Free Security Checks Websites Minecraft Servers. (REAL)

Status
This thread has been locked.

8a3

Banned
Feedback score
0
Posts
33
Reactions
4
Resources
0
Programs i use:
ShForcer (Custom Py Script)
MmmSpider (Spider Program)
Full Stack Crawler i am not wanting to mention.

OS: Arch Linux

What i will check:
Unlike half of these other kids, i am not going to google how to hack and claim to be a expert. i am not a expert, every day there are new things being exploited and more methods being created, one will never be free of these sorts of hackers.

A popular thing that users are saying on mcm - "I WILL FIND LEVERAGE ON YOUR STAFF", with all do respect, thats child play, if you want a basic scan like that be my guest.

I am offering an through exam for XSS scripting that could lead to personal information being leaked, files that should not be accessible by others (you would be surprised).

Most networks go through the same mistake, personally, i do not recommend using a dedi, it can lead to corruption in certain servers, by using a dedi you are potentially allowing users to flood your server bypassing the proxy, normally you would expect a 'skid' to open cmd type 'ping yourip -t', however, some of you are kind of stupid and don't realise all your servers are on a dedi and run off the same ip, one can simply scan your ports and find out your ips for instance:

Proxy - This is were your normal domain normally points too.
hub - ip is hidden behind proxy
kitpvp - ip is hidden behind proxy

if you use a dedi or your hosting provider gives you the same ip you normally are given ips like this:

Proxy - 1.1.1.1:25565
hub - 1.1.1.1:25566
kitpvp - 1.1.1.1:25567

now if someone scans your ports they will see your open ports as -
25565
25566
25567
a few more ports like ssh and ssl maybe even SFTP.

Now this souly can lead to servers being destroyed, you honestly cannot comprehend. I have personally seen this happen first hand, hire me for free to scan your network.

8a3#0373


LEAVE FEEDBACK BELOW
 
PebbleHost
High performance, consistent uptime and fast support. Minecraft hosting that just works.

CyberSecGuy

Supreme
Feedback score
3
Posts
118
Reactions
58
Resources
0
So, just curious. Why are you so threatened by other people you feel the absolute need to shit talk them. Then post the exact same type of thread? Are you worried they will detract from people who need help, and you feel the need to put them down in order to "improve your odds" ? So far from joining, you've only shit-talked and thread trashed people.

Lmao, i mean, this whole thread looks kind of, whats the word, 'skiddy', i am guessing you just bought whitepages and want to show people your sp00kyness ama right? Lol -1 add more info on what you use, why users should choose you ect.

Wow... You probably completed OSWAP and was like 'I am a sp00ky haxor' please lmao...

You're burning bridges, and trashing other threads, then turning around and posting up what could be considered the exact same garbage you're accusing others of. Are you really that insecure?

Let's review your thread.

Unlike half of these other kids, i am not going to google how to hack and claim to be a expert. i am not a expert, every day there are new things being exploited and more methods being created, one will never be free of these sorts of hackers.

First sentence out of the gate, we're still showing our insecurities by trashing people. Not a great start, this does not represent you very well and paints you in a very immature light. Not the thing people want to see, especially when dealing with "security" that could lead to actual privilege escalation. Additionally; you have zero basis to claim that anyone is "googling how to hack."

A popular thing that users are saying on mcm - "I WILL FIND LEVERAGE ON YOUR STAFF", with all do respect, thats child play, if you want a basic scan like that be my guest.

How do you scan a human? I haven't seen anyone type this yet, and even if they had, that's not what that means. At least, that's not how I interpret that sentence. Additionally, second sentence, more trashing.

I am offering an through exam for XSS scripting that could lead to personal information being leaked, files that should not be accessible by others (you would be surprised).

If you don't see the irony of using a scanner to find client-facing XSS scripting, and calling other people "script kiddies" well, I don't know what to say.

