure you own?


Once again, I NEVER claimed to offer security services. I claim to administrate servers, and DO administrate servers.. part of that deals with a very low end security setup, yes, but NOBODY can be 100% secure using any control panel, or anything of the like. Nor, can any 1 server online be 100% secure (though mine are as secure as I choose to make them)..".

Your an idiot you have no clue even how to admin a ftp server, never mind a freaken server, yet you can mock others because they wont answer you 20 trick questions on a bbs.)[/B][/QUOTE]


Funny, you try to mask your attempts to hack into my servers, but the truth will be shown, quite quickly, as to who is doing what. Hacking or attempting to hack or gain unauthorized access into servers is 1000% illegal

As I said I got given the information hacking is ilegal in certain countrys yes. But not 1000% ilegal as you state you sould read up on data law.


I've had zero problems with hacks untill you, and , amazingly enough, don't intend to have any more, because I DO know what I'm doing, unlike yourself who makes false claims that can NOT be backed up (please, tell me where I guarantee servers are secure... You CANT because I DON'T!!).. I DO however have a highly advanced knowledge of the operating systems you claim to know, and KNOW your claims are just that, LIES.

Ok so you know what your doing and never will have any problems. The server is up a week you stated so you got away a week with out any problems. Good lad.


YOU, however claim to be a security "expert", yet you know nothing about security measures:.

Nope you said I was not me. I do know about security measures as you call it. Do a audit of any of my servers and any of yours.

servers

lucky.theboxnetwork.net
money.theboxnetwork.net
bucky.theboxnetwork.net


"OH, we can tell you if your server has been hacked "---- NOT!!! ------

"Oh, Ensim is as secure as it can be, we've updated this and that" --- NOT ----
:.

In most cases we can!


Unlike you, I don't avoid direct questions. I answer them. I don't hide myself behind lies and the like.. Sure, you may THINK my servers are vulnerable, but if they are so vulnerable, and insecure, how did I get your ip address and report your hacking attempts to the proper authorities?:.

which ip address would this be ? If you got a ip hacking you I would go to that presons NOC ring them nag them. Also mail the law inforcement in their local home town I live in Ireland btw.


I've had -=2=- attempted hacks in the past 3 years, ALL of which have been reported. One resulted in termination of an account on another server. The other, I wouldn't know the result, but I'm quite positive the results are not in the hacker's favor.?

I have 6 servers on 3 backbones and you think you are going to terminate my connections because I told you of a flaw I was told about?


You're only digging yourself a deeper grave here Vline, I suggest you stop while you're ahead, unless you LIKE having your own flaws being pointed out! I'm not the only one who's said you're a crook, as anyone that reads that other thread will see.. the facts speak for themselves, and your puny attempts to hack into MY personal server don't exactly speak wonders for your trustworthiness.

What Grave I have simpley proved you know ****. You bad mouthed my services because you friends did as they will more than likly do again. Point out all the flaws you like Electronic Souls already done a audit on one of my test servers finding only some sendmail problems which are now sorted. I am not a crook you ****en muppet. I run a registered company and the services I have stated is what you get.

Regards

Vline

Originally posted by dynamicnet
Greetings:

http://www.webhostingtalk.com/showthread.php?s=&threadid=85254 shows the response you received.

==> 24/7 Monitoring (psad)

1. Will not let you know if the server or services are down.

I did state it was. I just posted what my service includes. I said the server would be monitored with psad if you can read I didnt say what the hell it did once again reading is needed.


2. Generates how many emails per hour?


PSAD is not my software I use it yes, I read the emails it sends me yes if you know how to control psad any admin will tell you that you can set it to send you only important scans, attacks etc.. But as I said I am not defending psad if you dont like it bring it up with the coders not me.


3. And you read them all?



Yes




==> are taken the service off line to new customers next week due to the volume of signups we are getting.

Sigh.....

Your reading is getting much better.

Now his questions took up about five minites of my time with all the quote tags etc.. he is not a customer he is a muppet some people might see why I didnt reply to his 5 or six posts last time as there where 20 or so questions in each.

Regards

Vline

Ok note what we have learned so far

linux-tech.net

cant configure a FTP servers securely

nore a ssh_config which still as not been sorted so they tell me.

The run down

My services are being mocked because I am not tellng you what you get for $25 I have stated that in this forum.

Now I have stated fully what you get.

These guys are all hurt and upset now that we all know they are clueless muppets so be warned there will be a lot more rubbish posts here tonight!

