Page 1 of 2 12 LastLast
Results 1 to 25 of 39
  1. #1
    Join Date
    Oct 2002
    Location
    Dublin
    Posts
    17

    * Basic Security Lockdown / Server Managment LAST WEEK FOR THIS SERVICE

    We adverted this a while ago and got a good response, we are taken the service off line to new customers next week due to the volume of signups we are getting. So just to let the rest of you know if you want this service signup for it now.

    Server and Basic Security Management

    Firewall Install (bastille)
    Packet Filtering Install (bastille)
    24/7 Monitoring (psad)
    Security Check (various security auditing tools)
    Virus Check (CHKrootkit)
    Software upgrades (ssh,sendmail,ftp,bind etc..)
    Server Lockdown (unused ports etc... closed)
    Security Aduit (on all services running)
    Security Report (emailed to you)
    Netcraft block ( via http.conf)

    All for $25 per month
    LAST WEEK !!!

    www.theboxnetwork.net
    for details.

    Any questions directed to tom@theboxnetwork.net

    please do not post questions here.
      0 Not allowed!

  2. #2
    Greetings:

    http://www.webhostingtalk.com/showth...threadid=85254 shows the response you received.

    ==> 24/7 Monitoring (psad)

    1. Will not let you know if the server or services are down.

    2. Generates how many emails per hour?

    3. And you read them all?

    ==> are taken the service off line to new customers next week due to the volume of signups we are getting.

    Sigh.....
      0 Not allowed!

  3. #3
    Join Date
    Oct 2002
    Location
    Dublin
    Posts
    17
    Theres the local flamer now questions by email buddie
      0 Not allowed!

  4. #4
    Join Date
    Sep 2002
    Location
    Top Secret
    Posts
    14,135
    Once again, this individual is a fraud, a fake, a crook and a phony. He's avoided the real questions and shown a complete lack of knowledge in this field.

    You'd be well advised NOT to order anything from this individual without viewing the thread that was posted by dynamicnet first.

    In short:
    Vline has shown zero knowledge in the area of linux security. In fact, he's lied, been caught bold faced doing so (by the experts), and refuses to respond to those lies.

    If you're after security, this is definitely NOT the individual you want securing your systems.
    Tom Whiting, WHMCS Guru extraordinaire
    Linux problems? WHMCS Problems? Give me a shout
    Check out my WHMCS Addons
      0 Not allowed!

  5. #5
    Join Date
    Oct 2002
    Location
    Dublin
    Posts
    17
    Originally posted by wolfstream
    Once again, this individual is a fraud, a fake, a crook and a phony. He's avoided the real questions and shown a complete lack of knowledge in this field.

    You'd be well advised NOT to order anything from this individual without viewing the thread that was posted by dynamicnet first.

    In short:
    Vline has shown zero knowledge in the area of linux security. In fact, he's lied, been caught bold faced doing so (by the experts), and refuses to respond to those lies.

    If you're after security, this is definitely NOT the individual you want securing your systems.
    Ok firstly wolfstream is linked into another security group offering the same services at linux-tech.net which is open to a remote ftp sploit if you get a ftp account there is a guest ftp account as it happens

    login guest pass guest
    they are also open to one local unkown ssl flaw and their openssh3.5 server is configured wrong

    read the forum where they flamed me for offering my services cheaper than theres

    if any one has any real questions mail me and I will promtly answer you dont listen to these muppets

    Regards

    Tom
    Last edited by Vline; 11-08-2002 at 02:35 PM.
      0 Not allowed!

  6. #6
    Join Date
    Sep 2002
    Location
    Top Secret
    Posts
    14,135
    Who's callin who a flamer here?

    Firstly, Vline, your attempts were reported to your ISP. What they chose to do with it is not my concern. If it happens again, stricter measures will be taken.

    Secondly, please, get things right.. I'm not advertising security, I'm advertising administration. I DO secure servers to the best of my ability. In addition, I had just purchased that server, and hadn't quite had it secured yet (it was < 2 days old). I've also removed guest privs from ftp in order to prevent this from happening again.

