IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [vps]

A Virtual Private Server is a server hosted using a dedicated allocation of hardware (including RAM, disk space, etc), but with other servers/users being hosted on the same box. Unlike cloud hositng, a VPS won't share resources with other users hosted on the same physical server, usually by zeroing out shared resources when switching users, making a VPS more secure & reliable than shared cloud hosting at a fraction of the cost of a dedicated server. You can host a VPN server on a VPS, but it's not the same thing. Though a VPS does share resources like RAM and CPU, there's much nmore separation than there is in a shared cloud environment, which is controlled by the hypervisor.

There are many advangtages to using a VPS. By chosing the right data centre location, you can imporve page serve times, take advantage of privacy laws in a particular country, and improve latency for time sensitive applications like FOREX trading.

45 questions
57
votes
8 answers

Brutalized VPS recovery data now available. Considerations?

Backstory My sites and VPS were stolen from me. The hosting company and I were locked out and unable to access it. They weren't able to create a temp password for access because the attacker blocked it. The last time I was logged into WHM, root…
Preston Bennett
  • 613
  • 1
  • 5
  • 10
6
votes
3 answers

What is the risk of running VPN on VPS?

Let me try to sum up this question; I want to buy VPS from (vultr - I'm not promoting them), but before that I'm wondering how secure is to run VPN on this kind (or any kind) of VPS in sense that I can endanger myself by choosing wrong company,…
user134969
  • 1,298
  • 4
  • 15
  • 24
4
votes
0 answers

Maximum password length for user accounts on Ubuntu

I have a VPS hosted at a remote location. Obviously the host can login directly (without SSH or any keys) on this box and I want to make brute force password guessing as hard as possible for a bad admin.This leads to the question: What is the…
Jasper Citi
  • 165
  • 3
3
votes
2 answers

VPS with shared resources malloc attack

If I understand it correctly then: C function malloc provides a memory block with indeterminate values (which depend on the previous user of this memory block) Shared VPS hostings share resources such as RAM and CPU In that case, my question is:…
Gillian
  • 492
  • 1
  • 3
  • 13
2
votes
0 answers

Best way to avoid DPI/tunnel detection?

guys, I live in Russia and that pretty much says it all. I was using a standard self-hosted VPN on a DO droplet, but now I'm afraid that since VPN usage in Russia started to spread like a wildfire after the recent Instagram ban the Russian…
passingTHROUGH1263
  • 21
  • 1
2
votes
2 answers

A customer support of where my company host a VPS on asked me login detail, is this standard procedure?

We host our web application on a VPS, I maintain LAMP environment there to fulfill our client needs (I work on relatively small SaaS service provider), I also set up a script to backup the system regularly at night. Our company had just upgraded all…
howardy3
  • 35
  • 5
2
votes
1 answer

Can someone perform DDoS on my VPS even if it is only accessible through SSH?

Can someone perform DDoS on my VPS even if I have not installed any webserver software like apache, nginx, etc.? Since I have not installed any webserver software, it's not really available to the public. Am I right? It can only be accessed via SSH.
Yujx
  • 21
  • 1
2
votes
2 answers

Connecting to my VPN via IP or domain name?

Background: So I use a private VPS to host my own VPN, rather than pay/trust another company to host it for me. I am an intermittent traveller so it is cheaper for me to spin up or down my server as I choose. The main reasons I use a VPN are 1. To…
Harvs
  • 121
  • 1
  • 1
  • 3
2
votes
1 answer

SSH to IP instead of to fully qualified hostname: does this reduce MITM risk?

I am applying configuration management to a VPS hosted by a VPS hosting company. Changing the hosting company is not an option, unfortunately. This VPS has the following properties: when newly-imaged or re-imaged, it generates a new, random, SSH…
sampablokuper
  • 1,961
  • 1
  • 19
  • 33
1
vote
1 answer

I am still receiving ssh-bruteforce on my VPS

I have a server in Oracle Cloud Infrastructure Ashburn. I am using Tailscale to SSH my servers and closed Port 22 in public. I closed Port 22 on the VCN and left Port 22 open on the server. But no one will access it 'cause I am the only one that can…
Hanson Deck
  • 27
  • 5
1
vote
3 answers

security measures for proprietary code on a VPS

I've got several C++ and Python scripts containing proprietary algorithms, which are latency-sensitive and hence need to be on a system near the data center serving data to them. While a VPS is economical, I worry that the administrators may snoop.…
CB001
  • 21
  • 1
1
vote
0 answers

Decompile a binary virus/worm

We got hacked, someone got access on our VPS machine. There are no ssh logs, there are no auth logs. There is no actual trace of remote access (that I could find and I'm not a security expert but I'm not a complete beginner either). After a lot of…
Nicos Karalis
  • 111
  • 6
1
vote
1 answer

Are CPU side-channel attacks still a concern on VPSs

I've been looking into getting a VPS to run an OpenVPN server on and a few other things. I've been speaking to a hosting company and they have sent me this screenshot to show they are protected against all currently known exploits on their…
Letal1s
  • 99
  • 6
1
vote
1 answer

Is protecting against Meltdown and Spectre on virtual servers actually possible?

I've been reading into the Meltdown and Spectre bugs recently and the issues they cause for virtualised servers, as memory in one VM can potentially be accessed by another user in a separate VM with the same host. I found this article on…
Letal1s
  • 99
  • 6
1
vote
0 answers

Can a running SSH connection to a rootkit infected VPS be used to attack the remote client?

If a VPS running Debian 10 Xfce as a cloud desktop has been rootkit infected and there is an ongoing SSH connection with X2Go from a client to manage this server, is it possible for an attacker on the VPS to hijack the existing SSH connection in…
user264116
1
2 3