Bulletproof Hosting: Privacy Protection for Criminals
On the heels of the Hitbsecconf2018 (PDF link) in Amsterdam, we take a look at Bulletproof hosting. What is “Bulletproof” hosting? Who uses Bulletproof hosting? Does Bulletproof hosting protect the user?
In the PDF provided by The Hidden Wiki, it goes over the following points:
- Cyber Threat Landscape
- Categories of Hosting Providers
- Threat Intelligence Cycle
- Threat Intel Ecosystem Focus Areas
- Umbrella Investigate Intel Production Cycle
- Enrich with context across various attributes
- Autonomous System Number (ASN)
- Leaf (Stub) ASN or leaf ASNs chain
- Indicator: Offshore Business Registration
- Anonymous Payment Methods
- Sample Rogue Hosters with a Dutch footprint
- Rogue Hoster Recipe
- Law enforcement: Cross Jurisdictional Business
Model - Law Enforcement Recommendations
- Security Community Recommendations
Understanding Bulletproof Hosting In a Nutshell
In the realm of the Deep/Dark web, bulletproof hosting (also known as offshore hosting) has become the backbone of those who want to upload and distribute their content with considerable leniency. This service is provided by domain and web hosting firms operating all throughout the world. Created by those who believed that the internet should be free of censorship, spammers, distributors of child porn, scammers, and terrorist organizations have taken advantage of this online freedom.
Nevertheless, there are many bulletproof hosting service providers that say they do not allow certain kinds of material to be uploaded or distributed over their servers. It usually takes a specific number of complaints from outside agencies before action is taken. Bulletproof hosting providers want to minimize complaints so that their IP subnet is not blocked by anti-spam filters employing Internet Protocol (IP) address-based filtering. Furthermore, some service providers may have ethical concerns that are the foundation of their service terms and conditions.
Bulletproof hosting allows a content or online service provider to bypass the contractual terms of service of other hosting firms and any legalities prohibiting such content or service in various countries. This is why many of these bulletproof hosting firms are located overseas, and in some cases, located on the sea in abandoned oil rigs, such as HavenCo located on Sealand which is now defunct as of 2008.
Does Bulletproof Hosting Truly Protect You
The safety provided by an offshore hosting provider depends totally on the terms and conditions specified by the firm you choose and where the facility is located. Offshore hosting best used when you want to circumvent the laws and internet regulations in your own country or when commercial hosting firms have restricted your content. But if your content is so offensive that it causes even the hardest of criminals to raise an eyebrow, no provider may be able to protect you.
It’s not always law enforcement that steps in and targets groups or organizations using offshore hosting. In 2015, the hacktivist group Anonymous began targetting ISIS owned and operated sites on the Clearnet and Darknet. Some members of the group even spoke out against those providers who were hosting ISIS material. Anonymous has thus far been successful in taking down numerous ISIS or ISIS affiliate sites hosted by offshore hosting firms.
The security of your site and your anonymity is totally in the hands of those operating these services. Not only that but if law enforcement or hackers want to get to you, they will find a way, eventually. It depends on how bad they want you. If you’re selling cocaine on some Darknet Market, you’ll be less of a target than someone selling child pornography (though a few of these services allow it).
Some of the Top CVPS Firms Out There
If you’re considering using a CVPS (Cloud Virtual Private Servers) hosting solution for your business website or blog, keep reading to learn about the top-rated CVPS hosting providers in 2018. Some of these listed provide hosting in other countries so that you can bypass legal issues in your own country. That’s why they would be considered “offshore hosting” providers.
Founded | 2002 |
Server Location | To be updated |
Services |
|
Unlimited Website | No |
Unlimited Storage and Bandwidth | Only Available With The “Custom” Plan |
Domain Hosting | No |
Linux Hosting | Yes |
Windows Hosting | No |
WordPress | Optimized |
Joomla | Yes |
Drupal | Yes |
Magento | Optimized |
PHP Hosting | Optimized |
e-Commerce Hosting | Optimized |
Email Hosting | Limited Email Account |
SSL Support |
|
Dedicated IP | Yes |
Free Site Migration | Yes |
Free Domain | No |
Domain Privacy Protected | No |
Money Back Guarantee | 30 Days |
24/7 Support | Selected Methods Only
|
Control Panel |
|
One-Click Installation |
|
Website Builder | No |
Automated Backup |
|
Content Delivery Network (CDN) |
|
Security Features |
|
Payment Methods |
|
- A free domain name for a lifetime. After renewing your web hosting plans, your free domain will be automatically renewed.
- Attractive affiliate programs to earn by referring it to others.
- 60-day money back guarantee
- One click installer
- Supports Python, Perl, Ruby, Rails and various others.
- An uptime guarantee of 99.99%
- 100% Secured
- Free SSL certificates with each plan and anti-malware as well as anti-spam protection
- Updated plugins as well as well add-on
- 24/7/365 support via live chat or phone
- A number of experienced technicians are assisted for the customer support
- LegionBox Wiki as well as the discussion forum
- An intuitive control panel which also connects the customer with the support team
- 99.99% Uptime Guarantee
- Extensive Add-ons to use
- Cheap VPS Hosting
- Unlimited Bandwidth and Storage
- Video Tutorials
- Comes in 3 configurations: Basic ($24.99/month), Business($59.99/month) and Optimum($99.99/month)
- The plans cover different scales of various VPS requirements like:
- Core CPUs
- RAM access
- Memory Storage
- Bandwidth
- Domains etc.