Linode and the Google Cyber Attacks (opens in new tab)

(blog.linode.com)

109 pointsmarkwalling16y ago44 comments

44 comments

donw16y ago

Totally unrelated to the article, but I've got to put my good word in for Linode. I've never had such good service from a hosting provider, and frankly for a (currently) tiny account.

axod16y ago

Agreed. They helped me compile a custom kernel the other day on IRC, they have simply awesome support.

rms16y ago

http://prgmr.com/xen/ gets good reviews here, is run by a HN member, and has the cheapest prices out of any VPS by far.

shrike16y ago

I use Linode for my primary site and prgmr as the backup. Both are excellent. Prgmr is not for newbies, you submit a public key with your order and get back a login to a XEN console. My hosts there seem to be fine, no problems yet.

peterwwillis16y ago

has the cheapest prices out of any VPS by far

This is not accurate. There are many VPS's which are cheaper, many of which have much greater capacity for the money. Some are fly-by-night scams. Others have several years of stability with good support. Check forums and VPS review sites to find the best match.

That said, I have nothing against prgmr or linode and would use them if I needed a super-reliable VPS. (My main VPS is Linode, my secondary is with Kerplunc Hosting)

2 more replies

mleonhard16y ago

Yeah, I've had a $20 Linode virt for a couple of years and it's been pretty reliable.

Kilimanjaro16y ago

Is a $20 vps (360MB ram) enough for a small website?

I want to get one for me but I don't want to get rammed in the ass when I realize it is not enough and need to upgrade to at least 1GB.

I see I can get 1GB RAM at prgmr.com for the same $20

3 more replies

uggedal16y ago

I've been running http://wasitup.com on Linode the last months and I've been pleased with their stablity except for a 9 minute network outage earlier today (to their credit they were able to resolve it quickly while communicating the status to us end users). For my opinion on the performance characteristics you'd have to read my article on the matter: http://journal.uggedal.com/vps-performance-comparison

jlintz16y ago

You can blame the ever so unreliable ISP Nac Net, we use them in our office which cut out as well.

" Good Afternoon,

At approx 12:10pm, we lost communications with some of our equipment in our Newark, NJ location. Upon investigation, it was discovered that equipment located in the cross connect area had lost power. Customers may have noticed degraded internet service for about 2-5 minutes while routers propagated through alternative providers. As of 12:23pm, power has been restored in the Newark, NJ site. We are still investigating the cause of the problem."

2 more replies

radu_floricica16y ago

Totally unrelated, but I'm very happy with wasitup. Had forgotten completely I subscribed when I got a bunch of emails about a sick server. Really helps. On the downside I found a couple of emails in yahoo's bulk folder.

idlewords16y ago

If you go by monthly cost per GB of memory or especially storage, Linode is one of the most expensive options out there (~$60/GB RAM, $1.25/GB storage).

They do have pretty graphs, though!

wheels16y ago

Bad day for the praise. Their Newark-based servers dropped off the net for about 10 minutes today, though in general I've been really happy with them.

jedsmith16y ago

The outage was upstream. The downtime was due to the Internet correcting itself by routing around the problem -- if you have access to BGP data, you can see the rash of rerouting that fixed the problem.

(Hint: Check jlintz's comment above.)

staunch16y ago

I take it Google used Linode as a neutral/anonymous place to access stuff from?

runevault16y ago

That's how I read it.

romland16y ago

I read it that way too. But I am still very curious where and in which context Linode was mentioned in media.

glymor16y ago

"The servers used in both attacks employ the HomeLinux DynamicDNS provider, and both are currently pointing to IP addresses owned by Linode, a US-based company that offers Virtual Private Server hosting. The IP addresses in question are within the same subnet, and they are six IP addresses apart from each other,"

Quote attributed to VeriSign's iDefense security lab in http://arstechnica.com/security/news/2010/01/researchers-ide...

tptacek16y ago

One article I saw implicated a Rackspace server in the attacker's side of event. I presume that meant Slicehost.

If I was breaking into computers "off the clock", I'd probably look to just-a-CC# no-questions-asked hosting providers (probably overseas) as my staging ground. This is something new. Commodity virtualized VPS systems like Slicehost are an awfully convenient way to launder attacks.

