Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


What's the deal with ColoCrossing?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

What's the deal with ColoCrossing?

A recent LET thread is specifically requesting a non-ColoCrossing VPS provider.

Searching for ColoCrossing on the LET forms brings up a lot of grumbling but nothing specific.

Out of interest, can anyone tell me specifically what ColoCrossing is doing wrong?

«13

Comments

  • F.e. They didn't care much about spammers for quite some time and got a lot of blacklisted IPs in result.

  • nexusrain said: F.e. They didn't care much about spammers for quite some time and got a lot of blacklisted IPs in result.

    Outch. All clear now, thanks.

  • jarjar Patron Provider, Top Host, Veteran
    edited August 2015

    @singsing said:
    Outch. All clear now, thanks.

    Oh no, there's a whole book to be written on your original question. Fortunately for you, none of us care enough to write it anymore. We're all over that :P

    Thanked by 1netomx
  • Eeeek. Someone opened the box!

  • nexusrain said: F.e. They didn't care much about spammers for quite some time and got a lot of blacklisted IPs in result.

    They still don't seem to care much about comment and blog spam - Just about email, and that also only because every second customer is complaining about Spamhaus'd IPs, this also seems to be not really 100% pulled through, else there would not be a /15 escalation left....

  • Spamhaus has a new extortion scheme.

    I'm not defending CC by any means but I know 2 other providers who were extorted by Spamhaus into buying into a third party "referred by Spamhaus" service in order to have large blanket SBLs removed. I think maybe CC told SH that "thanks but no thanks" and are attempting to do things in house versus that third party proxy service that SH will sell you.

  • NekkiNekki Veteran

    Another lesser complaint was that for a time, every man and his dog was offering plans from ColoCrossing DC's and people like variety in their lives.

    Thanked by 2netomx berkay
  • WilliamWilliam Member
    edited August 2015

    doughmanes said: Spamhaus has a new extortion scheme.

    Might be, does not change that CC is still a MAJOR blog/commentspam source and DDoS source though (hoovering around the same level as China Telecom which has 500x more IPs and like 10000x more customers) - This is proven and it is also proven that they have not much interest in changing that.

    https://vpsboard.com/topic/7617-colocrossing-attacking-stopforumspam/#comment-99349

    https://twitter.com/stopforumspam

  • WilliamWilliam Member
    edited August 2015

    Also: https://cleantalk.org/blacklists/AS36352

    You need to be a special kind of ISP to beat Ecatel (BY FAR!!) and CNT/CNC in blog/forum spam levels.

    Thanked by 2k0nsl TheHackBox
  • jhjh Member

    We got more spam from their network than any other

  • William said: You need to be a special kind of ISP to beat Ecatel (BY FAR!!)

    In Ecatel's defense, they've cleaned up a lot of the shit ddos/spam, you can only spoof on gbit streaming servers now, and even at that it's not worth it just to piss off someone, too much money wasted. I'd rather just go to poland-based hosting (which I won't name), and pay $20 to do it with a fresh amp list. What's fun though, is hooking up a bunch of booter APIs, and having them ddos each other, causing skids to bitch about not being able to ddos.

  • KwiceroLTD said: In Ecatel's defense, they've cleaned up a lot of the shit ddos/spam

    Yea, but not because they wanted to - They were simply forced to accept NL court rulings (for Warez, by BREIN) and their upstreams threatened to depeer them (A2B did in the end), no idea why their current upstreams (which are all large Tier1/Tier2s) allow them to spoof traffic still...

    Thanked by 1TheHackBox
  • @William said:
    Yea, but not because they wanted to - They were simply forced to accept NL court rulings (for Warez, by BREIN) and their upstreams threatened to depeer them (A2B did in the end), no idea why their current upstreams (which are all large Tier1/Tier2s) allow them to spoof traffic still...

    Yeah, but if we're really talking about why they allow spoofing, CyberBunker allows spoofing, and funny enough, if you contact them asking for 5 servers, with spoofing enabled you get a discount that equals to the price of 2 servers.

  • Besides the span ColoCrossing's network allows spoofing and has been ghost-operating brands for many years. It took a while for them to finally fess up to owning HVH.

    Thanked by 1KwiceroLTD
  • @HostMyBytes said:
    Besides the span ColoCrossing's network allows spoofing and has been ghost-operating brands for many years. It took a while for them to finally fess up to owning HVH.

