system security test

[fengfanyue]

THIS IS FOR SELF HOSTED SERVER​

how safe is your server? have you think about it before?
most server don't have an advanced firewall or not having one at all.

There is over 10,000+ backdoor plugins on the web. What is a backdoor plugin? Like the story of 2b2t, the owner requested a custom plugin (check google), and the plugin have a client side access backdoor which give op permission to other people with out the owner knowing. There is a lot you can do with a op perm, did you check the jar files before installing it on your server? 90% didn't, that's a very dangerous thing...
Here is some data from 2020:
there is a hacker attack every 39 seconds. (Source: Security magazine)

300,000 new malware is created every day.

66% of businesses attacked by hackers weren’t confident they could recover.
(Source: Fortune)

73% of black hat hackers said traditional firewall and antivirus security is irrelevant or obsolete.
(Source: Thycotic.com)

Russian hackers can infiltrate a server network in 18 minutes.
(Source: Crowdstrike)
___
there is over 2 billion server got hacked in 2020. All of your hard work could disappear before you wake up.

What can you do?

here is what this thread is about, an advanced security test. Here is a list of many things I will test for your server and help you install and secure the server.

Common Attacks
________________

• ace-voip
• Amap
• APT2
• arp-scan
• Automater
• bing-ip2hosts
• braa
• CaseFile
• CDPSnarf
• cisco-torch
• copy-router-config
• DMitry
• dnmap
• dnsenum
• dnsmap
• DNSRecon
• dnstracer
• dnswalk
• DotDotPwn
• enum4linux
• enumIAX
• EyeWitness
• Faraday
• Fierce
• Firewalk
• fragroute
• fragrouter
• Ghost Phisher
• GoLismero
• goofile
• hping3
• ident-user-enum
• InSpy
• InTrace
• iSMTP
• lbd
• Maltego Teeth
• masscan
• Metagoofil
• Miranda
• nbtscan-unixwiz
• Nikto
• Nmap
• ntop
• OSRFramework
• p0f
• Parsero
• Recon-ng
• SET
• SMBMap
• smtp-user-enum
• snmp-check
• SPARTA
• sslcaudit
• SSLsplit
• sslstrip
• SSLyze
• Sublist3r
• THC-IPV6
• theHarvester
• TLSSLed
• twofi
• Unicornscan
• URLCrazy
• Wireshark
• WOL-E
• Xplico
• • Binwalk
  • bulk-extractor
  • Capstone
  • chntpw
  • Cuckoo
  • dc3dd
  • ddrescue
  • DFF
  • diStorm3
  • Dumpzilla
  • extundelete
  • Foremost
  • Galleta
  • Guymager
  • p0f
  • pdfid
  • pdgmail
  • peepdf
  • RegRipper
  • Volatility
  • Xplico
  Web Applications
  • apache-users
  • Arachni
  • BBQSQL
  • BlindElephant
  • Burp Suite
  • CutyCapt
  • DAVTest
  • deblaze
  • DIRB
  • DirBuster
  • fimap
  • FunkLoad
  • Gobuster
  • Grabber
  • hURL
  • jboss-autopwn
  • joomscan
  • jSQL Injection
  • Maltego Teeth
  • Nikto
  • PadBuster
  • Paros
  • Parsero
  • plecost
  • Powerfuzzer
  • ProxyStrike
  • Recon-ng
  • Skipfish
  • sqlmap
  • Sqlninja
  • sqlsus
  • ua-tester
  • Uniscan
  • w3af
  • WebScarab
  • Webshag
  • WebSlayer
  • WebSploit
  • Wfuzz
  • WhatWeb
  • WPScan
  • XSSer
  • zaproxy
  Stress Testing
  • DHCPig
  • FunkLoad
  • iaxflood
  • Inundator
  • inviteflood
  • ipv6-toolkit
  • mdk3
  • Reaver
  • rtpflood
  • SlowHTTPTest
  • t50
  • Termineter
  • THC-IPV6
  Exploitation Test
  • Armitage
  • Backdoor Factory
  • BeEF
  • cisco-auditing-tool
  • cisco-global-exploiter
  • cisco-ocs
  • cisco-torch
  • Commix
  • crackle
  • exploitdb
  • jboss-autopwn
  • Linux Exploit Suggester
  • Maltego Teeth
  • Metasploit Framework
  • MSFPC
  • RouterSploit
  • SET
  • ShellNoob
  • sqlmap
  • THC-IPV6
  • Yersinia
  Vulnerability Analysis
  • BBQSQL
  • BED
  • cisco-auditing-tool
  • cisco-global-exploiter
  • cisco-ocs
  • cisco-torch
  • copy-router-config
  • Doona
  • DotDotPwn
  • HexorBase
  • jSQL Injection
  • Lynis
  • Nmap
  • ohrwurm
  • openvas
  • Oscanner
  • Powerfuzzer
  • sfuzz
  • SidGuesser
  • SIPArmyKnife
  • sqlmap
  • Sqlninja
  • sqlsus
  • THC-IPV6
  • tnscmd10g
  • unix-privesc-check
  • Yersinia
  