It's only been in the last couple years that VM slices have been so quick and easy to buy.

cmelbye16y ago

Right, that's why cloud services like EC2 and Rackspace Cloud Servers are being used for stuff like spam. Spammer can just buy a temporary instance for a few cents then take it down. That's also why many "cloud IPs" are being added to some spam blacklists, unfortunately.

ErrantX16y ago

End of last year we had someone attacking a clients network using commodity server instances.

If you can figure out a cut-out way to pay for the server time then there isn't much anyone can do to track it without getting on the ground and forcing local police forces into at least trying to make some headway.

So in effect it is kinda the same as it used to be (overseas, no questions providers) but instead of the servers being the overseas bit it is just the payment (and I guess they rely on the fact intrusion is hard to detect, unlike say spam, coupled with the sheer number of people buying instances daily now).

(our stuff led to Eastern Europe so it is unrelated - but the principle is similar).

mikeliu16y ago

Except to pay for one of these, you still pay via credit card, paypal, etc. that links to real identifiable info. I was wondering why, if one of the attackers instances were discovered by google, they didn't just hand it over to the authorities and have them get a subpoena for the account info? or maybe they did

rms16y ago

If you can stage an attack like this, you can steal credit card numbers or phish your way to a Paypal account

1 more reply

polera16y ago

Linode is great, indeed. I'm a fan of http://arpnetworks.com lately, though. Great service there too, and a good product for a good price.

j / k navigate · click thread line to collapse

44 comments

donw16y ago

Totally unrelated to the article, but I've got to put my good word in for Linode. I've never had such good service from a hosting provider, and frankly for a (currently) tiny account.

axod16y ago

Agreed. They helped me compile a custom kernel the other day on IRC, they have simply awesome support.

rms16y ago

http://prgmr.com/xen/ gets good reviews here, is run by a HN member, and has the cheapest prices out of any VPS by far.

shrike16y ago

peterwwillis16y ago

has the cheapest prices out of any VPS by far

That said, I have nothing against prgmr or linode and would use them if I needed a super-reliable VPS. (My main VPS is Linode, my secondary is with Kerplunc Hosting)

2 more replies

mleonhard16y ago

Yeah, I've had a $20 Linode virt for a couple of years and it's been pretty reliable.

Kilimanjaro16y ago

Is a $20 vps (360MB ram) enough for a small website?

I want to get one for me but I don't want to get rammed in the ass when I realize it is not enough and need to upgrade to at least 1GB.

I see I can get 1GB RAM at prgmr.com for the same $20

3 more replies

uggedal16y ago

jlintz16y ago

You can blame the ever so unreliable ISP Nac Net, we use them in our office which cut out as well.

" Good Afternoon,

2 more replies

radu_floricica16y ago

idlewords16y ago

If you go by monthly cost per GB of memory or especially storage, Linode is one of the most expensive options out there (~$60/GB RAM, $1.25/GB storage).

They do have pretty graphs, though!

wheels16y ago

Bad day for the praise. Their Newark-based servers dropped off the net for about 10 minutes today, though in general I've been really happy with them.

jedsmith16y ago

(Hint: Check jlintz's comment above.)

staunch16y ago

I take it Google used Linode as a neutral/anonymous place to access stuff from?

runevault16y ago

That's how I read it.

romland16y ago

I read it that way too. But I am still very curious where and in which context Linode was mentioned in media.

glymor16y ago

Quote attributed to VeriSign's iDefense security lab in http://arstechnica.com/security/news/2010/01/researchers-ide...

tptacek16y ago

One article I saw implicated a Rackspace server in the attacker's side of event. I presume that meant Slicehost.

It's only been in the last couple years that VM slices have been so quick and easy to buy.

cmelbye16y ago

ErrantX16y ago

End of last year we had someone attacking a clients network using commodity server instances.

(our stuff led to Eastern Europe so it is unrelated - but the principle is similar).

mikeliu16y ago

rms16y ago

If you can stage an attack like this, you can steal credit card numbers or phish your way to a Paypal account

1 more reply

polera16y ago

Linode is great, indeed. I'm a fan of http://arpnetworks.com lately, though. Great service there too, and a good product for a good price.

j / k navigate · click thread line to collapse