    I find it mildly amusing that you specialize in attacking other individuals servers, simply to prove you're all that, instead of answering TRUE questions and concerns from those of us who've been in the field and know what they're doing.

    Grow up a little, quit trying to hack into other people's servers. NOT only is it illegal to do, but it's highly unethical.
    Tom Whiting, WHMCS Guru extraordinaire
    Linux problems? WHMCS Problems? Give me a shout
    Check out my WHMCS Addons
      0 Not allowed!

  7. #7
    Join Date
    Oct 2002
    Location
    Dublin
    Posts
    17
    read the edit I was told about the flaws buddie

    just letting you know



    there are a few others if you are interested?

    mail me



    if you where in my shoes you would more than likly deface me
      0 Not allowed!

  8. #8
    Join Date
    Oct 2002
    Location
    Dublin
    Posts
    17
    I am openly stating what i am supplying for a mire 25 bucks a month, no hidden fees and I have started all of what i will do for that money. I dont see your problem the other forum was rubbish flamed to bits I couldnt be bothered spending hours replying to all the abuse that was brought up. WHT is well know by many people as a flame board this is notting new thats why I still sold services via the adverts even after you childish flamings. I care not for you, nore for your little box or you **** looking site I run a couple of high volume web hosts over six servers if you want to keep on flaming go ahead. We laugh it off

    Regards

    Thomas O'Connor

    www.theboxnetwork.net
      0 Not allowed!

  9. #9
    Join Date
    Oct 2002
    Location
    Dublin
    Posts
    17
    Originally posted by wolfstream
    Who's callin who a flamer here?

    Firstly, Vline, your attempts were reported to your ISP. What they chose to do with it is not my concern. If it happens again, stricter measures will be taken.

    As I said I was given the files report me to who you like.
      0 Not allowed!

  10. #10
    Join Date
    Sep 2002
    Location
    Top Secret
    Posts
    14,135
    Cute, but I'm not the ONLY individual who's brought up your lies, and I'm most DEFINITELY not your "buddy".

    So, I don't have the latest and greatest of everything ( I never claimed I did, again). I am bound to what CPanel uses which is MUCH better than what you're using on your servers as far as updates and the like.

    Once again, I NEVER claimed to offer security services. I claim to administrate servers, and DO administrate servers.. part of that deals with a very low end security setup, yes, but NOBODY can be 100% secure using any control panel, or anything of the like. Nor, can any 1 server online be 100% secure (though mine are as secure as I choose to make them).

    Funny, you try to mask your attempts to hack into my servers, but the truth will be shown, quite quickly, as to who is doing what. Hacking or attempting to hack or gain unauthorized access into servers is 1000% illegal.

    I've had zero problems with hacks untill you, and , amazingly enough, don't intend to have any more, because I DO know what I'm doing, unlike yourself who makes false claims that can NOT be backed up (please, tell me where I guarantee servers are secure... You CANT because I DON'T!!).. I DO however have a highly advanced knowledge of the operating systems you claim to know, and KNOW your claims are just that, LIES.

    YOU, however claim to be a security "expert", yet you know nothing about security measures:

    "OH, we can tell you if your server has been hacked "---- NOT!!! ------

    "Oh, Ensim is as secure as it can be, we've updated this and that" --- NOT ----


    Unlike you, I don't avoid direct questions. I answer them. I don't hide myself behind lies and the like.. Sure, you may THINK my servers are vulnerable, but if they are so vulnerable, and insecure, how did I get your ip address and report your hacking attempts to the proper authorities?

    I've had -=2=- attempted hacks in the past 3 years, ALL of which have been reported. One resulted in termination of an account on another server. The other, I wouldn't know the result, but I'm quite positive the results are not in the hacker's favor.

    You're only digging yourself a deeper grave here Vline, I suggest you stop while you're ahead, unless you LIKE having your own flaws being pointed out! I'm not the only one who's said you're a crook, as anyone that reads that other thread will see.. the facts speak for themselves, and your puny attempts to hack into MY personal server don't exactly speak wonders for your trustworthiness.
    Tom Whiting, WHMCS Guru extraordinaire
    Linux problems? WHMCS Problems? Give me a shout
    Check out my WHMCS Addons
      0 Not allowed!