  
  All attacks will be preformed from one at a time to complex patter
  leaks, weak ports, backdoors, rats... will be listed in a detailed report via .pdf format.
  
  Also provide:
  
  
• Install of advanced firewall, on-move scan, recovery disk, network local host monitor, incoming DDos redirect, database SSL, plugin jar lookup, Threat monitor workspace, install clamav & setup, web based firewall, leaked password protection, repair files...

$400 for small & middle size network
$800 for large network

all sale requires 30% prepay fee.

fengfanyue#0001


Why I don't offer test for none self hosted servers?
Many Minecraft hosting providers don't give the root access and 74% of them are shared resources which means many of them are config differently. unfortunately, I can't test a shared hosting server, but if you have a dedicated server which runs on linux, centOS, or ubuntu, contact me.

Here is some tips you can do your self:

How Do You Know If You’ve Been Attacked?
many tricks can be used to hide the hack, such as removing bash histories, creating hidden users and hiding processes from the process list... Most attacks are by brute force, keeping look for large increase in CPU, network traffic. Pretty much all hack will make some increase in network traffic. When a server is being employed for nefarious purposes you’ll often see the CPU load increase above its normal levels, sometimes this may be without any processes seemingly causing that load, in which case there’s a good chance of a program running being hidden from the normal process tools.

 

[Airee]

Holy shit you've got quite the list there

 

[fengfanyue]

 

[SSH]

THIS IS FOR SELF HOSTED SERVER​

how safe is your server? have you think about it before?
most server don't have an advanced firewall or not having one at all.

There is over 10,000+ backdoor plugins on the web. What is a backdoor plugin? Like the story of 2b2t, the owner requested a custom plugin (check google), and the plugin have a client side access backdoor which give op permission to other people with out the owner knowing. There is a lot you can do with a op perm, did you check the jar files before installing it on your server? 90% didn't, that's a very dangerous thing...
Here is some data from 2020:
there is a hacker attack every 39 seconds. (Source: Security magazine)

300,000 new malware is created every day.

66% of businesses attacked by hackers weren’t confident they could recover.
(Source: Fortune)

73% of black hat hackers said traditional firewall and antivirus security is irrelevant or obsolete.
(Source: Thycotic.com)

Russian hackers can infiltrate a server network in 18 minutes.
(Source: Crowdstrike)
___
there is over 2 billion server got hacked in 2020. All of your hard work could disappear before you wake up.

What can you do?

here is what this thread is about, an advanced security test. Here is a list of many things I will test for your server and help you install and secure the server.