But I will reply to them as much as I can I may even get some staff members online to clear things up.

Guys its a great service its finished in a week if you want it get it.

Regards

Vline

Originally posted by wolfstream

Funny, you try to mask your attempts to hack into my servers, but the truth will be shown, quite quickly, as to who is doing what. Hacking or attempting to hack or gain unauthorized access into servers is 1000% illegal.


I dont know half what you are talking about, but he actually hacked into your account, and now hes trying to sell some kind of service, to stop hackers like himself??

**rofl**
This is a classic case of everyone else is wrong, but he's right. He's got everything to hide (respond in private), he won't even go through with something he arranged himself (not that anyone expected him to).

What it comes down to is this:
It smells like fraud
It looks like fraud
It has all the evidence of fraud


It MUST be fraud (or is everyone else wrong and he's right.. I don't THINK so!).

Again, PROVE me wrong, PROVE us wrong. You've got a lot of talk, you've done a LOT of talking but you get nowhere by talking at all. You've chosen to go up against some pretty damn good experts here (myself being one of them) in their fields. They can't ALL be wrong , and they ALL say the same damn thing, which is exactly (EXACTLY) what I've said here and in the other thread.

So, what happens here? The man comes in, ups his post level, claiming to offer services that we've ALL pointed out can't be offered, refusing to open up his own servers for testing (though he offered, but quickly backed down when it was taken up on.. amusing).. I've seen a LOT of talk from one individual, a LOT of lies, a LOT of bull, claiming he can do things that can NOT be done, but when it comes down to it, I've seen ZERO proof , other than his misguided attempts at hacking into my server, which weren't even a real threat mind you.

Childish, extremely so.. You be the judge though, be informed, because you most definitely will NOT get anything but lies and empty promises from this individual.

Originally posted by Niklas


I dont know half what you are talking about, but he actually hacked into your account, and now hes trying to sell some kind of service, to stop hackers like himself??

same thing as a doctor punches you in the face, so he can do a surgery on you??

correct me if i am wrong..?

Originally posted by Niklas


same thing as a doctor punches you in the face, so he can do a surgery on you??

correct me if i am wrong..?


He was talking in his last post about me being a clue less kid is the terms he used "kid" i wish. Any how... his great service is a shame.

Niklas I have stated everything my service intails in details. I dont see what his problem is.

Regards

Vline

Originally posted by wolfstream
I've had -=2=- attempted hacks in the past 3 years, ALL of which have been reported. One resulted in termination of an account on another server. The other, I wouldn't know the result, but I'm quite positive the results are not in the hacker's favor.



No offense, but... I find the above extremely unbelieveable. If anyone reading this knows about security, your entire reputation was just tossed out of a 100 story sky rise.

I get attempts on a daily basis, heck...

However, I could be wrong, you could be talking about a said box that you only hooked up to the internet for 3 hours in the past 3 years.

Originally posted by Niklas


I dont know half what you are talking about, but he actually hacked into your account, and now hes trying to sell some kind of service, to stop hackers like himself??

rofl
weeeeeell, I didn't even catch the username (guest/guest).. It was a cpanel demo login that got transferred with the host move (oops).. Yet, you can't REALLY do anything with guest/guest anyways, except store a little bit of data in /home/guest (there's not even any way to get to /bin/ or anything of the like, so don't try to tell me it's an "exploit" cuz it's not. All I had to do was remove the actual guest account from cpanel and, damn, it's gone.. lookie there.. no exploit at all.

Humorous to say the least, but what it boils down to is this:
There's NO excuse for hacking into someone else's server, period.. This individual shifts blame like a madman, even trying to point to everyone else, but refuses to answer direct and pointed questions honestly.
This individual has proven that he/she/it knows how to hack into a system using old exploits that won't get you jack, except for a slap on the wrist and your host denied.
This individual will sink to illegal and unethical measures to prove their point.

When it comes down to it, this is not security, this is a joke and a fraud (as claimed by everyone else that's familliar with the Linux environment here). Answer direct questions, live up to your own word, THEN claim you offer something, because you don't offer anything that is worth your price

Originally posted by clockwork



No offense, but... I find the above extremely unbelieveable. If anyone reading this knows about security, your entire reputation was just tossed out of a 100 story sky rise.

I get attempts on a daily basis, heck...

However, I could be wrong, you could be talking about a said box that you only hooked up to the internet for 3 hours in the past 3 years.
Nope, this is a server that has been hooked up first through cable inet , then on to hostmania, then verio. The ONLY downtime on this was scheduled, and it's certainly been up longer than you would claim.