Most networks go through the same mistake, personally, i do not recommend using a dedi, it can lead to corruption in certain servers, by using a dedi you are potentially allowing users to flood your server bypassing the proxy, normally you would expect a 'skid' to open cmd type 'ping yourip -t', however, some of you are kind of stupid and don't realise all your servers are on a dedi and run off the same ip, one can simply scan your ports and find out your ips for instance:

Proxy - This is were your normal domain normally points too.
hub - ip is hidden behind proxy
kitpvp - ip is hidden behind proxy

if you use a dedi or your hosting provider gives you the same ip you normally are given ips like this:

Proxy - 1.1.1.1:25565
hub - 1.1.1.1:25566
kitpvp - 1.1.1.1:25567

now if someone scans your ports they will see your open ports as -
25565
25566
25567
a few more ports like ssh and ssl maybe even SFTP.

This is probably the best part.

That entire sentence is factually incorrect, and laughably silly. You don't recommend using dedicated hosting, because someone can ping it? So there's zero way to turn off ICMP Echo Requests (I linked it for you, so you don't have to, ya know, google it.)

Do you really think that a single home connection running at best 50mbps would cause some catastrophic denial of service, oh sorry, let's use your word, "corruption" (wrong word) against a server running a 1gbps connection? That's, hilarious.

"allowing users to flood your server bypassing the proxy" - That's, not how that works. At all.

Then you not only insult the person reading this thread by calling them stupid, but you do it and then IMMEDIATELY spell the word realize wrong.

Lastly, the main reason you suggest not using dedicated hardware not shared by anyone else, allowing you to utilize 100% of it's resources is...

Because you don't know how to lock off ports? Even in your own example, you couldn't figure out the proper way to setup a BungeeCord server. Now, is this a big issue? Yes, it is. There's many servers online incorrectly configured that could lead to a potential security breach. Yet your grand solution is "go with shared hosting."

Nope, we certainly can not correct "hub" and "kitpvp" to listen to localhost, and use our handy-dandy iptables to deny access to 25566 and 25567, while pointing our BungeeCord server list to localhost:25566, localhost25567, thus correcting the issue. No, we can't do that, that's not an option, just don't buy a dedicated server.

Now this souly can lead to servers being destroyed, you honestly cannot comprehend. I have personally seen this happen first hand, hire me for free to scan your network.

Backups clearly don't exist. You know, the industry standard for the last 30 years. The one thing all IT services preach every day. Nope, no backups. My point is, you don't have to be so dramatic. Yes, get your network messed up sucks, yes it takes a minute out of your day. The point is, you don't need to go straight to "THE WORLD IS ENDING!" and should instead just be, like the rest of IT staff across the globe, be reminding people to take daily backups.

Wrap it up:

All in all, you've shown you're pretty immature with the unnecessary need to trash talk anyone else remotely in the same field as you, immediately burning bridges with zero regard to the outcome. Does that sound like someone who should be in the security field who could potentially get access to files? Probably not.

You've thrown around buzz words to try and 'glam up' your thread. ShForcer, MmmSpider, Full Stack Crawler. Cool, you have mentioned three programs, two of which probably do the same thing, the other is probably an SSH bruteforcer. Neat-o. No one cares how the glue is made, they just want the glue.

Arch Linux - ah yes, the security penetration testers operating system of choice. Enough said.

Spectacular display of ignorance when it comes to proper server management, and instead of speaking of ways to correct the most common concerns, you instead ward off the most useful form of hosting completely.

This will be my last interaction with you, I wish you the best of luck in your time on MCM though I feel like it will be short, the exact same reason why you just registered yesterday, and hope you grow and realize you don't have to be so combative with people. Build bridges, don't burn them. I will not be replying to you any further as I have already put in more effort than you are clearly worth.
 
Last edited:

8a3

Banned
Feedback score
0
Posts
33
Reactions
4
Resources
0
So, just curious. Why are you so threatened by other people you feel the absolute need to shit talk them. Then post the exact same type of thread? Are you worried they will detract from people who need help, and you feel the need to put them down in order to "improve your odds" ? So far from joining, you've only shit-talked and thread trashed people.





You're burning bridges, and trashing other threads, then turning around and posting up what could be considered the exact same garbage you're accusing others of. Are you really that insecure?

Let's review your thread.