    If CC stops spoofing, I'm willing to bet $5k that almost all booters die instantly, and CC goes bankrupt within a year, since spam/ddos is their biggest customer.

  • WilliamWilliam Member
    edited August 2015

    KwiceroLTD said: Yeah, but if we're really talking about why they allow spoofing, CyberBunker allows spoofing, and funny enough, if you contact them asking for 5 servers, with spoofing enabled you get a discount that equals to the price of 2 servers.

    Cyberbunker is a special kind of evil, i'm fairly sure its gov owned/controlled since Sven went to jail, they even got their IPs revoked by RIPE (granted, he WAS using VERY creative justification, but RIPE usually did not give a shit about that and his allocations were small in the large picture compared to people like Heng Lu). Kinda funny how they say they are independent when the NL gov could simply say fuck it and cut the fiber+power lines on public property and then block delivery of fuel....

    Somehow A2B is always connected in such things, first upstream of Ecatel, then Cyberbunker, now supplier of IPs to CB customers (within 46.244.0.0/19 which is actually surprisingly clean), spoofing enabled, abuse safe... all that despite not having any obvious connection to ex-RBN and alike (as Ecatel has, Cyberbunker was never part of it though)

    I still remember my fights with Sven on the RIPE mailing list(s) (and continued outside) - kinda funny guy with some very strange ideals/motives. Paranoid as fuck (and i tell you that as someone with paranoid schizophrenia, for him they probably need a new ICD10 entry) and accused me more than once as mossad agent... as said, kinda funny, pretty easy to troll as well :)

    Thanked by 2KwiceroLTD Francisco
  • William said: Cyberbunker is a special kind of evil

    I can't argue that.

    William said: i'm fairly sure its gov owned/controlled since Sven went to jail, they even got their IPs revoked by RIPE

    On TF there was a thread showing CyberBunker isn't even in the bunker anymore, a new firm owns it and is renovating that. I'll see if I can find the 200ish page PDF document detailing the renovations that started in 2013/2014...

  • KwiceroLTD said: On TF there was a thread showing CyberBunker isn't even in the bunker anymore, a new firm owns it and is renovating that. I'll see if I can find the 200ish page PDF document detailing the renovations that started in 2013/2014...

    Maybe they want to open another Ecstasy lab in it.... or this time switch to LSD, more profit per gramm lol

    Thanked by 2KwiceroLTD Peroni
  • William said: Maybe they want to open another Ecstasy lab in it.... or this time switch to LSD, more profit per gramm lol

    LSD seems like the better choice. I still love the Lebanon server who offers physical theft protection incase some armed gang comes and literally takes the physical machine.

  • I loved how he complained in IRC how everything is bad and how the government (of various countries) is out to get him when StopHaus/Cyberbunker/CB3ROB was hit with 100G+ DDoS as well, and then claimed diplomatic immunity when arrested in Spain (which Spanish police obviously didn't give a single shit about) - In german we would say "Wer austeilen kann muss auch einstecken können" (essentially a wordplay on action-reaction, have no solid translation for it).

    Thanked by 1KwiceroLTD
  • UrDNUrDN Member

    William said: Cyberbunker is a special kind of evil, i'm fairly sure its gov owned/controlled since Sven went to jail, they even got their IPs revoked by RIPE (granted, he WAS using VERY creative justification, but RIPE usually did not give a shit about that and his allocations were small in the large picture compared to people like Heng Lu). Kinda funny how they say they are independent when the NL gov could simply say fuck it and cut the fiber+power lines on public property and then block delivery of fuel....

    You are making a lot of stories man, Sven Olaf Kamphuis was released from jail with no charge. He simply sold his prefixes they weren't taken back by the RIPE.

    I have not a lot of sympathy for Kamphuis but he has done nothing illegal, he even returned to Spain where he had had been arrested before.

    Kamphuis just pretended to be hosting in a bunker (he used to work there) while servers were just in a normal datacenter.

  • WilliamWilliam Member
    edited August 2015

    UrDN said: You are making a lot of stories man, Sven Olaf Kamphuis was released from jail with no charge.

    I never said he was still in jail - I know very well he was released. I said he was arrested and sent to jail - Which was the case. Not being charged with anything does not mean much either, for me it took nearly 4 years before i was charged with anything, and another year for sentencing.

    He simply sold his prefixes they weren't taken back by the RIPE.