  11. #11
    Join Date
    Oct 2002
    Location
    Dublin
    Posts
    17
    Originally posted by wolfstream
    Who's callin who a flamer here?



    Secondly, please, get things right.. I'm not advertising security, I'm advertising administration. I DO secure servers to the best of my ability. In addition, I had just purchased that server, and hadn't quite had it secured yet (it was < 2 days old). I've also removed guest privs from ftp in order to prevent this from happening again.
    Ok so its secure now yeah?

    and you offer Administration right and Secure Servers ?

    and you are mocking me your server is wide ****en open gwan say its secure

    i dont care how many buddies you have online to flame me you are the fake the crook. Do a search on packet storm for Thomas O'Connor why dont ya.. flippin kids...

    Do you think I have time to be posting replys against your flames?
      0 Not allowed!

  12. #12
    Join Date
    Oct 2002
    Location
    Dublin
    Posts
    17
    Originally posted by wolfstream
    Cute, but I'm not the ONLY individual who's brought up your lies, and I'm most DEFINITELY not your "buddy".
    Right so its me you dont like not my services ok thats out of the way.


    So, I don't have the latest and greatest of everything ( I never claimed I did, again). I am bound to what CPanel uses which is MUCH better than what you're using on your servers as far as updates and the like.".
    No you mean your server is wide open and you have not got a clue you just stated you secured servers in your last post so now you are a lier too. How can you admin servers if you cant secure you own?


    Once again, I NEVER claimed to offer security services. I claim to administrate servers, and DO administrate servers.. part of that deals with a very low end security setup, yes, but NOBODY can be 100% secure using any control panel, or anything of the like. Nor, can any 1 server online be 100% secure (though mine are as secure as I choose to make them)..".
    Your an idiot you have no clue even how to admin a ftp server, never mind a freaken server, yet you can mock others because they wont answer you 20 trick questions on a bbs.)[/B][/QUOTE]


    Funny, you try to mask your attempts to hack into my servers, but the truth will be shown, quite quickly, as to who is doing what. Hacking or attempting to hack or gain unauthorized access into servers is 1000% illegal
    As I said I got given the information hacking is ilegal in certain countrys yes. But not 1000% ilegal as you state you sould read up on data law.


    I've had zero problems with hacks untill you, and , amazingly enough, don't intend to have any more, because I DO know what I'm doing, unlike yourself who makes false claims that can NOT be backed up (please, tell me where I guarantee servers are secure... You CANT because I DON'T!!).. I DO however have a highly advanced knowledge of the operating systems you claim to know, and KNOW your claims are just that, LIES.
    Ok so you know what your doing and never will have any problems. The server is up a week you stated so you got away a week with out any problems. Good lad.


    YOU, however claim to be a security "expert", yet you know nothing about security measures:.
    Nope you said I was not me. I do know about security measures as you call it. Do a audit of any of my servers and any of yours.

    servers

    lucky.theboxnetwork.net
    money.theboxnetwork.net
    bucky.theboxnetwork.net


    "OH, we can tell you if your server has been hacked "---- NOT!!! ------

    "Oh, Ensim is as secure as it can be, we've updated this and that" --- NOT ----
    :.
    In most cases we can!


    Unlike you, I don't avoid direct questions. I answer them. I don't hide myself behind lies and the like.. Sure, you may THINK my servers are vulnerable, but if they are so vulnerable, and insecure, how did I get your ip address and report your hacking attempts to the proper authorities?:.
    which ip address would this be ? If you got a ip hacking you I would go to that presons NOC ring them nag them. Also mail the law inforcement in their local home town I live in Ireland btw.


    I've had -=2=- attempted hacks in the past 3 years, ALL of which have been reported. One resulted in termination of an account on another server. The other, I wouldn't know the result, but I'm quite positive the results are not in the hacker's favor.?
    I have 6 servers on 3 backbones and you think you are going to terminate my connections because I told you of a flaw I was told about?