I'm not saying there haven't been attempts, but they've all been unsucessful, resulting in immediate action and ip banning as triggered by various protocol. Of course those were logged and sent to me.

Greetings:

==> Firewall Install (bastille)
==> Packet Filtering Install (bastille)

Two services that are really one.

Bastille provides a firewall using iptables to filter packets ;-)

==> 24/7 Monitoring (psad)

1. Huge problem here is that most people associate monitoring with letting them know there is a problem with the servers.

psad is only looking at the logs generated by iptables specifcally for DROP, DENY, REJECT messages. It has nothing to do with server health or the ability for people visiting a site to get to the server.

2. Psad runs ever so many minutes looking at the log. The settings are minimalistic, and while you can reduce the number of emails generated, there are a lot of meaningless emails.

Vline claims he and his other associates (I believe it is three total) reads all of these emails and acts upon them when appropriate.

A particular server can have several hundred psad emails generated per day even with settings set up to be minimalistic in terms of notifications.

Qualified security personnel make $75,000 to $150,000 per year plus full benefits. The value of benefits for small to mid sized companies is 25% of the salary.

So a qualified security person would make from $93,750 to $187,500 when you add in the value of benefits.

Now, at $25 per month per server, they would have to be monitoring and managing 313 servers in order to pay the salary and benefits of ONE person.

Now if that one person was reading PSAD emails generated from 313 servers.... you are talking about approximately 3,000 emails per day... most of which are meaningless.

Most trained personnel would use CISCO firewalls and CICSO IDS products or similar equipment... not psad.

Now, if vline and his partners cannot command a salary of a "qualified" and "certified" security person, then that means?

==> Security Check (various security auditing tools)

In the other thread, Vline was asked if an audit would indicate the system had been compromised by a hacker.

He replied that it would.

There is no such way that an audit, especially a basic one, would indicate that a system was (key word is) never compromised by a hacker.

==> Virus Check (CHKrootkit)

This is highly misleading. chkrootkit looks for compromises in system files (please note that you can compromise a system in a way that chkrootkit doesn't puke).

This is not a virus scanning tool.

It will not indicate whether the system is infected with a virus.

===> Other

In previous posts, Vline has refused to reply to the following issues:

* Service level agreements -- existance? What does the customer get when the services are not deliverd as promised (a TOS does not equal an SLSA).

* Insurance -- E & O, do they have errors and ommissions insurance? If not, then they can totally screw up a system via negligence or incompetence, and you are out of luck as the custoemr.

* Insurance -- Bondability. Vline refused to answer whether they were ever refused being bonded, tried to be bonded, or able to be bonded. Then what again do you expect for $25 per month?

===> Ending

Security should not be taken lightly.

This is one area where you don't want a job done half right or any form of partially right.

While Vline tries to point fingers stating I and others who point out his lack of experience are mere flamers and should be ignored; the real issue is that you need to give your root password in order for Vline to do his work.

He is making false statements and false promises. You are going to pay $25 per month... and then what? Have a sense of security?

I don't think so.

Thank you.

Not to add to the debate or anything however, The Box Network isn't a very reliable company. They said that they would purchase a template and that they were setting up their paypal account. That was the last email I received from them. :( Well Just to let you know, thats my experience.

vline:

it smells fishy and i would not let you have root on my boxen. though this time, the ad is appropriate and spells out exactly what one would get - good job.

wolfstream:

pffft. ive heard enough of you. any good admin knows exactly what to do the minute he gets a fresh server with an unpatched default install. 2 days is way too much for anyone, especially someone who does admin work professionally (or claims to). security is not an afterthought - it is the primary concern.

stop flaming vline, god knows you have often stepped into the grey areas of spamming your services in non-advertising fora, he is at least posting his stuff in the right place.

also, if you are going to criticize someone who offers similar services, be tactful enough to disable your signature for that post - it is proper etiquette.

Originally posted by dynamicnet

Most trained personnel would use CISCO firewalls and CICSO IDS products or similar equipment... not psad.


I've played around with the Cisco IDS and I am not really that impressed with it :D. I like the ISS product better, although I am really interested to see what the new Netscreen IDS will be like.

Originally posted by Vline
Ok note what we have learned so far
linux-tech.net
cant configure a FTP servers securely
nore a ssh_config which still as not been sorted so they tell me.

heh, you're quick to point out "assumed" vulnerabilities aren't you.
Yet when it comes down to it, you can't answer direct, honest questions.

guest/guest was allowed for a reason, a specific reason. I created the user for system purposes, and no, you can't GET anywhere inside of it (again, you can't even get to /root/ , /bin/, /etc/, or anything of the like, so this is most definitely NOT a security flaw). It WAS removed, simply because I had been meaning to before the transfer.