First sentence out of the gate, we're still showing our insecurities by trashing people. Not a great start, this does not represent you very well and paints you in a very immature light. Not the thing people want to see, especially when dealing with "security" that could lead to actual privilege escalation. Additionally; you have zero basis to claim that anyone is "googling how to hack."



How do you scan a human? I haven't seen anyone type this yet, and even if they had, that's not what that means. At least, that's not how I interpret that sentence. Additionally, second sentence, more trashing.



If you don't see the irony of using a scanner to find client-facing XSS scripting, and calling other people "script kiddies" well, I don't know what to say.



This is probably the best part.

That entire sentence is factually incorrect, and laughably silly. You don't recommend using dedicated hosting, because someone can ping it? So there's zero way to turn off ICMP Echo Requests (I linked it for you, so you don't have to, ya know, google it.)

Do you really think that a single home connection running at best 50mbps would cause some catastrophic denial of service, oh sorry, let's use your word, "corruption" (wrong word) against a server running a 1gbps connection? That's, hilarious.

"allowing users to flood your server bypassing the proxy" - That's, not how that works. At all.

Then you not only insult the person reading this thread by calling them stupid, but you do it and then IMMEDIATELY spell the word realize wrong.

Lastly, the main reason you suggest not using dedicated hardware not shared by anyone else, allowing you to utilize 100% of it's resources is...

Because you don't know how to lock off ports? Even in your own example, you couldn't figure out the proper way to setup a BungeeCord server. Now, is this a big issue? Yes, it is. There's many servers online incorrectly configured that could lead to a potential security breach. Yet your grand solution is "go with shared hosting."

Nope, we certainly can not correct "hub" and "kitpvp" to listen to localhost, and use our handy-dandy iptables to deny access to 25566 and 25567, while pointing our BungeeCord server list to localhost:25566, localhost25567, thus correcting the issue. No, we can't do that, that's not an option, just don't buy a dedicated server.



Backups clearly don't exist. You know, the industry standard for the last 30 years. The one thing all IT services preach every day. Nope, no backups. My point is, you don't have to be so dramatic. Yes, get your network messed up sucks, yes it takes a minute out of your day. The point is, you don't need to go straight to "THE WORLD IS ENDING!" and should instead just be, like the rest of IT staff across the globe, be reminding people to take daily backups.

Wrap it up:

All in all, you've shown you're pretty immature with the unnecessary need to trash talk anyone else remotely in the same field as you, immediately burning bridges with zero regard to the outcome. Does that sound like someone who should be in the security field who could potentially get access to files? Probably not.

You've thrown around buzz words to try and 'glam up' your thread. ShForcer, MmmSpider, Full Stack Crawler. Cool, you have mentioned three programs, two of which probably do the same thing, the other is probably an SSH bruteforcer. Neat-o. No one cares how the glue is made, they just want the glue.

Arch Linux - ah yes, the security penetration testers operating system of choice. Enough said.

Spectacular display of ignorance when it comes to proper server management, and instead of speaking of ways to correct the most common concerns, you instead ward off the most useful form of hosting completely.

This will be my last interaction with you, I wish you the best of luck in your time on MCM though I feel like it will be short, the exact same reason why you just registered yesterday, and hope you grow and realize you don't have to be so combative with people. Build bridges, don't burn them. I will not be replying to you any further as I have already put in more effort than you are clearly worth.
honestly i am not reading all of this,
"That entire sentence is factually incorrect, and laughably silly. You don't recommend using dedicated hosting, because someone can ping it? So there's zero way to turn off ICMP Echo Requests (I linked it for you, so you don't have to, ya know, google it.)"

I mean, i know what that is however i did not say users will ping it, i said a dedicated server hosted server can be easy to hack, in this case i am going to use ddosing, when you host of a dedi users can send attacks to a specific server instead of directly at the proxy, proxy attacks will not reduce performance ingame, however if a user attacks the ip with the port of a server they can directly attack the server and kill performance, however if you use something like a seperate vps for the proxy and a dedi for all other servers that will work as they need the proxy's ip too actually scan ports. I would show a example but i think its bannable.
 