Common Attacks
________________

• ace-voip
• Amap
• APT2
• arp-scan
• Automater
• bing-ip2hosts
• braa
• CaseFile
• CDPSnarf
• cisco-torch
• copy-router-config
• DMitry
• dnmap
• dnsenum
• dnsmap
• DNSRecon
• dnstracer
• dnswalk
• DotDotPwn
• enum4linux
• enumIAX
• EyeWitness
• Faraday
• Fierce
• Firewalk
• fragroute
• fragrouter
• Ghost Phisher
• GoLismero
• goofile
• hping3
• ident-user-enum
• InSpy
• InTrace
• iSMTP
• lbd
• Maltego Teeth
• masscan
• Metagoofil
• Miranda
• nbtscan-unixwiz
• Nikto
• Nmap
• ntop
• OSRFramework
• p0f
• Parsero
• Recon-ng
• SET
• SMBMap
• smtp-user-enum
• snmp-check
• SPARTA
• sslcaudit
• SSLsplit
• sslstrip
• SSLyze
• Sublist3r
• THC-IPV6
• theHarvester
• TLSSLed
• twofi
• Unicornscan
• URLCrazy
• Wireshark
• WOL-E
• Xplico
• • Binwalk
  • bulk-extractor
  • Capstone
  • chntpw
  • Cuckoo
  • dc3dd
  • ddrescue
  • DFF
  • diStorm3
  • Dumpzilla
  • extundelete
  • Foremost
  • Galleta
  • Guymager
  • p0f
  • pdfid
  • pdgmail
  • peepdf
  • RegRipper
  • Volatility
  • Xplico
  Web Applications
  • apache-users
  • Arachni
  • BBQSQL
  • BlindElephant
  • Burp Suite
  • CutyCapt
  • DAVTest
  • deblaze
  • DIRB
  • DirBuster
  • fimap
  • FunkLoad
  • Gobuster
  • Grabber
  • hURL
  • jboss-autopwn
  • joomscan
  • jSQL Injection
  • Maltego Teeth
  • Nikto
  • PadBuster
  • Paros
  • Parsero
  • plecost
  • Powerfuzzer
  • ProxyStrike
  • Recon-ng
  • Skipfish
  • sqlmap
  • Sqlninja
  • sqlsus
  • ua-tester
  • Uniscan
  • w3af
  • WebScarab
  • Webshag
  • WebSlayer
  • WebSploit
  • Wfuzz
  • WhatWeb
  • WPScan
  • XSSer
  • zaproxy
  Stress Testing
  • DHCPig
  • FunkLoad
  • iaxflood
  • Inundator
  • inviteflood
  • ipv6-toolkit
  • mdk3
  • Reaver
  • rtpflood
  • SlowHTTPTest
  • t50
  • Termineter
  • THC-IPV6
  Exploitation Test
  • Armitage
  • Backdoor Factory
  • BeEF
  • cisco-auditing-tool
  • cisco-global-exploiter
  • cisco-ocs
  • cisco-torch
  • Commix
  • crackle
  • exploitdb
  • jboss-autopwn
  • Linux Exploit Suggester
  • Maltego Teeth
  • Metasploit Framework
  • MSFPC
  • RouterSploit
  • SET
  • ShellNoob
  • sqlmap
  • THC-IPV6
  • Yersinia
  Vulnerability Analysis
  • BBQSQL
  • BED
  • cisco-auditing-tool
  • cisco-global-exploiter
  • cisco-ocs
  • cisco-torch
  • copy-router-config
  • Doona
  • DotDotPwn
  • HexorBase
  • jSQL Injection
  • Lynis
  • Nmap
  • ohrwurm
  • openvas
  • Oscanner
  • Powerfuzzer
  • sfuzz
  • SidGuesser
  • SIPArmyKnife
  • sqlmap
  • Sqlninja
  • sqlsus
  • THC-IPV6
  • tnscmd10g
  • unix-privesc-check
  • Yersinia
  
  
  All attacks will be preformed from one at a time to complex patter
  leaks, weak ports, backdoors, rats... will be listed in a detailed report via .pdf format.
  
  Also provide:
  
  
• Install of advanced firewall, on-move scan, recovery disk, network local host monitor, incoming DDos redirect, database SSL, plugin jar lookup, Threat monitor workspace, install clamav & setup, web based firewall, leaked password protection, repair files...