As far as ssh_config,there's not a thing wrong with that.. I don't have a set of hosts that I allow clients from, or a limited amount of hosts to allow them from, I have an open server, providing an individual can give a valid reason why he/she wants in, and pays their bills on time. The ONLY thing wrong with that was the lax password failure attempts, which have been changed to 1. BFD!

What else have we learned? Vline is a hacker, plain and simple. He attempts to hack into other individual's servers, making public his "assumed" exploits, but when it comes down to it doesn't really know what he's talking about (again).

We've also learned that each individual handles security differently. Vline claims to go through logs, and all this for $25 a month. Again, that's complete bogus. Vline claims to be able to tell you if you've been hacked before, and that's complete bogus, unless you're 100% familliar with the system you're dealing with. I, however, take a different approach and ban ip blocks if it even SMELLS like a hack attempt.

Rusko, I suggest you yourself stay out of this discussion as you clearly can't read posts. For your information, that account had a purpose for being on the server. So, I left guest/guest enabled.. big deal, again, it's NOT like you can DO anything with it as the service is limited to /home/guest and that is ALL.. That's not a flaw by any means. As far as your comment about havin "enough" of me, well that's what that nice ignore feature is for.. I don't FLAME people, I point out the truth.

Just the facts:
--vline claims to offer something that is physically impossible to do.
--vline claims to have had a great deal of customers in here, but not one of them will stand up for him/her and say "Yes, they do deliver what they say". Speaks wonders in and of itself
--vline hacks servers, claiming later he had a friend do it, then falsely reports data (guest/guest was enabled, but if you dig into things, you'll see again that it's NOT a security risk).
--vline CLAIMS to be someone you can trust, but according to others in this thread, his word is unbelievable.. Read the thread for more.

Now, I don't claim to be a security expert, nor anywhere have I ever done so. I DO claim to offer reasonable administrative services to my customers, and I do that quite well, as any of them will tell you. Yes, part of administration is security, but I take a different approach than most to it.. I have various protocol that ban ip's automatically if they pull anything stupid, and I go through the parsed data in my logs atleast once every 10 minutes (I, unlike some, know what to look for and how to ban on contact and have zero problems doing so) to catch anything ThAT didn't. Considering I don't get an extraordinary amount of traffic, nor do my clients (well, most of them), I have actually been able to ballance things rather well, and will continue to do so.

Rusko, whatever your beef is with me, check it at the door. You have no right to tell me (or anyone) about your protocol, or what YOU think is appropriate. I'm not flaming anyone in here, I'm pointing out flaws, and fraudulent actions, as are others, in order to prevent people from BUYING this man's trash. If you don't like that, keep your trap shut rather than making a nuisance of yourself.

As far as your accusations about myself offering services in another thread, oh god, that happened ONCE, considering everyone else has sigs offering THEIR services and posts blindly everywhere, that's quite acceptable. Hell, the post was even deleted after someone whined enough about it, even though it was on topic with the original post.

Originally posted by wolfstream
**rofl**
This is a classic case of everyone else is wrong, but he's right. He's got everything to hide (respond in private), he won't even go through with something he arranged himself (not that anyone expected him to).

I didnt go though a deal in which my servers that my customers are hosted on for legal reasons and for my clients protechion I did however offer to setup a new server so 2host *giggle* could preform tests. I asked to respond in private as rival companys even if they are as mickey mouse as linux-tech keep mouthing off about my services.

[i]
What it comes down to is this:
It smells like fraud
It looks like fraud
It has all the evidence of fraud [/B]

I have stated all of what my service intails in detail, I can not do any more than that you have never used my service you can not state how good it is or not. You can not run stable servers yourself never mind comment on others.

[i]
It MUST be fraud (or is everyone else wrong and he's right.. I don't THINK so!).[/B]

People did comment in the last thread that it was a good service and we do know our stuff not that even matters because I am stating what I do for 25 bucks a month in detail as you can see from the first post I made here today.