    You're only digging yourself a deeper grave here Vline, I suggest you stop while you're ahead, unless you LIKE having your own flaws being pointed out! I'm not the only one who's said you're a crook, as anyone that reads that other thread will see.. the facts speak for themselves, and your puny attempts to hack into MY personal server don't exactly speak wonders for your trustworthiness.
    What Grave I have simpley proved you know ****. You bad mouthed my services because you friends did as they will more than likly do again. Point out all the flaws you like Electronic Souls already done a audit on one of my test servers finding only some sendmail problems which are now sorted. I am not a crook you ****en muppet. I run a registered company and the services I have stated is what you get.

    Regards

    Vline
      0 Not allowed!

  13. #13
    Join Date
    Oct 2002
    Location
    Dublin
    Posts
    17
    Originally posted by dynamicnet
    Greetings:

    http://www.webhostingtalk.com/showth...threadid=85254 shows the response you received.

    ==> 24/7 Monitoring (psad)

    1. Will not let you know if the server or services are down.
    I did state it was. I just posted what my service includes. I said the server would be monitored with psad if you can read I didnt say what the hell it did once again reading is needed.


    2. Generates how many emails per hour?
    PSAD is not my software I use it yes, I read the emails it sends me yes if you know how to control psad any admin will tell you that you can set it to send you only important scans, attacks etc.. But as I said I am not defending psad if you dont like it bring it up with the coders not me.


    3. And you read them all?

    Yes




    ==> are taken the service off line to new customers next week due to the volume of signups we are getting.

    Sigh.....
    Your reading is getting much better.

    Now his questions took up about five minites of my time with all the quote tags etc.. he is not a customer he is a muppet some people might see why I didnt reply to his 5 or six posts last time as there where 20 or so questions in each.

    Regards

    Vline
      0 Not allowed!

  14. #14
    Join Date
    Oct 2002
    Location
    Dublin
    Posts
    17
    Ok note what we have learned so far

    linux-tech.net

    cant configure a FTP servers securely

    nore a ssh_config which still as not been sorted so they tell me.
      0 Not allowed!

  15. #15
    Join Date
    Oct 2002
    Location
    Dublin
    Posts
    17
    The run down

    My services are being mocked because I am not tellng you what you get for $25 I have stated that in this forum.

    Now I have stated fully what you get.

    These guys are all hurt and upset now that we all know they are clueless muppets so be warned there will be a lot more rubbish posts here tonight!

    But I will reply to them as much as I can I may even get some staff members online to clear things up.

    Guys its a great service its finished in a week if you want it get it.

    Regards

    Vline
      0 Not allowed!

  16. #16
    Join Date
    Sep 2002
    Location
    Finland
    Posts
    155
    Originally posted by wolfstream

    Funny, you try to mask your attempts to hack into my servers, but the truth will be shown, quite quickly, as to who is doing what. Hacking or attempting to hack or gain unauthorized access into servers is 1000% illegal.
    I dont know half what you are talking about, but he actually hacked into your account, and now hes trying to sell some kind of service, to stop hackers like himself??
      0 Not allowed!

  17. #17
    Join Date
    Sep 2002
    Location
    Top Secret
    Posts
    14,135
    **rofl**
    This is a classic case of everyone else is wrong, but he's right. He's got everything to hide (respond in private), he won't even go through with something he arranged himself (not that anyone expected him to).

    What it comes down to is this:
    It smells like fraud
    It looks like fraud
    It has all the evidence of fraud


    It MUST be fraud (or is everyone else wrong and he's right.. I don't THINK so!).

    Again, PROVE me wrong, PROVE us wrong. You've got a lot of talk, you've done a LOT of talking but you get nowhere by talking at all. You've chosen to go up against some pretty damn good experts here (myself being one of them) in their fields. They can't ALL be wrong , and they ALL say the same damn thing, which is exactly (EXACTLY) what I've said here and in the other thread.

    So, what happens here? The man comes in, ups his post level, claiming to offer services that we've ALL pointed out can't be offered, refusing to open up his own servers for testing (though he offered, but quickly backed down when it was taken up on.. amusing).. I've seen a LOT of talk from one individual, a LOT of lies, a LOT of bull, claiming he can do things that can NOT be done, but when it comes down to it, I've seen ZERO proof , other than his misguided attempts at hacking into my server, which weren't even a real threat mind you.