    They are not listed on the RIPE transfer list, thus they were either revoked or he sold them along with the company (which was, according to German Firmenbuch, dissolved, so a sale would be illegal).

    UrDN said: but he has done nothing illegal

    eh, i doubt that - I just remind you of the bunkers XTC lab that burned down.... hard to believe he and others had no knowledge of what was happening there. You need a LOT of precursors for MDMA, and a laboratory in the bunker should've raised red flags almost immediatelly.

    Him posting on Stophaus, with pretty clear messages, also was surely very borderline - Calling others to DDoS Spamhaus constitutes pretty surely inciting to a crime under NL laws. Spanish police also say he hacked WIFIs in Spain (and/or abused open ones) which is a crime there.

    Not hosting in the bunker, as was advertised (no idea if it ever was the case, i was never there), is also a scam then - a crime in NL.

    Claiming diplomatic immunity without having it is a crime.

    Goes on and on...

  • raindog308raindog308 Administrator, Veteran

    singsing said: Out of interest, can anyone tell me specifically what ColoCrossing is doing wrong?

    Some of us remember LET before CC bought it.

  • UrDNUrDN Member

    William said: Him posting on Stophaus, with pretty clear messages, also was surely very borderline - Calling others to DDoS Spamhaus constitutes pretty surely inciting to a crime under NL laws. Spanish police also say he hacked WIFIs in Spain (and/or abused open ones) which is a crime there.

    Are you sure anyone was calling for a DDoS attack on stophaus.com ? So far this attack was coordinated by script-kiddies on skype. I have the logs somewhere and I remember pretty much that it was one kid doing it all and from one single server which is very different from what cloudflare and spamhaus told. I remember telling the kid that he's going to help spamhaus very much by doing that.

  • miaumiau Member
    edited August 2015

    @kcaj said:

    ...meanwhile my CC box got null routed last week.

    Because my server was under anticipated traffic surge, and whatever thing that monitor their network freaked out and mistakenly flag it as DDoS attack and took my server out network.

  • cc is not the problem - it's google!

  • William said: Not being charged with anything does not mean much either, for me it took nearly 4 years before i was charged with anything, and another year for sentencing.

    TMI, but now that it's out, to little information, what were you charged with, what was your sentence, and did you really do it?

  • singsing said: TMI, but now that it's out, to little information, what were you charged with, what was your sentence, and did you really do it?

    I had a long blog post with more info but my lawyer told me i should remove it.

    Ownership of illegal drugs - Fine +1 year probation (per case, so 2 years total, 1 for owning, 1 for importing) - sure, i had drugs (weed, hash), i just love dem weed. Annoying, i see nothing wrong with it (and certainly less dangerous than alcohol). Probation means exactly nothing happens.

    (minor) Fiscal evasion/tax evasion (means less than ~250000EUR) - Fine - True but i rather call it "creative accounting", technically was legal at the time but eh, if they really want to find something they always do. Can't run company anymore.

    Support to distribution of illegal pornography without actual ownership ("accomplice") - 3 years probation - Technically? Sure. Did i know it? Partly, as i knew what can run over Tor, was mixed with some chatlogs though that had nothing to do with Tor but eh, government... Huge costs for expert witness and court on top.

    Ownership of illegal pornography - Acquittal (that seems to be cited the most even though i was fully acquited) - Technically, partly, in reality, no. It was just an automatic downloader which already moved files to trash if reddit/4chan thread got deleted by mods/admins, IIRC they looked at the code as well and then defined it as not criminal. Other pornography displaying "minors" (Drawn, Hentai) was charged at first but then let go as the law is clear on it (fully legal).

  • WilliamWilliam Member
    edited August 2015

    UrDN said: Are you sure anyone was calling for a DDoS attack on stophaus.com ?

    Not directly, no - But it was very near it, like calling for "permanent solution" and "destroyal", without explicitely speficication what to do but still questionable. I know from experience (with others, not on me) that such a thing is already enough for some probation and a good fine.

    UrDN said: I have the logs somewhere and I remember pretty much that it was one kid doing it all and from one single server which is very different from what cloudflare and spamhaus told.

    A 300x AMP from a single server? Not possible, even highest DNS amps only go up to like x100 and NTP floods were not common back then yet. According to CF it was DNS amp and not NTP amp as well. Sure, i would not put much trust into what Spamhaus says but CF is more trustable, especially in their main field of protection.

Sign In or Register to comment.