Follow up: Non-payment, Morocco, phishing and proxy

Could OVH please confirm clearly that running a TOR exit node is now forbidden? When one is "invited" to do something it is normally optional.

In what way does a local TOR node pose a danger, any more than any other computer, or TOR node on the internet? I say we just bite the bullet and turn OVH into a LAN, providing the most secure environment possible.

no legit people need tor?

Being a firm believer in internet anonymity i think thats bull, but thats just my opinion.

So if i understand this correctly no proxies will be allowed? what if we cap the proxy usage / block all ovh urls or a set of urls ovh provides?

Now that Morocco is allowed, will you continue allowing new countries one at a time or is there some order of how this will play out?

Do chinese people deserve to get banned from everywhere and prosecuted just for posting something that we can say everyday?

No legit users need TOR.

And also don't let other people use it to possibly defraud OVH. Password protect it and only let trusted users use it, and keep access logs. Then you're covered

The problem is not with the tech itself... the problem arises if the proxy is used to defraud ovh.

If I understood correctly if you use it for other things, and not to fraud ovh, you should not worry!

Is it okay to run a proxy for yourself? Like for at public computers, work, etc.

I do not think you should completely disallow tor servers from your network.

Please ONLY block the exit nodes (which allow access to internet resources) rather than all relays. Most tor servers do not allow internet access and will only forward and receive packets from other tor relays/entry nodes. Therefore there is no threat of criminal activity coming from an OVH IP address.

OVH is a great ISP for running a NON-EXIT tor relay, please keep it this way

What do you think Oles?

Hello, For Friday, we have sent the letters of validation to our customers. It s' acts of orders of new customers, but also for the old ones customers (that depends on the order and detection d' an anomaly in the order, for example the IP in France, etc etc, 140 are not regulated). It s' does not act of detection of hackeurs but d' a control which we carry out permanently. Jusqu' at Friday in case d' an anomaly in the order, the payment was blocked jusqu' with the validation of the payment by human. This could take jusqu' at 12 midnight. And thus to delay the orders of certain former customers (and all the new ones). Once the code of the letter is validated by the customer, all the following orders are treated without time. This service there will be proposed with all the customers insofar as us let us send the letters to all the customers in the weeks to come. One button in the manager will be implemented aujourd' today or tomorrow in order to force the validation.

Thanks to these validations by letter, we see a dimension very important of many orders placed by the hackeurs (and payments with the CB flights). Generally, we had between 20 and 50 unpaid per day. Since the SMS, we are more qu' to 10. And since the letter, 2-4 per day. This night, us n' in had any! In the course of the day, we still meet some attempts at payments with the bank cards flights, but the validation by the letter blocks these payments completely. We are thus very close to the goal

We have just freed Morocco. From now on the customers of Morocco can again reach our site and to the manager.

The hackeurs s' attack from now on with the customers d' Ovh. Indeed, this night a new email of phishing concerning Ovh was sent to certain of our customers. The page of phishing was decontaminated. It s' acts of the same method of phishing as for the banks or the paypal: the page with the colors d' Ovh you asks for the codes d' access to the manager. You should not in no case to seize your login and the password THAT on https://www.ovh.com. The site is authenticated with a certificate SSL which guarantees qu' to you; it s' d' acts well; Ovh. If you for the codes d' are asked; access on a page in http:// (simply and without the S in HTTP), it done not under any pretext.

Following closing d' approximately 350 waiters which the hackeurs ordered during the time enters June and the month d' August, the hackeurs have less technical resources to misuse on l' Internet. From now on, they use them waiters proxy. Some (rare) customers propose services of proxy. In case of detection d' a fraud carried out to leave d' a waiter at Ovh (that is the proxy or not), this service is decontaminated and the suspended contract. If you have a proxy, a TOR on your waiter which you propose on your waiter we invite you to close it. In the contrary case, we will suspend waiter (see all the waiters which you have at Ovh) and to suspend it contract. This kind of service are a danger and an insecurity to our network and, while respecting our contract, we will take measurements necessary to there too make safe to the maximum our network on this level. We are extrement determined to block any form d' abuse which would come from our network, cost that cost and some is the number of waiters qu' one will have to suspend. One do not laugh with l' insecurity on l' Internet and one n' do not hesitate over the means. Thank you for your comprehension.

In a friendly way Octave

Hello,

Since Friday, we sent the letters of validation to our customers. It's done for new customers, but also for the current ones (that depends on the order and detection of an anomaly in the order, for example the IP in France). It is not a way to detect hackers but a control which we carry out permanently. Up to Friday in case of an anomaly in the order, the payment was blocked with the validation of the payment done by a human intervention. This could take 24 hours, thus delaying the orders of certain existing customers (and all the new ones). Once the code sent by mail is validated by the customer, all the following orders are treated immediately. This service will be proposed to all the customers by mail in the coming weeks. One button in the manager will be implemented today or tomorrow in order to force the validation.

Thanks to these validations by mail, we removed a very important number of orders placed by the hackers (and payments with stolen credit cards). Generally, we had between 20 and 50 unpaid orders per day. Since validation by SMS, we are down to around 10. And since the letter, 2-4 per day. Last night we had none! Today, we still meet some attempts of payments with stolen card numbers, but validation by the mail blocks these payments completely. We are thus very close to the goal

We have just freed Morocco. From now on the customers of Morocco can again reach our site and the manager.

The hackers attack now the Ovh customers. Indeed, last night a new phishing email concerning Ovh was sent to some of our customers. The phishing page was shut down. It used the same method of phishing as for banks or paypal: the page with the colors of Ovh asks for the codes to access the manager. Secure your login and the password! On https://www.ovh.co.uk the site is authenticated with an SSL certificate which guarantees the authenticity of the Ovh site to you. If you are asked for the codes to access a page starting with just http:// (without an 'S', as in "https"), do not enter it under any circumstances.

After closing approximately 350 servers which the hackers ordered between June and August, the hackers have less technical resources to misuse on the Internet. From now on, they use their proxy servers. Some (rare) customers request proxy services. In case of the detection of a fraud carried out from a server at Ovh (proxy server or not), this service is decontaminated and the contract suspended. If you have a proxy, a TOR on your server we invite you to close it. In the contrary, we will suspend the server (and maybe all the servers you have at Ovh) and suspend the contract. This kind of service is a danger and an insecurity for our network and, by respecting our contract, we will take the maximum measures necessary to secure our network. We are extremely committed to blocking any kind of abuse that would come from our network, no matter what, and no matter the number of servers that we would have to suspend. We don't joke with insecurity on the Internet. Thanks for your understanding.

Regards,

Octave