$400 for small & middle size network
$800 for large network

all sale requires 30% prepay fee.

fengfanyue#0001


Why I don't offer test for none self hosted servers?
Many Minecraft hosting providers don't give the root access and 74% of them are shared resources which means many of them are config differently. unfortunately, I can't test a shared hosting server, but if you have a dedicated server which runs on linux, centOS, or ubuntu, contact me.

Here is some tips you can do your self:

How Do You Know If You’ve Been Attacked?
many tricks can be used to hide the hack, such as removing bash histories, creating hidden users and hiding processes from the process list... Most attacks are by brute force, keeping look for large increase in CPU, network traffic. Pretty much all hack will make some increase in network traffic. When a server is being employed for nefarious purposes you’ll often see the CPU load increase above its normal levels, sometimes this may be without any processes seemingly causing that load, in which case there’s a good chance of a program running being hidden from the normal process tools.

The first like, 3 sections are straight-up fear-mongering (look it up). Secondly, out of that list you have there, about 10% of those attacks could realistically be used against a Minecraft or Linux server. Out of that 10%, maybe ¼ of those could be used by a skid trying to get into your MC server. Another 45% aren't even attack types, just random utilities. Those are insanely steep prices for what you're doing. If a client wanted that (even though half of it is unnecessary), I'd charge maybe $100 on the high end. I can't speak for the validity of that percentage but I would say it's closer to 99.9% as a game host literally means shared hosting. Also, I didn't see you mention fail2ban. That (and SSH Keys/Hardening) pretty much eliminates the risk of brute-forcing SSH access.

-SL

 

[Sullybash12]

It looks like you literally just copy-pasted all of that thread from different sources. Also that list of attacks is unrealistic and some are not even attacks. Along with this, I don't think Minecraft servers need to really worry about this stuff, unless of course they're a large network like Hypixel, but they pay their neverending list of devs $60k+ a year. If you just get decent hosting and a trustworthy dev I don't see a need for this, especially at $400-$800

 

[fengfanyue]

is for self hosted server
Google it[DOUBLEPOST=1597078705][/DOUBLEPOST]

The first like, 3 sections are straight-up fear-mongering (look it up). Secondly, out of that list you have there, about 10% of those attacks could realistically be used against a Minecraft or Linux server. Out of that 10%, maybe ¼ of those could be used by a skid trying to get into your MC server. Another 45% aren't even attack types, just random utilities. Those are insanely steep prices for what you're doing. If a client wanted that (even though half of it is unnecessary), I'd charge maybe $100 on the high end. I can't speak for the validity of that percentage but I would say it's closer to 99.9% as a game host literally means shared hosting. Also, I didn't see you mention fail2ban. That (and SSH Keys/Hardening) pretty much eliminates the risk of brute-forcing SSH access.

-SL

It is a Minecraft server, but mc server are servers. That can be attacked the same way as webserver(dynmap), or normal server.

 

[SSH]

is for self hosted server
Google it[DOUBLEPOST=1597078705][/DOUBLEPOST]
It is a Minecraft server, but mc server are servers. That can be attacked the same way as webserver(dynmap), or normal server.

I don't think you understand how fundimentally different a Minecraft server and a webserver are on the application layer (L7). They transmit different types of data, using completely different protocols, with completely different packet structure. Pretty much everything is different about a game server and a webserver attack-wise, up until about the network (actually transit but easier to understand) layer (L4) and at that point, you can just shut the whole box down (network-wise). You aren't ready to charge anything for your services, let alone $400+. Also, if you didn't know, you can't mitigate DDoS attacks on the same box they're being received on. You have to have a network in front of the box to assess what is and isn't legitimate traffic, then another network to absorb said traffic.

-SL

P.S. Someone who is better than me, please fact-check this.

 

[CyberSecGuy]

This thread is hilarious. It is the near equivalent of "your chakras are misaligned, for $800 I will realign them for you." The prices you have listed are insulting for the clear lack of knowledge you have demonstrated. I am pretty sure you just copied the list of default Pentest software available in Kali from the Kali website. Lol...

 

[Sullybash12]

Clearly unintelligent in this matter, most likely scamming tstl, and doesn't know what he's doing

 

[fengfanyue]

[DOUBLEPOST=1597174850][/DOUBLEPOST]do you know how servers work?

