from where to buy bulletproof domain ??
-
XSS.stack #1 – первый литературный журнал от юзеров форума
Домен from where to buy bulletproof domain
- Автор темы mrxhardx
- Дата начала
- Статус
Hi,
hmm i think that is not easy answer because the you must ensure that the hosting are completely trusted. actually I dont know about a 100% trust bulletproof, but you can search it in bh telegram channels or here. In the forum are ppl that are publicizing his bulletproof:
/threads/101503/
/threads/102962/
/threads/53874/
/threads/91111/
/threads/60191/page-3#post-731260
But be careful, you need ensure that the services are legit and trusted
hmm i think that is not easy answer because the you must ensure that the hosting are completely trusted. actually I dont know about a 100% trust bulletproof, but you can search it in bh telegram channels or here. In the forum are ppl that are publicizing his bulletproof:
/threads/101503/
/threads/102962/
/threads/53874/
/threads/91111/
/threads/60191/page-3#post-731260
But be careful, you need ensure that the services are legit and trusted
Spamhaus have one saving grace, the registrar advertisments:
nicenic.net - today's shinjiru. you'll pay 5x the price for most TLD. their dns servers can often go whole weeks between outages (they're definitely improving). don't expect anything fancy like SRV records.
as a rule of thumb, any organization offering you "offshore" or bulletproof domains is lying (njal.la) - don't entertain them.
as/more important than registrar is choice of TLD.
gtlds (in theory) have to obey some rules or ICANN can take action, that said I don't believe a gtld has ever been revoked because of non compliance (non payment yes) and 7/10 of the most abused tlds (https://www.spamhaus.org/statistics/tlds/) are gtlds - this does not mean however that they're especially resilient, only just the cheapest usually. the top 3 are cctds.
ccTLDs are another thing entirely - they can do whatever the hell they please and the very worst ICANN can do is threaten them with "assistance". most registries don't sell domains directly, but the good ones are usually obscure and not sold en-masse, there's usually a handful of local companies who will in regard you with deep suspicion but warm somewhat the more you buy. some of my favourite tlds don't even bother to run whois servers, one of the few things they're technically obliged to do. a lot of these registries were setup by the Chinese some time ago (in africa especially) and aren't always 100% committed to/aware of the NIC.
If you have $4k, a website, an EPP server and probably a mailing address you too can be an ICANN accredited registrar unimpeded for 1 year. to run serious fastflux or anything where the weakest point is the domain, then usually its run from the registrar down - poland had a few notable non-registrar registars (some time ago now) - it would be interesting to take the list (you dont need icann accreditation either but i suspect it helps) and see how many of them appear to be conducting their business entirely in private
there is a new and interesting loophole in "white label" registrars or companies who act as middlemen or purveyors of technology of some kind and are sort of resellers with ICANNs blessing :
ownregistrar.com - 100% crooked
xnsregistrar.com
sav.com
some 'blockchain' based dns used to be resolved by opennic but afaik they pulled support over abuse. i had a quick look and to use any of the various p2p things involves participation, there aren't free and easy DNS servers available. I think these will be resigned to a curiosity which is a shame but it's much easier to take a dns server offline than to compel a company you might struggle to contact or locate to see the error of their ways.
tldr
nicenic.net - will get the job done
r01.ru - deserve a mention because there;s no substitute for experience
not a 'bulletproof' host but cloudns,net are for me head and shoulders above all others. they'll work miracles when they can, i've witnessed them raise the dead (if only briefly).
an effective abuse policy:
A comprehensive form follows, a detailed account is encouraged. No upload facility is provided.
nicenic.net - today's shinjiru. you'll pay 5x the price for most TLD. their dns servers can often go whole weeks between outages (they're definitely improving). don't expect anything fancy like SRV records.
as a rule of thumb, any organization offering you "offshore" or bulletproof domains is lying (njal.la) - don't entertain them.
as/more important than registrar is choice of TLD.
gtlds (in theory) have to obey some rules or ICANN can take action, that said I don't believe a gtld has ever been revoked because of non compliance (non payment yes) and 7/10 of the most abused tlds (https://www.spamhaus.org/statistics/tlds/) are gtlds - this does not mean however that they're especially resilient, only just the cheapest usually. the top 3 are cctds.
ccTLDs are another thing entirely - they can do whatever the hell they please and the very worst ICANN can do is threaten them with "assistance". most registries don't sell domains directly, but the good ones are usually obscure and not sold en-masse, there's usually a handful of local companies who will in regard you with deep suspicion but warm somewhat the more you buy. some of my favourite tlds don't even bother to run whois servers, one of the few things they're technically obliged to do. a lot of these registries were setup by the Chinese some time ago (in africa especially) and aren't always 100% committed to/aware of the NIC.
Код:
root@s884:~#y whois ns.**
This TLD has no whois server.If you have $4k, a website, an EPP server and probably a mailing address you too can be an ICANN accredited registrar unimpeded for 1 year. to run serious fastflux or anything where the weakest point is the domain, then usually its run from the registrar down - poland had a few notable non-registrar registars (some time ago now) - it would be interesting to take the list (you dont need icann accreditation either but i suspect it helps) and see how many of them appear to be conducting their business entirely in private
there is a new and interesting loophole in "white label" registrars or companies who act as middlemen or purveyors of technology of some kind and are sort of resellers with ICANNs blessing :
ownregistrar.com - 100% crooked
xnsregistrar.com
sav.com
some 'blockchain' based dns used to be resolved by opennic but afaik they pulled support over abuse. i had a quick look and to use any of the various p2p things involves participation, there aren't free and easy DNS servers available. I think these will be resigned to a curiosity which is a shame but it's much easier to take a dns server offline than to compel a company you might struggle to contact or locate to see the error of their ways.
tldr
nicenic.net - will get the job done
r01.ru - deserve a mention because there;s no substitute for experience
not a 'bulletproof' host but cloudns,net are for me head and shoulders above all others. they'll work miracles when they can, i've witnessed them raise the dead (if only briefly).
an effective abuse policy:
Код:
We may request for additional information from you [until you admit defeat]. However, please note we may not be able to provide you with specific updates in response to your specific report due to privacy reasons. As part of our investigation it may also be necessary for us to validate your complaint with our customer.
