1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

security experts, question regarding VPS

Discussion in 'BlackHat Lounge' started by nonai, Jun 5, 2014.

  1. nonai

    nonai Power Member

    Joined:
    Oct 10, 2013
    Messages:
    524
    Likes Received:
    64
    I want to log onto a website using my VPS. The VPS is the one I use for GSA and scrapebox.
    this is a website that has my credit card info on file and I am concerned about hacking or identity theft.
    If I log onto the website using VPS, and 5 minutes later, change my password using my regular computer, am I safe?
     
  2. davids355

    davids355 Jr. VIP Jr. VIP

    Joined:
    Apr 25, 2011
    Messages:
    10,018
    Likes Received:
    7,708
    Home Page:
    Why would it be a problem anyway? Unless you using crack software and/or worried your VPS is compromised.
     
  3. nonai

    nonai Power Member

    Joined:
    Oct 10, 2013
    Messages:
    524
    Likes Received:
    64
    I am worried for 2 reasons:
    1) when running scrapebox, you are likely to get viruses
    2) the VPS provider may try to steal my info.
     
  4. thetrustedzone

    thetrustedzone Jr. VIP Jr. VIP

    Joined:
    Jun 15, 2010
    Messages:
    2,376
    Likes Received:
    1,923
    Home Page:
    1. SB will not bring viruses for you ! , btw viruses different from Trojans .....
    2. if you don't trust your VPS provider , just go to other trusted provider ...
    3. don't add sensitive data on your hosting because theoretically no website can't be
    hacked even big business websites ....
     
    • Thanks Thanks x 1
  5. LeonTheProfessional

    LeonTheProfessional Newbie

    Joined:
    May 24, 2014
    Messages:
    14
    Likes Received:
    9
    Just use Clamwin - free Windows server antivir.
    Also - there is no real way they could use your personal data only because they got to your VPS.
    Your VPS and personal/credit card data are not connected on server level - this data is being kept save by provider (if it is at least middle sized you are guaranteed they keep it on different server).
     
  6. fizzik

    fizzik Registered Member

    Joined:
    Apr 26, 2010
    Messages:
    55
    Likes Received:
    15
    Location:
    .au
    if you want to be secure, don't browse sites from your server.
     
  7. jazzc

    jazzc Moderator Staff Member Moderator Jr. VIP

    Joined:
    Jan 27, 2009
    Messages:
    2,604
    Likes Received:
    11,177
    Occupation:
    Pusillanimous Knitter
    Location:
    Buenos Aires
    No, totally insecure. If you *must* do it from outside a computer you can trust, get a VPS from Amazon, Google or Microsoft (Azure). Chances that a rogue employee is sniffing traffic is much much slimmer, plus it will cost you peanuts (since you pay by the hour/minute of use).
     
  8. nonai

    nonai Power Member

    Joined:
    Oct 10, 2013
    Messages:
    524
    Likes Received:
    64
    Hi
    unfortunately, I went ahead and used the current vps. Not only is this VPS based in a shady country, but also the owner sounds kind of shady. I wish I had waited and seen your post about microsoft azure, it would be much more secure.
    At this point, what can I do to protect myself? I have cleared cookies in the VPS and changed my password on a regular computer.
     
    • Thanks Thanks x 1
  9. BuildMoreLinks

    BuildMoreLinks Jr. VIP Jr. VIP Premium Member

    Joined:
    Jun 7, 2012
    Messages:
    2,032
    Likes Received:
    684
    Exactly these VPS'es that you but for link building should never be used for logging on to any personal sites, since the traffic is monitored on the ports for other abuses so not secure.
     
  10. thetrustedzone

    thetrustedzone Jr. VIP Jr. VIP

    Joined:
    Jun 15, 2010
    Messages:
    2,376
    Likes Received:
    1,923
    Home Page:
    you make me remember there's no in details guide about personal security on BHW
    i will write one today watch my posts next 48 hrs .., but for now download x-netstat professional
    good tool make you see if someone connected with your PC (spy) and you kill that connection ....


     
  11. jazzc

    jazzc Moderator Staff Member Moderator Jr. VIP

    Joined:
    Jan 27, 2009
    Messages:
    2,604
    Likes Received:
    11,177
    Occupation:
    Pusillanimous Knitter
    Location:
    Buenos Aires
    You 're ok, if only the only sensitive thing was the website access. Just check that the "security questions", "email" etc. settings on that site are the ones you 've set.
     
  12. nonai

    nonai Power Member

    Joined:
    Oct 10, 2013
    Messages:
    524
    Likes Received:
    64
    what do you mean by "the only sensitive thing was the website access"? what do you mean by website access?
    can I explain to you what I did? couple of months ago, I signed up for a website using my credit card. Now I went to my VPS and opened firefox, logged onto the website, and downloaded a few things to the VPS (no, this isn't porn, for those who are wondering). Then, I close firefox, cleared cookies, changed password on a regular computer.
    Now I am concerned about hacking/identity theft/stolen cc
     
  13. jazzc

    jazzc Moderator Staff Member Moderator Jr. VIP

    Joined:
    Jan 27, 2009
    Messages:
    2,604
    Likes Received:
    11,177
    Occupation:
    Pusillanimous Knitter
    Location:
    Buenos Aires
    Your info is accessible only through that site, so if an attacker can't login to the site... he doesn't have it.