[i]
Again, PROVE me wrong, PROVE us wrong. You've got a lot of talk, you've done a LOT of talking but you get nowhere by talking at all. You've chosen to go up against some pretty damn good experts here (myself being one of them) in their fields. They can't ALL be wrong , and they ALL say the same damn thing, which is exactly (EXACTLY) what I've said here and in the other thread.. [/B]

People are no saying you know **** and your services are not good will we all belive them? You are offering admin services when you cant admin a simple redhat box yourself.... so how can you admin others you are selling a service you have no idea of how to supply you are the fraud my friend. You are Experts buddie this made me laugh you are a muppet that knows notting for as far as we have all seen from your server setup.... do you research on people before you go mouthing off that the services they supply are not good.

[i]

So, what happens here? The man comes in, ups his post level, claiming to offer services that we've ALL pointed out can't be offered, refusing to open up his own servers for testing (though he offered, but quickly backed down when it was taken up on.. amusing).. I've seen a LOT of talk from one individual, a LOT of lies, a LOT of bull, claiming he can do things that can NOT be done, but when it comes down to it, I've seen ZERO proof , other than his misguided attempts at hacking into my server, which weren't even a real threat mind you.
[/B]

uh you are not the smartest person are ya... read this though.. and what you are asking of me

[i]
Childish, extremely so.. You be the judge though, be informed, because you most definitely will NOT get anything but lies and empty promises from this individual. [/B]

Guys I stated what I offer and there have been 2 signups today its the last week get in while you can .

Or get admined by this guy

lol f

;)


Vline

Originally posted by wolfstream


rofl
weeeeeell, I didn't even catch the username (guest/guest).. It was a cpanel demo login that got transferred with the host move (oops).. Yet, you can't REALLY do anything with guest/guest anyways, except store a little bit of data in /home/guest (there's not even any way to get to /bin/ or anything of the like, so don't try to tell me it's an "exploit" cuz it's not. All I had to do was remove the actual guest account from cpanel and, damn, it's gone.. lookie there.. no exploit at all.

Rumour has it that a remote root exploit was placed against your server and the login guest pass guest was used for the exploit to get access into your server thats how we could comment on your ssh_config buddie ;) Gwan tell the nice people the truth



[i]
Humorous to say the least, but what it boils down to is this:
There's NO excuse for hacking into someone else's server, period.. This individual shifts blame like a madman, even trying to point to everyone else, but refuses to answer direct and pointed questions honestly.
This individual has proven that he/she/it knows how to hack into a system using old exploits that won't get you jack, except for a slap on the wrist and your host denied.
This individual will sink to illegal and unethical measures to prove their point..[/B]

Yes we have proved a Point you know notting and are a FRAUD as you cant admin your own server never mind others.!

Originally posted by wolfstream

Nope, this is a server that has been hooked up first through cable inet , then on to hostmania, then verio. The ONLY downtime on this was scheduled, and it's certainly been up longer than you would claim.

I'm not saying there haven't been attempts, but they've all been unsucessful, resulting in immediate action and ip banning as triggered by various protocol. Of course those were logged and sent to me.


BULL****

this guy is also a lier check the netcraft info for linux-tech.net

Regards

Vline

Originally posted by dynamicnet
Greetings:

==> Firewall Install (bastille)
==> Packet Filtering Install (bastille)

Two services that are really one.

Yeah we know, who ever said they where not read the post you can read right? bastille was placed beside both of them the same name of the same software what you are trying to prove by this point i have no idea.

Bastille provides a firewall using iptables to filter packets ;-)

[i]
==> 24/7 Monitoring (psad)

1. Huge problem here is that most people associate monitoring with letting them know there is a problem with the servers.

psad is only looking at the logs generated by iptables specifcally for DROP, DENY, REJECT messages. It has nothing to do with server health or the ability for people visiting a site to get to the server.

2. Psad runs ever so many minutes looking at the log. The settings are minimalistic, and while you can reduce the number of emails generated, there are a lot of meaningless emails.

.[/B]

I didnt code psad I simply use it I stated that I use it so I am mocked now by flamers for using it. Guys the service uses psad there i stated it again. For those who cant read.

[i]
Vline claims he and his other associates (I believe it is three total) reads all of these emails and acts upon them when appropriate.

A particular server can have several hundred psad emails generated per day even with settings set up to be minimalistic in terms of notifications.
.[/B]

psad can be set at a certain alert level so it only send important emails, this guy is looking for ways to make the service look bad yes we can read yes we read mail when we get it.

Just because you dont, that doesnt mean we dont.

[i]
Qualified security personnel make $75,000 to $150,000 per year plus full benefits. The value of benefits for small to mid sized companies is 25% of the salary.

So a qualified security person would make from $93,750 to $187,500 when you add in the value of benefits.