If you are an anti-spam/vigilance organization and have several cases to submit, please do so using a spreadsheet and add it as an attachment when filling the required form.A comprehensive form follows, a detailed account is encouraged. No upload facility is provided.
- I agree to the Terms of Service and the Privacy Notice
Последнее редактирование:
what is the best from themHi,
hmm i think that is not easy answer because the you must ensure that the hosting are completely trusted. actually I dont know about a 100% trust bulletproof, but you can search it in bh telegram channels or here. In the forum are ppl that are publicizing his bulletproof:
/threads/101503/
/threads/102962/
/threads/53874/
/threads/91111/
/threads/60191/page-3#post-731260
But be careful, you need ensure that the services are legit and trusted
https://xss.pro/threads/35535
This looks like what you might want for full service and has feedback. never used myself but good people recommend it.
the short version:
nicenic.com / r01.ru
tlds: .cn .su .ru .cr .co .is .sc .li .am .rs .al .by .ps .na .ge .az
how you do things and what you're planning to host is a critical - i would seek advice. either from a host who is willing to do the setup for you, or if you want you can message me and i'll do my best to advise on what would be most suitable for you
of course it goes without saying in the end no domain is truly bulletproof.
Последнее редактирование:
grazyrdp work well for me
im interested now ) what tld and registrar did you use?
CrazyRDP contact this person
Я надеюсь, что он сохранит ваши дела в тайне) рад, что вы это исправили.
zinc Thank you for the excellent work you have done on this topic, very informative. However, I would like to ask, if you don’t mind, where can I get reliable affordable botnet/loader hosting? I was thinking Shinjiru, koddos, are these two good?
if you accept that there is no such thing as reliable botnet/loader hosting and start to think more about how plentiful and affordable hosting is generally... somewhere along the way you'll have a good idea.
https://www.shinjiru.com/ Personally I've never had an issue regarding their domain's but they ban servers like no tomorrow.
Totally agree, ensure services are to be trusted, get user feedback if you canHi,
hmm i think that is not easy answer because the you must ensure that the hosting are completely trusted. actually I dont know about a 100% trust bulletproof, but you can search it in bh telegram channels or here. In the forum are ppl that are publicizing his bulletproof:
/threads/101503/
/threads/102962/
/threads/53874/
/threads/91111/
/threads/60191/page-3#post-731260
But be careful, you need ensure that the services are legit and trusted
zont.host its cheap and bulletproof
Cheap isn't always best, but thanks I will take a look, always looking for good alternatives
if you wan't cheap hosting , you can use privatealps also good but not cheap
you're not thinking clearly, how did cloudflare make it millions?
I have known privatealps to be a good man and a talented network engineer.
Есть, наверное, один-два старичка, как я, кто ещё помнит zeustracker.abuse.ch. Как только вы заметили этот IP, можно было смело ставить таймер — через пару часов он уже был бы недоступен.
Да, можно было потратить кучу денег на flux, 'анти-DDoS', или можно было помнить, что VPS на месяц можно арендовать за смешные деньги. 250 rub?
Если до сих пор не видите решение — возможно, вам стоит заняться другим делом.
good upstream
From my tests, big.t@exploit.im he has the most stable / BP domains.
If you need a BP domain/hosting then you do something wrong. As all such options are blacklisted by default on top IDS/Firewalls.
The only time you'll need a BP domain/hosting is when you'll do something on mass. And not care that the researchers will get your domain.
You need to use a trusted domain/hosting so your malicious traffic bypass as many reputation-based solutions as possible. After that figure out a way to block scanners/researchers (iptables)
Domain: buy "old" domains, like registered years ago. You can take them from: expireddomains.net. This will bypass reputation-based filters.
Hosting: setup a nginx reverse proxy in a trusted data center, such as the ones from bitlaunch.io (eg: digital ocean). The backend server you can host in your more trusted data center. Result: Reputation-based algorithms will see that your domain is hosted in a trusted data-center/country and will ignore it.
old-domain.com <> A record <> Digital Ocean <> nginx proxy <> actual-backend.
Try that and you'll see your success rate will rise.
The only time you'll need a BP domain/hosting is when you'll do something on mass. And not care that the researchers will get your domain.
You need to use a trusted domain/hosting so your malicious traffic bypass as many reputation-based solutions as possible. After that figure out a way to block scanners/researchers (iptables)
Domain: buy "old" domains, like registered years ago. You can take them from: expireddomains.net. This will bypass reputation-based filters.
Hosting: setup a nginx reverse proxy in a trusted data center, such as the ones from bitlaunch.io (eg: digital ocean). The backend server you can host in your more trusted data center. Result: Reputation-based algorithms will see that your domain is hosted in a trusted data-center/country and will ignore it.
old-domain.com <> A record <> Digital Ocean <> nginx proxy <> actual-backend.
Try that and you'll see your success rate will rise.
- Статус