Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Advertise on LowEndTalk.com
Process names
New on LowEndTalk? Please Register and read our Community Rules.

Process names

edited April 2015 in Help

Hello,

I'm looking the for the process names for the following pieces of software

TOR
Torrents
Nested Virtualization
@home software
IRC (bouncers)
IRC (servers)
Hipleap & alternatives
bitcoin miners

Regards,
Tom

Different.

Comments

  • They can be changed thus rendering your method useless. Still, you'll catch many abusers.

    vrtz.net Cheap VPS Servers Offers - now with EXCLUSIVE offers! (all links are aff links)
    $12/year HostUS Deal (768MB RAM+768MB vSwap)$11.29/year GestionDBI Deal (768MB RAM)

  • edited April 2015

    @Traffic said:
    They can be changed thus rendering your method useless. Still, you'll catch many abusers.

    Just caught 1 TOR & 2 torrents

    Different.

  • TrafficTraffic Member
    edited April 2015

    @TinyTunnel_Tom said:
    Just caught 1 TOR & 2 torrents


    Traffic said: Still, you'll catch many abusers.

    ;)

    Thanked by 1TinyTunnel_Tom

    vrtz.net Cheap VPS Servers Offers - now with EXCLUSIVE offers! (all links are aff links)
    $12/year HostUS Deal (768MB RAM+768MB vSwap)$11.29/year GestionDBI Deal (768MB RAM)

  • TrafficTraffic Member
    edited April 2015

    Out of my head:

    Bitcoin miners:

    minerd

    bitcoind > normal coin daemon - there is no need for it to mine!

    litecoind > normal coin daemon - there is no need for it to mine!

    primecoind > normal coin daemon - there is no need for it to mine!

    [coin-name-here]d > normal coin daemon - there is no need for it to mine!

    vrtz.net Cheap VPS Servers Offers - now with EXCLUSIVE offers! (all links are aff links)
    $12/year HostUS Deal (768MB RAM+768MB vSwap)$11.29/year GestionDBI Deal (768MB RAM)

  • WilliamWilliam Member, Provider

    I hope no ones going to help you block legitimate software, find it out yourself....

  • [coin-name-here]d

    Not always the case.... and like William said, not going to help you find reasons to suspend people's VPS....

    Been mining on a very well known major host for 18 months now, pay my bill on time every month, host is aware, no complaints...

    Some people on this forum spent way too much time trying to "catch" people, so they can suspend their VPS. It makes your company look unprofessional. Focus more on your infrastructure.

    Thanked by 1Mark_R
  • @William said:
    I hope no ones going to help you block legitimate software, find it out yourself....

    You made a point. Updated my post to show common sense in those who can be something else.

    Also, @TinyTunnel_Tom : I can get any app and name it tor - make sure you are really sure of what it is before blocking it.

    vrtz.net Cheap VPS Servers Offers - now with EXCLUSIVE offers! (all links are aff links)
    $12/year HostUS Deal (768MB RAM+768MB vSwap)$11.29/year GestionDBI Deal (768MB RAM)

  • @funyuns_are_awesome
    @William
    @Traffic
    90% of this is not for suspensions. We have torrent clients running on our network, we just actively monitor them more often. Both of them are seeding Linux ISOs which we are fully aware of however we have made a few adjustments to their plans accordingly. Regarding TOR we have a strict TOR policy and do not instantley ban but inquire with the VPS user. We even monitor a few game servers just to ensure they do not go overkill on any resources. I intend to make a nodewatch (watch) style system to just monitor what software is running our on network.

    Different.

  • WilliamWilliam Member, Provider

    You should as ISP NEVER look what a process does or monitor it - In the EU this is even already illegal as it is not your data.

  • @William said:
    You should as ISP NEVER look what a process does or monitor it - In the EU this is even already illegal as it is not your data.

    So why is nodewatch allowed? It runs I think ps then emails it to the admin upon outbound DoS?

    Different.

  • rmlhhdrmlhhd Member, Provider

    @TinyTunnel_Tom said:
    So why is nodewatch allowed? It runs I think ps then emails it to the admin upon outbound DoS?

    I'm sure that's an exception because your only using that information to stop further breaking of the computer misuse act. As soon as the info in no longer needed it should be deleted.

  • jarjar Provider

    Well, for one thing, a host is obviously obligated to look at the node performance and should not be restricted from using commands like "ps" and "top" to identify problems. Willingly tying one's hands behind one's back so that you are incapable of basic system administration tasks does not benefit customers. On OpenVZ, this does mean seeing process names. People here don't like that, so it's better not to talk about doing it.

    However, process names won't get you very far. Focus on what is causing problems at what time, and not on who is running what. The worst problems will be caused by processes with unpredictable names.

  • @rmlhhd said:
    I'm sure that's an exception because your only using that information to stop further breaking of the computer misuse act. As soon as the info in no longer needed it should be deleted.