I don't think you understand how fundimentally different a Minecraft server and a webserver are on the application layer (L7). They transmit different types of data, using completely different protocols, with completely different packet structure. Pretty much everything is different about a game server and a webserver attack-wise, up until about the network (actually transit but easier to understand) layer (L4) and at that point, you can just shut the whole box down (network-wise). You aren't ready to charge anything for your services, let alone $400+. Also, if you didn't know, you can't mitigate DDoS attacks on the same box they're being received on. You have to have a network in front of the box to assess what is and isn't legitimate traffic, then another network to absorb said traffic.

-SL

P.S. Someone who is better than me, please fact-check this.

[DOUBLEPOST=1597174880][/DOUBLEPOST]yep fun

This thread is hilarious. It is the near equivalent of "your chakras are misaligned, for $800 I will realign them for you." The prices you have listed are insulting for the clear lack of knowledge you have demonstrated. I am pretty sure you just copied the list of default Pentest software available in Kali from the Kali website. Lol...

[DOUBLEPOST=1597174899][/DOUBLEPOST]

Clearly unintelligent in this matter, most likely scamming tstl, and doesn't know what he's doing

 

[Jamo]

Maybe if you could provide us with a quick technical rundown of what it is that you do, it would help to further the trust that a potential client for you would have and also help to prove your legitimacy to the community, I think that may be better than listing a bunch of software suites and tools that an attacker may use.

 

[inferno]

Maybe if you could provide us with a quick technical rundown of what it is that you do, it would help to further the trust that a potential client for you would have and also help to prove your legitimacy to the community, I think that may be better than listing a bunch of software suites and tools that an attacker may use.

you heard it from the man himself.

 

[fengfanyue]

you can do it your self, but that takes time and is hard, most people don't know how to use these. you can try it your self, if you failed don't say I didn't tell you. there are youtube videos about each of the attacks and you can watch them and learn your self, only if you want do it for a few month, is not like something you just learn. respect the hard work.

 

[SSH]

you can do it your self, but that takes time and is hard, most people don't know how to use these. you can try it your self, if you failed don't say I didn't tell you. there are youtube videos about each of the attacks and you can watch them and learn your self, only if you want do it for a few month, is not like something you just learn. respect the hard work.

1. It's very easy to learn pen-testing
2. It doesn't take months to learn pen-testing to the level you know it. It takes about 30 seconds.
3. It is "something you just learn". That's exactly what it is.
4. What hard work? You copy-pasting and plagiarizing from the Kali website is not "hard work"

-SL

 

[User]

it might be a good idea, if you want to actually do this as a business, to reply to criticism with more than "" and "do it yourself"

 

[fengfanyue]

 

[Coffee]

How to not get your Minecraft server hacked 101:

• Host your server on a clean install of a machine and make sure you pay attention to the ports you open.
• Secure root lol.
• Develop your own plugins/software.
• Make sure you use different passwords for everything.
• Make sure you have 2FA enabled on everything (eg: email, vps/dedi host, buycraft, paypal).
• Disassociate with the minecraft server.
• Make it difficult or impossible for someone to contact you.
• Don't talk at all. Talking can reveal information and or the way you talk. Which can, in a way, fingerprint you.

And there's a lot more. A lot of this stuff isn't even realistic. There will always be error in any network, especially human error. Just look at the recent Twitter hack. It was hacked by a 17 year old. How'd he do it? Social engineering. Barely even hacking.

Not to diss you feng, but I think it'd go a long way if you cleaned up your thread a little bit (like making some copy paste less obvious) and lowering your prices. You seem at least interested in infosec or something similar to where you could maybe trick a few kids into sending you a few bucks to check out their network.

But honestly, the business idea doesn't make sense to me. People that would need this service already know the ropes. It doesn't make much sense for a small server to worry about this since who wants to spend time jacking/hacking a small server? Administrators of large servers wouldn't want this service either since they know what they're doing.

I wish you the best feng. I really do. You seem like a funny guy.

 

[fengfanyue]