Now, at $25 per month per server, they would have to be monitoring and managing 313 servers in order to pay the salary and benefits of ONE person.
.[/B]

Reading is needed again I stated in full what the service includes read the post you will understand if not you can phone me and I will explain it to you.





Ok guys this chap as way to much time on his hands read over his posts they are all bull**** giving out about the software I am using to preform my tasks. If you read over the first post it tells you what we use. We have selected each product because it works best with ensim,cppanel and plesk for no other reason. Yes we are charging a low rate... no we dont charge 1000s a year you dont get the same service as you would of coarse but like who ever said you did.

Originally posted by Neo3Net
Not to add to the debate or anything however, The Box Network isn't a very reliable company. They said that they would purchase a template and that they were setting up their paypal account. That was the last email I received from them. :( Well Just to let you know, thats my experience.


Hi Neo3Net

Ok that was a mix up in our C.E.O for a template for a client I will gladly wire you over the cash give me a paypal address to send it to mail me

tom@theboxnetwork.net

Originally posted by wolfstream


heh, you're quick to point out "assumed" vulnerabilities aren't you.
Yet when it comes down to it, you can't answer direct, honest questions.

I am answering all questions now its taken up a hell of a lot of time and making me no money but hey I am enjoying it. More to come about your services shortly btw! Your not off the hook yet! Your service is the real fraud and lets see if I can grind it into the ground the way you tryed to do to one of my hosts.

[i]
guest/guest was allowed for a reason, a specific reason. I created the user for system purposes, and no, you can't GET anywhere inside of it (again, you can't even get to /root/ , /bin/, /etc/, or anything of the like, so this is most definitely NOT a security flaw). It WAS removed, simply because I had been meaning to before the transfer.b.[/B]

Your a Fraud. Check your mail software ;) whoop


[i]
What else have we learned? Vline is a hacker, plain and simple. He attempts to hack into other individual's servers, making public his "assumed" exploits, but when it comes down to it doesn't really know what he's talking about (again)..[/B]

Correct Vline is a X hacker / coder he as worked for Iomega as a linux tech spec and also in security research for IBM Ireland He has lots of releases on packet storm and now runs a number of online networks supplying great services.

I got a bit of work to do around the office I will gladly reply to any onther comments in a bit

Originally posted by rusko
vline:

it smells fishy and i would not let you have root on my boxen. though this time, the ad is appropriate and spells out exactly what one would get - good job.

Ok sorry for the first advert being misleading I didnt think it would cause quite a stir I understand you not wanting the service a lot of people would be the same as yourself they dont need this service.

i think linux-net should get it ;)

You're answering questions? RIiiiiiight

Sendmail? Amusing, considering I don't even HAVE sendmail on my server. You really need to learn what you're dealing with. Of course, that'd just go to show your ignorance I guess, just like my guest/guest "hack".. Cute, but not quite, considering the reality of everything, considering you couldn't GET anywhere or do anything!

You make accusations yet you refuse to prove it.. I don't grind any host at all to halt, unless that host is involved in a physical attack on my server, and then I take it up with that person's ISP. UNLIKE you, I have morals and I don't hack into any servers at all.

Funny, I'm a fraud, riiiiiiiiiiiight. That's why I've got repeat clients that verify that I'm NOT a fraud (you do the research, they're there,documented right here). That's why my clients send MORE clients to me, why they constantly praise my efforts (minus the sad, pathetic attempts of one individual)... All I've heard about you here is negative, "he can't live up to his word", etc... That says alot right there. You're one to talk about frauds, you can't even answer honest questions, you lie to your customers and expect everyone to just believe you.. Hillarious

Originally posted by wolfstream
You're answering questions? RIiiiiiight

Sendmail? Amusing, considering I don't even HAVE sendmail on my server. You really need to learn what you're dealing with. Of course, that'd just go to show your ignorance I guess, just like my guest/guest "hack".. Cute, but not quite, considering the reality of everything, considering you couldn't GET anywhere or do anything!

A mire mistake in typing and rushing in between work when talking about your mail server. ;) details to come when i get a second. If you belive I cant not tell a send mail server from a Exim server u really are a fool :o)

How's this. Vline is offering a service. He is posting exactly what the service includes and the price. I think others are going beyond what is needed to discredit the thread starter.

If you have an issue with a claim made, state it, and that's it. I expect that a future thread will not have people bitching up and back, calling eachother frauds, going into servers, etc. If this turns out to be impossible, the people responsible for making this impossible will be removed from the forum.

Any questions?