Hi, I am currently dealing with a problem regarding my eggdrop and shell service. My currently shell ISP for my eggdrop is www.publiclinux.net was K-Lined from FurNet.org where my eggdrop is running channels because an abusive user (Sibe) had used the service to hack into FurNet.org and thus got it K-Lined because an admin had seen him with my bot's IP address. At this time, I have e-mailed the admin of the shell ISP my eggdrop is on letting them know of the situation.
Right now, I am in a possible need of a private shell box that someone can offer to me because if I switch shell providers, the result could lead to the asshole hacker going over to the new service by looking at the bot's new IP. Thank you very much if you can help me out. I have already FTPed the eggdrop's files to my machine to prepare for a possible move.
Sincerely,
Erik McDarby
This is the new home of the egghelp.org community forum.
All data has been migrated (including user logins/passwords) to a new phpBB version.
For more information, see this announcement post. Click the X in the top right-corner of this box to dismiss this message.
All data has been migrated (including user logins/passwords) to a new phpBB version.
For more information, see this announcement post. Click the X in the top right-corner of this box to dismiss this message.
Possible Private VHost Linux Bot Shell Needed
Frankly. You would be better off with a comercial service provider.
Allthough private boxes can be cheap, and depending on who you are dealing wiht, could run nice and fast with up times (due to the lack of users). They also have the highest hack rate (once located).
When a commercial service provider gets hacked, it bocomes public news fast. However, private boxes don't get this, and thus you don't hear about it much.
There is probably a 20:1 ratio of private to public shell hacks.
Also note, most private boxes do not have access to assigning new IP addresses, thus can't catter fully for you. Even more do not have access to name assigned to a reverse DNS.
If you choose your provider carfully, even going about seeing a providers peering arrangments, you could find a excelent provider.
Provides like UKshells are good. As they have a fully housed infrastructure. Unlike most providers that require colocations or next to there gaming system.
Here are a few steps to preventing k-lines in this way.
I do not want to brag, but UKShells provide the IP's and the clause about using non-owned IP's.
Allthough private boxes can be cheap, and depending on who you are dealing wiht, could run nice and fast with up times (due to the lack of users). They also have the highest hack rate (once located).
When a commercial service provider gets hacked, it bocomes public news fast. However, private boxes don't get this, and thus you don't hear about it much.
There is probably a 20:1 ratio of private to public shell hacks.
Also note, most private boxes do not have access to assigning new IP addresses, thus can't catter fully for you. Even more do not have access to name assigned to a reverse DNS.
If you choose your provider carfully, even going about seeing a providers peering arrangments, you could find a excelent provider.
Provides like UKshells are good. As they have a fully housed infrastructure. Unlike most providers that require colocations or next to there gaming system.
Here are a few steps to preventing k-lines in this way.
- Find a provider that will provide you with a IP address
- Find one that clearly states that other users are not allowed to use other users IP's, only the ones provided by the shell company. (How they enforce this, and if they enforce this is another story. However, you have a right to the IP, and a few legal situations could sort this, depending on the T&C / contract)
- Setup a crontab, that will monitor the use of the IP, by filtering the content of the output from "netstat -e --numeric-hosts --numeric-ports". This way you can find report the user automaticaly.
- Allways use SSH RSA keys. Make a rather odd password, and never use it.
I do not want to brag, but UKShells provide the IP's and the clause about using non-owned IP's.
Allthough I do not know about how they enforce them.You may not bind your processes to any other IP's than those
listed here (or any you have additionally purchased). Other IPs
on the system remain for the sole use of the customers paying for
them. Customers who are found to be using other IPs on the system
are liable to loose their account, without refund.
-
SStuart
ppslim,
I am currently with UKShells have a purchased an IP from them for private use. Like you I am unsure about how they limit it's use (although I will ask this on their forums in a minute).
One other provider to try is Woaf Technologies - http://www.woaf.net they offer private IP's and they "lock the IP" to the user, therefore if joe bloggs logs in and he doesn't own that IP, he will be unable to bind to that IP.
Stuart,
I am currently with UKShells have a purchased an IP from them for private use. Like you I am unsure about how they limit it's use (although I will ask this on their forums in a minute).
One other provider to try is Woaf Technologies - http://www.woaf.net they offer private IP's and they "lock the IP" to the user, therefore if joe bloggs logs in and he doesn't own that IP, he will be unable to bind to that IP.
Stuart,