    Thats exactly all mine does the same as nodewatch so where is the difference.

    @Jar said:
    Well, for one thing, a host is obviously obligated to look at the node performance and should not be restricted from using commands like "ps" and "top" to identify problems. Willingly tying one's hands behind one's back so that you are incapable of basic system administration tasks does not benefit customers. On OpenVZ, this does mean seeing process names. People here don't like that, so it's better not to talk about doing it.

    However, process names won't get you very far. Focus on what is causing problems at what time, and not on who is running what. The worst problems will be caused by processes with unpredictable names.

    Thank you Jar. We are aware of this. We also monitor CPU (sort of OVZ Kernel is quite bad at reporting this) this allows us to view CPU intesvive items (miners). We also monitor I/O which is good for I/O intense programs. And Conntrack + packets, this process name is mainly used just to catch out the odd few items as the more we abuse can prevent the better the performance.

    I'm not saying all these processes are banned. Most are not, just some can cause abuse to we like to be helpful in everyway

    Different.

  • WilliamWilliam Member, Provider
    edited April 2015

    TinyTunnel_Tom said: So why is nodewatch allowed? It runs I think ps then emails it to the admin upon outbound DoS?

    Because it gets data by the packet counter - Not by inspecting the traffic. Second would be illegal, first isn't.

    Looking at the process name itself is also not illegal (unless you have to enter the VM for it) - Analyzing it (i.e. look if Tor middle or exit node, Traffic and alike) is.

  • @William said:

    yes I am aware I dont monitor data other than conntrack (when high packet counter) same as nodewatch. To get process names we do not enter container. We just question anytime TOR appears

    Different.

  • Run a miner as httpd, process watching thwarted

    How to clean up a questionable reputation: throw the kids some BF/CM offers.

  • @doughmanes said:
    Run a miner as httpd, process watching thwarted

    When I see CPU @ 100% im going to be suspicious

    Different.

  • @TinyTunnel_Tom said:
    When I see CPU @ 100% im going to be suspicious

    Maybe the, uh, "home videos" they have saved on their server is just really good and in high demand :P

    Thanked by 2doughmanes Mark_R

    Personal consultant to OP's Mom™

  • KwiceroLTDKwiceroLTD Member
    edited April 2015

    @TinyTunnel_Tom said:
    Hello,

    I'm looking the for the process names for the following pieces of software

    TOR
    Torrents
    Nested Virtualization
    home software
    IRC (bouncers)
    IRC (servers)
    Hipleap & alternatives
    bitcoin miners

    Regards,
    Tom

    Block the following process:
    'xinetd'

    Will solve problems...

    Kwicero LTD
    Company no. 09475165
    KwiBill Billing Automation Software: Click here

  • @user123 said:
    Maybe the, uh, "home videos" they have saved on their server is just really good and in high demand :P

    Still violating fair share policy.

    Different.

  • Some will even try to throttle mining. I deal with node abuse on a pretty consistent basis and have seen everything. Some have even tried using "xhide", an old process hider.

    How to clean up a questionable reputation: throw the kids some BF/CM offers.

  • Because, you know, legit software and such requires xhide to hide processes ;)

    How to clean up a questionable reputation: throw the kids some BF/CM offers.

  • WilliamWilliam Member, Provider

    Not your f*ing problem how your customers runs software. You should not even know that - it implies you looked into this VPS and violated customer privacy.

  • user123user123 Member
    edited April 2015

    @doughmanes said:
    Because, you know, legit software and such requires xhide to hide processes ;)

    So THAT's how you found out I was running virtualstripperd??? :(

    ETA: You run a VPS company?

    Thanked by 1doughmanes

    Personal consultant to OP's Mom™

  • So what abuse do you hope to stop by killing irc bouncers? They use almost no bandwidth or CPU...

  • @joereid said:
    So what abuse do you hope to stop by killing irc bouncers? They use almost no bandwidth or CPU...

    none. Just mainly want to distinguish between servers and bouncers to stop false positives.

    Different.

  • @TinyTunnel_Tom said:
    none. Just mainly want to distinguish between servers and bouncers to stop false positives.

    You can do that easily by looking at the traffic and not snooping on you customer's processes. Servers typically listen on tcp/6667 and will have a ton of connections while bouncers won't.

  • @joereid said:
    You can do that easily by looking at the traffic and not snooping on you customer's processes. Servers typically listen on tcp/6667 and will have a ton of connections while bouncers won't.

    Good idea. Thank you

    Different.

  • @TinyTunnel_Tom said:
    We have torrent clients running on our network, we just actively monitor them more often. Both of them are seeding Linux ISOs which we are fully aware of however we have made a few adjustments to their plans accordingly.