    Childish, extremely so.. You be the judge though, be informed, because you most definitely will NOT get anything but lies and empty promises from this individual.
    Tom Whiting, WHMCS Guru extraordinaire
    Linux problems? WHMCS Problems? Give me a shout
    Check out my WHMCS Addons
      0 Not allowed!

  18. #18
    Join Date
    Sep 2002
    Location
    Finland
    Posts
    155
    Originally posted by Niklas


    I dont know half what you are talking about, but he actually hacked into your account, and now hes trying to sell some kind of service, to stop hackers like himself??
    same thing as a doctor punches you in the face, so he can do a surgery on you??

    correct me if i am wrong..?
      0 Not allowed!

  19. #19
    Join Date
    Oct 2002
    Location
    Dublin
    Posts
    17
    Originally posted by Niklas


    same thing as a doctor punches you in the face, so he can do a surgery on you??

    correct me if i am wrong..?

    He was talking in his last post about me being a clue less kid is the terms he used "kid" i wish. Any how... his great service is a shame.

    Niklas I have stated everything my service intails in details. I dont see what his problem is.

    Regards

    Vline
      0 Not allowed!

  20. #20
    Join Date
    Jan 2002
    Posts
    574
    Originally posted by wolfstream
    I've had -=2=- attempted hacks in the past 3 years, ALL of which have been reported. One resulted in termination of an account on another server. The other, I wouldn't know the result, but I'm quite positive the results are not in the hacker's favor.

    No offense, but... I find the above extremely unbelieveable. If anyone reading this knows about security, your entire reputation was just tossed out of a 100 story sky rise.

    I get attempts on a daily basis, heck...

    However, I could be wrong, you could be talking about a said box that you only hooked up to the internet for 3 hours in the past 3 years.
      0 Not allowed!

  21. #21
    Join Date
    Sep 2002
    Location
    Top Secret
    Posts
    14,135
    Originally posted by Niklas


    I dont know half what you are talking about, but he actually hacked into your account, and now hes trying to sell some kind of service, to stop hackers like himself??
    rofl
    weeeeeell, I didn't even catch the username (guest/guest).. It was a cpanel demo login that got transferred with the host move (oops).. Yet, you can't REALLY do anything with guest/guest anyways, except store a little bit of data in /home/guest (there's not even any way to get to /bin/ or anything of the like, so don't try to tell me it's an "exploit" cuz it's not. All I had to do was remove the actual guest account from cpanel and, damn, it's gone.. lookie there.. no exploit at all.

    Humorous to say the least, but what it boils down to is this:
    There's NO excuse for hacking into someone else's server, period.. This individual shifts blame like a madman, even trying to point to everyone else, but refuses to answer direct and pointed questions honestly.
    This individual has proven that he/she/it knows how to hack into a system using old exploits that won't get you jack, except for a slap on the wrist and your host denied.
    This individual will sink to illegal and unethical measures to prove their point.

    When it comes down to it, this is not security, this is a joke and a fraud (as claimed by everyone else that's familliar with the Linux environment here). Answer direct questions, live up to your own word, THEN claim you offer something, because you don't offer anything that is worth your price
    Tom Whiting, WHMCS Guru extraordinaire
    Linux problems? WHMCS Problems? Give me a shout
    Check out my WHMCS Addons
      0 Not allowed!

  22. #22
    Join Date
    Sep 2002
    Location
    Top Secret
    Posts
    14,135
    Originally posted by clockwork



    No offense, but... I find the above extremely unbelieveable. If anyone reading this knows about security, your entire reputation was just tossed out of a 100 story sky rise.

    I get attempts on a daily basis, heck...

    However, I could be wrong, you could be talking about a said box that you only hooked up to the internet for 3 hours in the past 3 years.
    Nope, this is a server that has been hooked up first through cable inet , then on to hostmania, then verio. The ONLY downtime on this was scheduled, and it's certainly been up longer than you would claim.