Banned forever. Reason: Ban Evading (Secondly)

Legomix13

Feedback score
4
Posts
45
Reactions
16
Resources
0
So, just curious. Why are you so threatened by other people you feel the absolute need to shit talk them. Then post the exact same type of thread? Are you worried they will detract from people who need help, and you feel the need to put them down in order to "improve your odds" ? So far from joining, you've only shit-talked and thread trashed people.





You're burning bridges, and trashing other threads, then turning around and posting up what could be considered the exact same garbage you're accusing others of. Are you really that insecure?

Let's review your thread.



First sentence out of the gate, we're still showing our insecurities by trashing people. Not a great start, this does not represent you very well and paints you in a very immature light. Not the thing people want to see, especially when dealing with "security" that could lead to actual privilege escalation. Additionally; you have zero basis to claim that anyone is "googling how to hack."



How do you scan a human? I haven't seen anyone type this yet, and even if they had, that's not what that means. At least, that's not how I interpret that sentence. Additionally, second sentence, more trashing.



If you don't see the irony of using a scanner to find client-facing XSS scripting, and calling other people "script kiddies" well, I don't know what to say.



This is probably the best part.

That entire sentence is factually incorrect, and laughably silly. You don't recommend using dedicated hosting, because someone can ping it? So there's zero way to turn off ICMP Echo Requests (I linked it for you, so you don't have to, ya know, google it.)

Do you really think that a single home connection running at best 50mbps would cause some catastrophic denial of service, oh sorry, let's use your word, "corruption" (wrong word) against a server running a 1gbps connection? That's, hilarious.

"allowing users to flood your server bypassing the proxy" - That's, not how that works. At all.

Then you not only insult the person reading this thread by calling them stupid, but you do it and then IMMEDIATELY spell the word realize wrong.

Lastly, the main reason you suggest not using dedicated hardware not shared by anyone else, allowing you to utilize 100% of it's resources is...

Because you don't know how to lock off ports? Even in your own example, you couldn't figure out the proper way to setup a BungeeCord server. Now, is this a big issue? Yes, it is. There's many servers online incorrectly configured that could lead to a potential security breach. Yet your grand solution is "go with shared hosting."

Nope, we certainly can not correct "hub" and "kitpvp" to listen to localhost, and use our handy-dandy iptables to deny access to 25566 and 25567, while pointing our BungeeCord server list to localhost:25566, localhost25567, thus correcting the issue. No, we can't do that, that's not an option, just don't buy a dedicated server.



Backups clearly don't exist. You know, the industry standard for the last 30 years. The one thing all IT services preach every day. Nope, no backups. My point is, you don't have to be so dramatic. Yes, get your network messed up sucks, yes it takes a minute out of your day. The point is, you don't need to go straight to "THE WORLD IS ENDING!" and should instead just be, like the rest of IT staff across the globe, be reminding people to take daily backups.

Wrap it up:

All in all, you've shown you're pretty immature with the unnecessary need to trash talk anyone else remotely in the same field as you, immediately burning bridges with zero regard to the outcome. Does that sound like someone who should be in the security field who could potentially get access to files? Probably not.

You've thrown around buzz words to try and 'glam up' your thread. ShForcer, MmmSpider, Full Stack Crawler. Cool, you have mentioned three programs, two of which probably do the same thing, the other is probably an SSH bruteforcer. Neat-o. No one cares how the glue is made, they just want the glue.

Arch Linux - ah yes, the security penetration testers operating system of choice. Enough said.

Spectacular display of ignorance when it comes to proper server management, and instead of speaking of ways to correct the most common concerns, you instead ward off the most useful form of hosting completely.

This will be my last interaction with you, I wish you the best of luck in your time on MCM though I feel like it will be short, the exact same reason why you just registered yesterday, and hope you grow and realize you don't have to be so combative with people. Build bridges, don't burn them. I will not be replying to you any further as I have already put in more effort than you are clearly worth.
Thanks <3
 

Space Cadet

Cyber Security
Supreme
Feedback score
1
Posts
9
Reactions
5
Resources
0
Attempts to discredit me and then comes out with " i do not recommend using a dedi " Do you actually lick door nobs for fun?
 
Status
This thread has been locked.
Top