    If you monitor for torrent clients, either let the user know you don't allow clients (which I think you said you did in another thread, on behalf of MyServerPlanet) or let them know you'll adjust their plan. Don't snoop through their account looking at what they're torrenting. If you admit to doing that, what else are you looking at?

    If you allow torrents, but limit accounts to XX% CPU usage, and XXmbps upload, then make sure it's clear to users before limiting their account.

    Favourite host in general: Ramnode (affiliate link)
    Favourite host for hourly billing/custom ISOs: Vultr ($50 free credit for new accounts, affiliate link)

  • @hostnoob said:
    If you allow torrents, but limit accounts to XX% CPU usage, and XXmbps upload, then make sure it's clear to users before limiting their account.

    We don't snoop within the containers purely if torrent is running from ps. If they are using lots of BW we will work with them to keep both sides happy. As for CPU its fair share. basically just dont max it 24/7 which is kinder than matts 2.5%

    We had one person trigger the packet warning earlier, turned out nodewatch ran ps and found torrent running we now have adjusted both sides and he happily is seeding Linux ISOs he showed.

    Different.

  • Anyway @mikho @Spirit @mpkossen got my process names from a friend on skype.

    Different.

  • WilliamWilliam Member, Provider

    So note for everyone, don't trust your ISP (and especially not @TinyTunnel_Tom ) and rename your procs.

    10/10, useful thread.

  • rename your procs

    Reminds me of renaming some programs 'eggdrop'.

    Thanked by 1linuxthefish
  • Funny, CloudAtCost was stopping TOR relay server, so after some troubleshooting, I decided to re-name the process to apache2.

    It worked brilliantly. 200+ days uptime.

    Thanked by 3ATHK linuxthefish mint

    True wisdom comes to each of us when we realize how little we understand about life, ourselves, and the world around us.

  • @TinyTunnel_Tom said:
    Anyway mikho Spirit mpkossen got my process names from a friend on skype.

    So...?

    I recommend Prometeus, the best provider ever!

  • Just re-name apache2 to 'cpuminer' and enjoy.

  • @IceCream said:
    Just re-name apache2 to 'cpuminer' and enjoy.

    Why not just go with the tried and true: 'sysadminsmomd'? (YouseewhatIdidthere?)

    Personal consultant to OP's Mom™

  • JonchunJonchun Member, Provider

    @mpkossen said:

    The point of this thread was for process names. Everyone trolled him instead of providing process names. He posted and tagged every staff member on LET saying he found his process names from a friend on skype.

    I think he just wants this thread closed and the drama to blow over.

    Thanked by 1TinyTunnel_Tom
  • NekkiNekki Member

    Jonchun said: I think he just wants this thread closed and the drama to blow over.

    Trouble is, now people are concerned about what the OP is doing, quite possibly because the OP works for providers here who they previously trusted.

    Thanked by 2rm_ Mark_R

    Here lies Nekki. He loved massive amounts of storage, K-Pop and calling people cunts.

  • @Nekki said:

    As I have stated I am doing nothing more than nodewatch. I know nanovz and others that use it. Can we define the issue?

    Different.

  • NekkiNekki Member

    TinyTunnel_Tom said: As I have stated I am doing nothing more than nodewatch. I know nanovz and others that use it. Can we define the issue?

    You've stated it, but do people believe you?

    Here lies Nekki. He loved massive amounts of storage, K-Pop and calling people cunts.

  • @Nekki said:

    That's up to them not me. I am actually building a full nodewatch alternative I will make it public one day so everyone can see for themself

    Different.

  • ATHKATHK Member

    @TinyTunnel_Tom said:
    That's up to them not me. I am actually building a full nodewatch alternative I will make it public one day so everyone can see for themself

    Just because you're making an alternative to something, doesn't mean you're not a peeping Tom and looking in peoples containers.

    Thanked by 4rm_ Mark_R Pwner alexvolk
  • NekkiNekki Member

    @TinyTunnel_Tom Which providers do you actually work for these days? I'm assuming you still do work for somr and I may be wrong.

    Here lies Nekki. He loved massive amounts of storage, K-Pop and calling people cunts.

  • @ATHK said:
    Just because you're making an alternative to something, doesn't mean you're not a peeping Tom and looking in peoples containers.

    I completely avoid vzctl enter without customers permission

    Different.

  • @TinyTunnel_Tom said:
    I completely avoid vzctl enter without customers permission

    Of course.

    Thanked by 1TinyTunnel_Tom
  • rm_rm_ Member
    edited April 2015

    Shit like this is why you just never ever buy OpenVZ, certainly not from nosy wannabe hosts like... MyServerPlanet now?

    Hilarious 10/10

  • SpiritSpirit Disabled
    edited April 2015

    TinyTunnel_Tom said: got my process names from a friend on skype.

    @TinyTunnel_Tom please do not highlight complete forum staff. Use flag option next time.

This discussion has been closed.