    I'm not saying there haven't been attempts, but they've all been unsucessful, resulting in immediate action and ip banning as triggered by various protocol. Of course those were logged and sent to me.
    Tom Whiting, WHMCS Guru extraordinaire
    Linux problems? WHMCS Problems? Give me a shout
    Check out my WHMCS Addons
      0 Not allowed!

  23. #23
    Greetings:

    ==> Firewall Install (bastille)
    ==> Packet Filtering Install (bastille)

    Two services that are really one.

    Bastille provides a firewall using iptables to filter packets ;-)

    ==> 24/7 Monitoring (psad)

    1. Huge problem here is that most people associate monitoring with letting them know there is a problem with the servers.

    psad is only looking at the logs generated by iptables specifcally for DROP, DENY, REJECT messages. It has nothing to do with server health or the ability for people visiting a site to get to the server.

    2. Psad runs ever so many minutes looking at the log. The settings are minimalistic, and while you can reduce the number of emails generated, there are a lot of meaningless emails.

    Vline claims he and his other associates (I believe it is three total) reads all of these emails and acts upon them when appropriate.

    A particular server can have several hundred psad emails generated per day even with settings set up to be minimalistic in terms of notifications.

    Qualified security personnel make $75,000 to $150,000 per year plus full benefits. The value of benefits for small to mid sized companies is 25% of the salary.

    So a qualified security person would make from $93,750 to $187,500 when you add in the value of benefits.

    Now, at $25 per month per server, they would have to be monitoring and managing 313 servers in order to pay the salary and benefits of ONE person.

    Now if that one person was reading PSAD emails generated from 313 servers.... you are talking about approximately 3,000 emails per day... most of which are meaningless.

    Most trained personnel would use CISCO firewalls and CICSO IDS products or similar equipment... not psad.

    Now, if vline and his partners cannot command a salary of a "qualified" and "certified" security person, then that means?

    ==> Security Check (various security auditing tools)

    In the other thread, Vline was asked if an audit would indicate the system had been compromised by a hacker.

    He replied that it would.

    There is no such way that an audit, especially a basic one, would indicate that a system was (key word is) never compromised by a hacker.

    ==> Virus Check (CHKrootkit)

    This is highly misleading. chkrootkit looks for compromises in system files (please note that you can compromise a system in a way that chkrootkit doesn't puke).

    This is not a virus scanning tool.

    It will not indicate whether the system is infected with a virus.

    ===> Other

    In previous posts, Vline has refused to reply to the following issues:

    * Service level agreements -- existance? What does the customer get when the services are not deliverd as promised (a TOS does not equal an SLSA).

    * Insurance -- E & O, do they have errors and ommissions insurance? If not, then they can totally screw up a system via negligence or incompetence, and you are out of luck as the custoemr.

    * Insurance -- Bondability. Vline refused to answer whether they were ever refused being bonded, tried to be bonded, or able to be bonded. Then what again do you expect for $25 per month?

    ===> Ending

    Security should not be taken lightly.

    This is one area where you don't want a job done half right or any form of partially right.

    While Vline tries to point fingers stating I and others who point out his lack of experience are mere flamers and should be ignored; the real issue is that you need to give your root password in order for Vline to do his work.

    He is making false statements and false promises. You are going to pay $25 per month... and then what? Have a sense of security?

    I don't think so.

    Thank you.
    Last edited by pmabraham; 11-08-2002 at 05:16 PM.
      0 Not allowed!

  24. #24
    Join Date
    Mar 2002
    Location
    New York
    Posts
    1,700
    Not to add to the debate or anything however, The Box Network isn't a very reliable company. They said that they would purchase a template and that they were setting up their paypal account. That was the last email I received from them. Well Just to let you know, thats my experience.
      0 Not allowed!

  25. #25
    vline:

    it smells fishy and i would not let you have root on my boxen. though this time, the ad is appropriate and spells out exactly what one would get - good job.
    * Rusko Enterprises LLC - Upgrade to 100% uptime today!
    * Premium NYC collocation and custom dedicated servers
    call 1-877-MY-RUSKO or paul [at] rusko.us

    dedicated servers, collocation, load balanced and high availability clusters
      0 Not allowed!

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •