Free MetalVPS Intel i9-13900 Traditional Shell Account! Make Your Own VPSes!

1232426282933

Comments

  • @Not_Oles said:
    Guys!

    Sadly, I have to report that the i9-9900K server has been shut down due to information which came to my attention.

    Best wishes!

    Tom

    Which information?

    Thanked by (1)Not_Oles

    Teehee!

  • @SheGivMeItAgain said: I don't have a PC myself, as I physically can't afford one for reasons I do not feel comfortable sharing

    If you are really interested in Virtual Machines, getting a used laptop is a small investment. You should have a second hand computer market where you are, right? Even my Sony VAIO laptop from 2010 is capable of running virtual machines.

    Thanked by (1)Not_Oles

    The all seeing eye sees everything...

  • Not_OlesNot_Oles Hosting ProviderContent Writer

    @Nubuki said:

    Which information?

    Hi @Nubuki!

    Hilariously, there is a Discord group whose members have been taking co-ordinated advantage of the MetalVPS free offers. :)

    Hilariously, I was invited to join and did join the group earlier today. :)

    Hilariously, I wanted to see what would happen if MetalVPS made the open and free offers. Now I have learned really a lot from many wonderful guys in the Discord group.

    While (apparently) unrelated to the Discord group, I also have enjoyed learning from the fine guys at NodeSeek. One of the guys at NodeSeek, @freemjj, has changed my ssh habits forever. Now I always, always, always keep a local transcript of my ssh sessions. Something flashed by, and I almost missed it, and there was no transcript. Luckily a software vendor called MobaTek was very helpful.

    I also enjoyed the opportunity, for the first time, to work through an abuse issue with Hetzner. I learned from Hetzner's excellent monitoring and from going through their wonnderful Support Team that was processing the issue.

    Many guys have posted excellent tutorials into this thread. Many other guys also have been very friendly and helpful here..

    There have been "tuition" costs all around. I have been delighted to pay Hetzner (Yes, delighted, Hetzner is great and deserves every penny!). @FrankZ has had to spend moderation time here. The guys in the Discord group have lost the free servers, at least temporarily. They also caused the loss of the free servers by any legitimate users.

    I do plan to continue with MetalVPS. It might change a little. We will see.

    Thanks to the entire LES community and also to the entire NodeSeek community for providing the wonderful environments within which all this has been possible.

    Friendly greetings!

    Tom

    Thanked by (2)FrankZ Yqua
  • Not_OlesNot_Oles Hosting ProviderContent Writer

    @terrorgen said: getting a used laptop is a small investment.

    Respectfully, some people are really poor. Some people don't have enough to eat. The guy says he is poor. Maybe it could be true? Thanks for considering! Always best wishes! <3

  • @Not_Oles said:

    Respectfully, some people are really poor. Some people don't have enough to eat. The guy says he is poor. Maybe it could be true? Thanks for considering! Always best wishes! <3

    My understanding is that if you have the means to visit lowendspirit.com you have the means to get a used laptop, even one made in 2010.

    If you don't have the means to even fill your stomach, you probably won't be visiting here.

    Thanked by (2)Not_Oles sh97

    The all seeing eye sees everything...

  • @terrorgen said:

    My understanding is that if you have the means to visit lowendspirit.com you have the means to get a used laptop, even one made in 2010.

    If you don't have the means to even fill your stomach, you probably won't be visiting here.

    Unfortunately I agree with you there. If you don't have money or not able to get a laptop, what are you doing on a forum about spending money on cheap vps? I am not saying that he is lying, but I have seen a lot of people who say "I'm a student", "I'm poor", my country don't allow me to spend money online" and almost all of them were lies. I originally lived in a country were you are banned from using a debit or credit card or even PayPal. Bank accounts can't send money overseas. Can't wire transfer without a government issued permit. Even then, there were ways to circumvent these rules where you can illegally pay someone in the country in cash and the other party will buy the service for you.

    Where there is a will, there is a way.

    If you abuse paid service, it's your choice as you're playing for it and accept the risk. But I don't like when people abuse free services. That's just wrong.

  • somiksomik OG
    edited May 2023

    @Not_Oles said:

    Thanks! Yes.

    Got what @somik said above about adding a web server. Also what @terrorgen said about LXC. Anything else?

    • No filtering?
    • Identity, location verification?
    • LES account maturity, posting activity?
    • Other website activity?
    • Payment verification (charge a fee, then refund, like Oracle Free Tier)?
    • Limit kvm group membership?
    • Limit RDP port, limit Windows?
    • Require a financial contribution?

    Disable KVM/qemu so no windows. If they want to build windows, their personal computer shall suffice. Or only allow it for fully verified accounts that have been using metal vps for a number of months.

    LXC containers share their directory structure with the host, so if such things happen, your can check who is the one doing these things. Moreover LXC are more resource light so won't need 12GB of ram per VM.

    Honestly, if you ask me, if you want to provide free VMs you're better off creating the VM and granting access to it like the freekvm that you're part of.

    LES account must be at least 1 year old. That will reduce the abuse significantly as people can't just create a account and post to get access.

    LinkedIn / Facebook is a way to verify their identity, specifically based on when they joined that website.

    Github is a way to verify that they are willing to share their findings. A number of repos on their Github account should verify their activity.

    Financial contribution is a great way to show they are serious. Either that or a $7 refundable deposit by crypto or bank transfer or some way they can't charge back. Paypal is a no go as they can dispute and charge back.

    Can also ask them to verify their email with their school or office email. School emails always end with .edu and office emails are easy to tell by the company name, as long as its not their company. If they are running a company, there are other ways to verify their identity.

    @Not_Oles ya, I can see why they call you Clueless. It's the way you trust others so easily. It's a good trait, but this just gives them the chance to abuse the trust.

    Thanked by (3)Not_Oles terrorgen sh97
  • @Not_Oles said:
    I also enjoyed the opportunity, for the first time, to work through an abuse issue with Hetzner.

    Usually I'm only a silent reader of the forum here... but I really admire your positive attitude in this case !

    I just followed the thread, because I was thinking of starting something similar (but very different) and the fact that not even 1 month after you made the server available, that abuse has been discovered, can be very discouraging...
    Also since you're the one registered as Hetzner customer for the server and IPs... you're always the first one being confronted with abuse complains. Depending on the laws in your country, you might get yourself into real trouble. Luckily this time it was "just" a port scan...
    Anyway, I wish you good luck for the future.

    BTW, my idea was to maybe offer some kind of colocation share project purely for learning purposes and fun. All the accumulated old server hardware (discarded by the employers IT department or from ebay, yard sales etc.), we play around with in the basement, but mostly keep powered off due to excessive noise, power consumption, complaining SO etc. could be put to the test in a data center.
    Maybe starting with 1/3 rack for a couple of 1 or 2u machines, private networking etc. I might be very interested. And as I don't do any business in this field, it doesn't even need to make any financial sense. I'm just curious, if there would be someone else interested? Of course it would be in a DC in a city one of the (very motivated) project members would reside in, so we're not dependent on DC hands and have the learning experience this is all about.
    As a non-profit education project, it might be possible to get sponsored (at least some server HW donations from companies or data centers), maybe later providing VMs to some open source projects as development/build servers etc.
    Lots of opportunities... However, I feel it would never happen, as the experience from this thread shows... few bad people from the internet ruin it for everyone... and I'm not as brave as Tom...

    Thanked by (2)Not_Oles terrorgen
  • @Mich said:
    As a non-profit education project, it might be possible to get sponsored (at least some server HW donations from companies or data centers), maybe later providing VMs to some open source projects as development/build servers etc.
    Lots of opportunities... However, I feel it would never happen, as the experience from this thread shows... few bad people from the internet ruin it for everyone... and I'm not as brave as Tom...

    As I read your post, I was thinking from the start about how this is a bad idea. Firstly, in your basement, you share the servers with people you know and meet in real life. You know who they are, their habits, their home and family. So trust is easy.

    Not the case for Internet. I could be anyone in the world and pretend to be anyone else on the Internet. Anonymousity is a trait of the Internet and bad actors take full advantage of it.

    On the Internet, those who take advantage of others are making it bad for the rest. They are either those who create a website, post offers, rent servers and run off with your money after 3 months, or those who abuse free/cheap services.

    It's sad, but it's the reality of the Internet and here's no different...

    Thanked by (1)Not_Oles
  • Not_OlesNot_Oles Hosting ProviderContent Writer

    @Exinjh said:

    Any ideas how to verify my information?

    How about emailing or PMing scans of Government issued identity documents? No, it's not mandatory. :)


    @Exinjh said:
    @Not_Oles Can I still get unsuspended account in MetalVPS after reinstallation?

    Sure! :)


    @Exinjh said:
    My messages just getting ignored...

    Really? :)

  • Not_OlesNot_Oles Hosting ProviderContent Writer

    @SheGivMeItAgain said:

    Have you missed my previous question about an ETA/response about having access?

    Hi Blake! Actually, I did see your previous question. I am slow! It takes me awhile to tend to all the stuff on my plate. I do try, though, to respond to every message. Sorry I am so late on this one. Best wishes! Tom

  • @terrorgen said:

    My understanding is that if you have the means to visit lowendspirit.com you have the means to get a used laptop, even one made in 2010.

    If you don't have the means to even fill your stomach, you probably won't be visiting here.

    I'm actually classed as homeless, I had to move from a hotel in birmingham into a flat 2 weeks ago, iirc. It's been hard the past few years. Most of this is cause of my fucking landlord being a stuck up twat.

    Thanked by (1)Not_Oles
  • @somik said:

    Disable KVM/qemu so no windows. If they want to build windows, their personal computer shall suffice. Or only allow it for fully verified accounts that have been using metal vps for a number of months.

    LXC containers share their directory structure with the host, so if such things happen, your can check who is the one doing these things. Moreover LXC are more resource light so won't need 12GB of ram per VM.

    Honestly, if you ask me, if you want to provide free VMs you're better off creating the VM and granting access to it like the freekvm that you're part of.

    LES account must be at least 1 year old. That will reduce the abuse significantly as people can't just create a account and post to get access.

    LinkedIn / Facebook is a way to verify their identity, specifically based on when they joined that website.

    Github is a way to verify that they are willing to share their findings. A number of repos on their Github account should verify their activity.

    Financial contribution is a great way to show they are serious. Either that or a $7 refundable deposit by crypto or bank transfer or some way they can't charge back. Paypal is a no go as they can dispute and charge back.

    Can also ask them to verify their email with their school or office email. School emails always end with .edu and office emails are easy to tell by the company name, as long as its not their company. If they are running a company, there are other ways to verify their identity.

    @Not_Oles ya, I can see why they call you Clueless. It's the way you trust others so easily. It's a good trait, but this just gives them the chance to abuse the trust.

    For the .edu its wrong! My school uses .co.uk actually! But has students, also doesn't allow emails from out the school/schools email or emails that arent whitelisted.

    Thanked by (1)Not_Oles
  • somiksomik OG
    edited May 2023

    @SheGivMeItAgain said:

    I'm actually classed as homeless, I had to move from a hotel in birmingham into a flat 2 weeks ago, iirc. It's been hard the past few years. Most of this is cause of my fucking landlord being a stuck up twat.

    So why are you on this forum? Why the interest in low end servers?

    Either way, you registered 2 days ago. So unless you are willing to provide personal documents for verification, I would strongly advice @Not_Oles to only allow those with accounts of 1 year or older back on the server; IF he still plans to run the metalVPS service that is...

    Thanked by (2)Not_Oles terrorgen
  • Not_OlesNot_Oles Hosting ProviderContent Writer

    @H4N50 said:

    Hi Tom, thanks for creating an account, I really appreciate it, I just have one question, I'm new to this, how do I connect, could you give me the connection instructions? thank you

    Hi @H4N50!

    So sorry that the server went down just as you were coming aboard! Definitely an ungood thing to have happen!

    Maybe, if you wish, you can ask me again after the servers are refreshed?

    Meanwhile, there are lots of other free servers available. People get free servers from Azure, Amazon, Oracle, and other places too. I wish you good luck!

    Best wishes!

    Tom

  • Not_OlesNot_Oles Hosting ProviderContent Writer

    @somik said: I want apache user directories

    Got it! :)

    @somik said: Also I would recommend proxmox, but then it wont be a metal VPS anymore, would it?

    I love this! <3 Thanks you! <3

    Thanked by (1)somik
  • @somik said:

    So why are you on this forum? Why the interest in low end servers?

    Either way, you registered 2 days ago. So unless you are willing to provide personal documents for verification, I would strongly advice @Not_Oles to only allow those with accounts of 1 year or older back on the server; IF he still plans to run the metalVPS service that is...

    By "personal documents" if you mean ID I do not hold one currently, for school based documents I do not consent to providing those as this isn't github or anything that is 10000% protected/security guaranteed. I am very careful with my actions on the internet.

    Thanked by (1)Not_Oles
  • @SheGivMeItAgain said:
    By "personal documents" if you mean ID I do not hold one currently, for school based documents I do not consent to providing those as this isn't github or anything that is 10000% protected/security guaranteed. I am very careful with my actions on the internet.

    Well, then you should not look for free services on less renounced websites run by Clueless people. Sign up with Oracle for free lifetime account, GoogleCloud for 1 year free, AWS for 1 free year. All are free. Enjoy.

    Thanked by (3)Not_Oles terrorgen sh97
  • @somik said:

    Well, then you should not look for free services on less renounced websites run by Clueless people. Sign up with Oracle for free lifetime account, GoogleCloud for 1 year free, AWS for 1 free year. All are free. Enjoy.

    No card so thats currently not on the list.

    Thanked by (1)Not_Oles
  • somiksomik OG
    edited May 2023

    @SheGivMeItAgain said:

    No card so thats currently not on the list.

    The way I see it, you got two choices IF you want the MetalVPS. Either provide personal Id for verification or pay a reputable provider. You can always NOT get a server. It'll save you on the internet bills and phone bills as well.

    All I know is your LES account is 2 days old so there is no way to verify who you are and what your intentions are. Lets talk again in a year or two if @Not_Oles is still around by then.

    Moreover all your activity was only on this thread so not a active member of LES community.

    Thanked by (2)Not_Oles terrorgen
  • Not_OlesNot_Oles Hosting ProviderContent Writer

    @SheGivMeItAgain said:

    I'm actually classed as homeless, I had to move from a hotel in birmingham into a flat 2 weeks ago, iirc. It's been hard the past few years. Most of this is cause of my fucking landlord being a stuck up twat.

    "I'm actually classed as homeless, . . . "

    This!

    I am okay, and have been okay, and will continue to be okay. But, during my life, I have met and interacted extensively with people so rich that even their accountants couldn't count all their money as well as people poor as dirt. In NYC some people live in the tunnels under the streets. Here in Mexico I have seen people live in shacks without even running water, obviously no heat, no air conditioning, and no electricity.

    Poor people could go to a library and use one of the library's public computers to access LES. Maybe they could dream of getting a cheap VPS?

    Now I will be quiet for awhile.

  • @Not_Oles said:
    Poor people could go to a library and use one of the library's public computers to access LES. Maybe they could dream of getting a cheap VPS?

    Question is why? And if he truly says who he is, he should be willing to provide documents to back up his claim. He is expecting premium service FOR FREE. When you sign up with AWS, Google, Oracle, you have to provide your email, home address, phone number and it gets verified. So if not willing to get verified, should be ignored as marked as a potential abuser.

    Looking at the logs I posted, only the following accounts were active during the time of abuse (port scanning):

    Username -> joined date
    @SheGivMeItAgain -> May 7
    @iamvinh123 -> April 28
    @itsmepaddi -> April 19
    @RtedPro -> April 18
    @dinopotato -> April 20
    @Kadim1998 -> April 30
    @Nubuki -> October 2022
    @ExAjiMag -> April 19

    So out of the 8 active people on the server, 7 of them joined after April 10, when this thread was opened. Account age is less then 1 month. I'm not implying anything, but stating facts so you can make your own judement.

    @somik said:

    RAM & Disk Summary:
    -----------------
    RAM used:  59 %
    Disk used:  91 %
    
    
    Top 20 RAM Usage:
    -----------------
    USER         PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
    shegivme  203364 69.4 12.7 10018720 8377516 ?    Sl   05:46 269:39 kvm -vnc :66,password=on -cpu host,vmx=on,-hypervisor -hda win11.img -smp 8 -m 8G -daemonize
    iamvinh+  209618  137 12.4 10272744 8162672 ?    Rl   11:38  50:43 qemu-system-x86_64 -bios /home/iamvinh123/win-vm/OVMF.fd -hda /home/iamvinh123/win-vm/os.qcow2 -pflash /home/iamvinh123/win-vm/OVMF-code.fd -pflash /home/iamvinh123/win-vm/OVMF-vars.fd -vga qxl -m 8G -cpu host,-hypervisor -smp cores=4 -usbdevice tablet --enable-kvm -daemonize -net nic,model=e1000 -net user,hostfwd=tcp::23390-:43389 -vnc 127.0.0.1:7357,password=on
    itsmepa+  207607 44.0 11.5 11001384 7597124 pts/17 Sl+ 09:59  59:36 qemu-system-x86_64 -cpu host,-hypervisor -m 8192 -smp cores=8,sockets=2 --enable-kvm -hda 11disk.qcow2 -cdrom win11.iso -net nic,model=e1000 -net user -vnc :5,password=on -monitor stdio -usbdevice tablet
    rtedpro   208600  163  9.5 7428808 6292548 pts/2 Sl+  10:47 143:46 qemu-system-x86_64 -m 6G -cpu host,-hypervisor --enable-kvm -smp cores=4 -boot d -hda vm1.img -vnc :65,password=on -monitor stdio
    dinopot+  189577  7.9  7.5 11051452 4942908 pts/15 Ssl+ May06  65:12 qemu-system-x86_64 -cpu host -m 8G -hda 10.qcow2 -cdrom 1022H2.iso -net nic -net user,hostfwd=tcp::3243-:80 -usbdevice tablet -smp 16 -vnc :96,password=on -monitor stdio --enable-kvm
    kadim19+  172671 16.1  4.9 5367400 3280528 pts/20 Sl+ May06 252:19 qemu-system-x86_64 -m 4G -cpu host --enable-kvm -smp cores=3 -boot d -hda Windwos-server-2022.qcow2 -monitor stdio -vnc :72,password=off -net nic,model=e1000 -net user,hostfwd=tcp::4389-:3399,hostfwd=tcp::2080-:80,hostfwd=tcp::27015-:27015 -machine usb=on -device usb-tablet -vga qxl
    nubuki     11502 27.7  4.0 4621632 2671012 pts/13 Sl+ Apr29 3278:56 qemu-system-x86_64 -nographic -serial mon:stdio -net user,hostfwd=tcp::2223-:23 -net nic,model=virtio -cpu host -enable-kvm -m 3G -smp 3 -hda debian.qcow2
    exajimag  207203 16.9  3.0 9511788 2015844 pts/9 Sl+  09:27  28:16 qemu-system-x86_64 -hda win8release.img -m 8G -vnc :59 -smp cores=4 -cpu host -enable-kvm -net user,hostfwd=tcp::4000-:3389 -net nic -object rng-random,id=rng0,filename=/dev/urandom -device virtio-rng-pci,rng=rng0 -monitor stdio -machine usb=on -device usb-tablet
    nubuki     11028 23.4  2.2 3219976 1456440 pts/11 Sl+ Apr29 2764:02 qemu-system-x86_64 -nographic -serial mon:stdio -net user,hostfwd=tcp::2222-:22 -net nic,model=virtio -cpu host -enable-kvm -smp 2 -m 2G -hda debian-sid-nocloud-amd64-daily.qcow2
    
    Thanked by (2)terrorgen sh97
  • Not_OlesNot_Oles Hosting ProviderContent Writer

    @somik said:

    The way I see it, you got two choices IF you want the MetalVPS. Either provide personal Id for verification or pay a reputable provider. You can always NOT get a server. It'll save you on the internet bills and phone bills as well.

    All I know is your LES account is 2 days old so there is no way to verify who you are and what your intentions are. Lets talk again in a year or two if @Not_Oles is still around by then.

    Moreover all your activity was only on this thread so not a active member of LES community.

    Hey! Friend @somik! Please take it easy. :) There's no immediate danger to MetalVPS right now because there are no MetalVPS dedicated servers running right now. :) Your suggestion about enforcing strict personal identification is being considered. Your suggestion is good and has many advantages. But for right now, maybe we can take it easy? :) Thanks! :)

  • edited May 2023

    Hilariously, there is a Discord group whose members have been taking co-ordinated advantage of the MetalVPS free offers. :)

    Hilariously, I was invited to join and did join the group earlier today. :)

    Hilariously, I wanted to see what would happen if MetalVPS made the open and free offers. Now I have learned really a lot from many wonderful guys in the Discord group.

    The guys in the Discord group have lost the free servers, at least temporarily. They also caused the loss of the free servers by any legitimate users.

    So that means I have lost access to the server? Because I am also a part of the group as a higher-up moderator.
    By the way, I am writing this from my school.

    Thanked by (1)Not_Oles
  • @Not_Oles said:

    Hey! Friend @somik! Please take it easy. :) There's no immediate danger to MetalVPS right now because there are no MetalVPS dedicated servers running right now. :) Your suggestion about enforcing strict personal identification is being considered. Your suggestion is good and has many advantages. But for right now, maybe we can take it easy? :) Thanks! :)

    Sorry about that. This just brings back old memories of the time I was providing free hosting.

    I was not serious about personal identification. It's just a pipe dream. No one will provide such personal info to another individual on a forum.

    However, there is always the option to get a little more info (like school email verification if they say they are a student) and making sure the LES/LET account is past a certain age before handing them access to do what they want.

    Thanked by (1)terrorgen
  • Not_OlesNot_Oles Hosting ProviderContent Writer

    @somik said: premium service FOR FREE

    Thank you for a short, but perfect description of MetalVPS! <3

    @somik said: Looking at the logs I posted, only the following accounts were active during the time of abuse (port scanning):

    Username -> joined date

    @SheGivMeItAgain -> May 7
    @iamvinh123 -> April 28
    @itsmepaddi -> April 19
    @RtedPro -> April 18
    @dinopotato -> April 20
    @Kadim1998 -> April 30
    @Nubuki -> October 2022
    @ExAjiMag -> April 19

    Thanks for this investigation and report. So you are saying that the evil scanner has to be one of these 8 people? Are you sure? (I am not saying you are wrong, just asking that we think really carefully, please!)

  • @Not_Oles said:

    Thank you for a short, but perfect description of MetalVPS! <3

    @SheGivMeItAgain -> May 7
    @iamvinh123 -> April 28
    @itsmepaddi -> April 19
    @RtedPro -> April 18
    @dinopotato -> April 20
    @Kadim1998 -> April 30
    @Nubuki -> October 2022
    @ExAjiMag -> April 19

    Thanks for this investigation and report. So you are saying that the evil scanner has to be one of these 8 people? Are you sure? (I am not saying you are wrong, just asking that we think really carefully, please!)

    No, I'm not sure. Because I only posted the KVM users there. Not ALL users. Generally abuse comes from a KVM server rather then a naked script running on the server itself, but it is always different. A full ps aux would give a full result, but we did not consider it (hindsight is 20/20).

    I am just saying that the top 8 users of the server contained 7 accounts younger then 1 month. And it is possible that one of them is the abuser. It could very well be someone else, but we have no way to check. What we know for SURE is that the abuser is one of the users of the MetalVPS and the users consisted mostly of very young accounts.

  • Not_OlesNot_Oles Hosting ProviderContent Writer

    @itsmepaddi said:

    So that means I have lost access to the server? Because I am also a part of the group as a higher-up moderator.
    By the way, I am writing this from my school.

    Hi @itsmepaddi!

    Please try not to take what happened personally. Somebody did something evil on one of the servers, and we shut them down. Yes, it's true that you lost access for awhile, but so did everybody else. I am sorry for the inconvenience to you and to other guys equally inconvenienced. Hopefully we will have a server back up before too long. Meanwhile, you might ask your parents or a school administrator to contact me by email at the address on my LES profile. Probably we will need to confirm that you are who you say you are. Again, sorry for the inconvenience! You are a great guy, and I have enjoyed your posts here in this thread about all the fun stuff you have done on the server.

    Best wishes!

    Tom

  • Not_OlesNot_Oles Hosting ProviderContent Writer

    @somik said: No one will provide such personal info to another individual on a forum.

    Previously, there have been people who have provided information to me. So I respectfully disagree that "No one" will provide identification information.

    As always, thanks for your comment! I'd be interested to hear more about your own adventures as a "free" provider. :)

  • Let me explain what did I do when the attack is happening.
    I'm running a Windows 11 VM for testing stuffs (and failed)
    Also that logs probably was from a few days ago...

    Thanked by (1)Not_Oles
Sign In or Register to comment.