Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Any reason NOT to drop packets from psychz.net?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Any reason NOT to drop packets from psychz.net?

DamianDamian Member
edited March 2012 in General
10 failed login attempts to account root (system) -- Large number of attempts from this IP: 199.83.91.99
Reverse DNS: unassigned.psychz.net
10 failed login attempts to account root (system) -- Large number of attempts from this IP: 74.117.58.96
Reverse DNS: unassigned.psychz.net
10 failed login attempts to account root (system) -- Large number of attempts from this IP: 216.24.201.7
Reverse DNS: unassigned.psychz.net
10 failed login attempts to account test1 (system) -- Large number of attempts from this IP: 199.71.214.141
Reverse DNS: unassigned.psychz.net

Some cursory searching on WHT demonstrates that they're part of the WHT Good Ol' Boys Club, AND they don't respond to abuse complaints.

They're not an ISP, and we don't allow sales to individuals using obvious VPN's, so I can't think we'd lose any business from dropping traffic from all of their IP blocks.

Anyone think of a situation where this would be untrue?

Thanked by 1[Deleted User]
«1

Comments

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    They're photonvps and yardvps. Drmike had wars with them on LEB

  • @Francisco said: Drmike had wars with them on LEB

    Actual wars with good reason, or drmike-is-a-little-punchy-about-everything wars?

  • FranciscoFrancisco Top Host, Host Rep, Veteran
    edited March 2012

    It looked pretty justified. Lookup yardvps on the front page and check the 2nd offers comments.

    Mike had it out with them every time they got listed.

  • flyfly Member
    edited March 2012

    yeah photon + yard are like the buyvm of wht

    (in terms of their position in teh community)

    no offense meant

  • @drmike was a cool guy and didn't afraid of anything.

    Thanked by 2netomx Zero
  • rskrsk Member, Patron Provider

    drop 'em then :)

  • @DotVPS @DanielM : You guys are my heroes. Thanks!

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    you can block CIDR's with iptables just fine

    Francisco

    Thanked by 1yomero
  • I'll be adding them to the ACL on our router. I was dropping them in iptables on each system, one by one, but now that I see they have several blocks ranging from /20 to /22, then I'll need to do whole blocks.

  • FranciscoFrancisco Top Host, Host Rep, Veteran
    edited March 2012

    @DotVPS said: I was just wondering what he was using.

    aah :)

    Besides, using blackholes is the better idea since it doesn't cause any CPU usage handling it.

    Francisco

  • dmmcintyre3dmmcintyre3 Member
    edited March 2012

    @DotVPS said: Black holes are only available on your own equipment though right?

    ip route add blackhole 192.168.1.0/24

  • NarutoNaruto Member
    edited March 2012

    @DotVPS said: Go , Go , Go :P

    "ATAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACK GUYS!!!" :/

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    @DotVPS said: Black holes are only available on your own equipment though right?

    Yep but you could blackhole on your nodes by hand

    ip route add blackhole subnet

    Francisco

  • eLohkCalbeLohkCalb Member
    edited March 2012

    Just FYI or as a future reference:
    Profuse Solutions = Gazzin Networks = Psychz Networks = YardVPS = PhotonVPS = Chimehost

    There are tons of replica sites on their network too.

  • PhotonVPSPhotonVPS Member, Host Rep

    If there's abuse coming from our network, please contact [email protected]

    Thanked by 1Naruto
  • PhotonVPSPhotonVPS Member, Host Rep

    @eLohkCalb We manage multiple brands each with their own niche.

  • @PhotonVPS said: @eLohkCalb We manage multiple brands each with their own niche.

    Which brand doesn't respond to abuse complaints?

  • I was their customer about 2 years ago when they offered free web-hosting, and it's stupidly funny how even to this date they keep sending me unpaid invoice notices.

    AND yes I have emailed them to fix this on a few occasions!

  • @Kairus said: Which brand doesn't respond to abuse complaints?

    Most i amagine. For rogue and criminal networks this is comon.

  • PhotonVPSPhotonVPS Member, Host Rep

    @Kairus We resolve all our abuse complaints, if there isn't one resolved please message me the ticket number and I'll see what's the delay on it.

  • @PhotonVPS said: We resolve all our abuse complaints, if there isn't one resolved please message me the ticket number and I'll see what's the delay on it.

    I've had a handful of incidents originating from your network over the past couple of years, every one reported to abuse@. Never received a response from any, and the most recent (maybe 4-5 months ago) continued go to on for several weeks after being reported.

  • @Aldryic said: Never received a response from any,

    Yeah, that's actually why I posted this. Between this WHT post: http://www.webhostingtalk.com/showthread.php?t=1095650 and the lack of response from abuse@, I've pretty much decided that we don't need to be open to the traffic anymore.

    @PhotonVPS: You seem to like to pull the "do you have a valid open ticket" line. How are we supposed to get ticket numbers? Emailing abuse@ results in.. nothing happening:

    image

    And your website doesn't have information on abuse complaints.

  • PhotonVPSPhotonVPS Member, Host Rep

    @Damian What email address are you sending them to?

  • PhotonVPSPhotonVPS Member, Host Rep

    @Damian Did you even read this ticket?

    http://www.webhostingtalk.com/showthread.php?t=1095650

    Without a DMCA, there's nothing our support desk can do. You try suspending a server without a proper DMCA and let us know what your client says.

  • @PhotonVPS - My reports sent to [email protected] were malicious network activity (two incoming synfloods, a scanner/bruter, and someone trying to compromise our WHMCS) went totally unanswered, and none of them were DMCA-related.

    And no, I don't have a ticket reference for you, as these were emails sent in months ago. We may likely continue to send abuse reports to you as a courtesy for future offenses; but like @Damian we will primarily be simply placing blackholes for traffic from your networks.

    Thanked by 1yomero
  • HC_RoHC_Ro Member
    edited March 2012

    Just my .02 from lurking

    @PhotonVPS said: Without a DMCA, there's nothing our support desk can do. You try suspending a server without a proper DMCA and let us know what your client says.

    http://www.webhostingtalk.com/showpost.php?p=7778054&postcount=7

    They don't have a fundamental understanding of DMCA.

    DMCA is pretty much all Civil complaints form one person to another IE "my sites picures have been ripped", where the provider first acts as a proxy and depending on many factors could take action.

    Abuse complaints are entirely different and could perhaps even be a completely different department than DMCA/TD depending on the size of the organization.

    Further its even more irresponsible to be so ignorant to non DMCA abuse since it effects your network as well.

  • @PhotonVPS said: Without a DMCA, there's nothing our support desk can do. You try suspending a server without a proper DMCA and let us know what your client says.

    So you're saying that if you receive an abuse complaint that someone is DoSing a server from your network, you won't do anything because it's not a DMCA?

  • @Kairus said: So you're saying that if you receive an abuse complaint that someone is DoSing a server from your network, you won't do anything because it's not a DMCA?

    It seems.. dumb

Sign In or Register to comment.