Comment by klipitkas
3 months ago
Thanks for the kind words. I hope I won't have to close this service in a few days due to abuse but its a weird world we live in.
3 months ago
Thanks for the kind words. I hope I won't have to close this service in a few days due to abuse but its a weird world we live in.
As someone who has launched something free on HN before, the resulting signups were around 1/3rd valid users doing cool things and checking things out, and 2/3rds nefarious users.
a bit better benevolent:malicious ratio than the real world
2/3rds of people in the world are malicious?
1 reply →
My service (which doesn't have public access, only via SSH as a client) was used by a ransomware gang, which involved the service in investigation from Dutch CERT and Dubai police.
It's still live though.
I run playit.gg. Abuse is a big problem on our free tier. I’d get https://github.com/projectdiscovery/nuclei setup to scan your online endpoints and autoban detections of c2 servers.
Thanks for sharing this. I run packetriot.com, another tunneling service and I ended up writing my own scanner for endpoints using keyword lists I gathered from various infosec resources.
I had done some account filtering for origins coming out of Tor, VPN networks, data centers, etc. but I recently dropped those and added an portal page for free accounts, similar to what ngrok does.
It was very effective at preventing abuse. I also added mechanism for reporting abuse on the safety page that's presented.
Have you found a way to detect xworm c2c servers?
2 replies →
Do you have funding to cover the paying the bandwidth costs which will ultimately result from this? Or if you're running this from a home network, does anyone know if OP should be concerned of running into issues with their ISP?
I can cover hundreds of PB of bandwidth per month if needed without paying a fortune.
Can you share more details? I know Hetzner offers unlimited bandwidth in some cases but I thought it limited only to servers with the 1Gbs uplink
1 reply →
The tunnel host appears to be a Hetzner server, they are pretty generous with bandwidth but the interesting thing I learned about doing some scalability improvements at a similar company [0] is that for these proxy systems, each direction’s traffic is egress bandwidth. Good luck OP, the tool looks cool. Kinda like pinggy.
[0] https://localxpose.io
Dare I ask how much bandwidth it is consuming?
Its around 700MB today so far.