When selecting a server, I looked up the keywords for VPS, cloud, and dedicated servers and found the following statement:
Why not recommend anonymous VPN "ibVPN"
We are actively utilizing the cloud and VPS to keep running costs low. Of course, there is a dedicated server inside, but it is not possible when mixing.
No matter how logless you may be on the cloud/VPS, you cannot deny the possibility that an order from the hosting company will record the connection status.
As for Abuse's email, it will first be delivered to the hosting company listed in Whois and forwarded to the client ibVPN, so you may not even know about the warrant.
The article seems to say that a dedicated server is a better choice for security than a VPS/cloud (not a VPS/cloud) because of the possibility of recording the connection status in an order from a hosting company.
But I have a question here.If you don't trust the host (that is, the host attacks the server you purchased maliciously) and you want to protect the server from host attacks, don't you think VPS, cloud, or dedicated servers will eventually end up with no additional protection?
The possibility of recording the connection status in an order with a hosting company should be the same because the physical server is in the hosting company for both virtual and dedicated servers, and wouldn't it be the same for Abuse's email?
security
First of all, the article is about using VPN.As for the latter half of the abuse email, if you cannot trust your VPN company, you may not receive any legal communication regarding communication via VPN.It's a little different from simply wanting to use a cloud like AWS, so be careful.
When renting a VPS, cloud, or dedicated server, I think there are two things you are concerned about:
I will answer each question.
If a compromised organization, such as spam, sends an abuse email, it will be addressed to either a domain or an IP address, or both.
For "domains", you can configure your own domain in most services, so if you use your own domain, it should be addressed to that own domain.If you can't trust the host company, you won't be crushed if you separate the mail server.
As for the IP address, it may be possible to assign an IP address owned by the company just like the domain (e.g., BYOIP of AWS). Because it is an IP address owned by the company, the whois contact is not the host company, but the company.The abuse email will also be sent to you, so the host company will not crush it.
The downside is that if you do not already have an IP address, it is difficult and expensive to get a new IPv4 address.Also, depending on the cloud and connection you use, it may not be possible, or you may need a router or other device on the on-premises side.
Therefore, whether it's VPS, cloud, or dedicated server, if you have your own domain and IP address, and you have a separate mail server, you won't be able to receive or be crushed by the use email.On the other hand, even if it is a dedicated server, if you use the domain and IP address provided by the vendor, you may not hear from the vendor because the use email is sent to the vendor.
VPS and Clouds are virtual machines (guests) on physical servers (hosts) using virtual environment technology (in the case of clouds, it may be non-IaaS, but it's similar, so we don't want to do that anymore) in a virtual environment.It is accessible, including decrypted information and memory information with encryption keys.You can also take as much communication as you like.This means that if the host is malicious, no matter how much encryption you do, the information will be completely visible (client-side encryption is the only way to prevent this).
First of all, even if we trust the host company, there is still a problem.Although the above story is a guest on the host and should not be visible to the guest by default, a virtual environment host failure might result in a vulnerability where memory information for another guest can be retrieved from the guest.A decent hosting company would patch it right away, but there would be a time lag if it was a zero-day vulnerability.What happens if there is a guest on the same host who is renting maliciously?Yes, it means that there is a possibility that we will be able to get information about your server.(Attacks from malicious others can be prevented to some extent by a "hosting private cloud" that rents its own virtual cloud.)
With a dedicated server, you don't have to worry about getting guest or guest information from the hosts listed above.However, you should be aware of the following:
In the end, there is no way to completely protect against attacks from malicious hosts.
As for abuse mail, if you have a separate mail server using your own domain or IP address, there will be no problem with VPS/cloud/dedicated server.However, you should be aware that your own IP address is not easy to prepare and use, such as limited services available.
If you can't trust the host company at all, you can't do anything to fully protect your information.If you want full protection, you have no choice but to build it on-premises in your server room.However, even if it is on-premises, there is a possibility that the contractor who requested the construction will stock the back door, and the contractor who requested the operation may have malicious intentions.In the first place, there is a possibility that the equipment such as the server you purchased has a back door.Also, there is a high possibility that the security of the server room in the company is lower than that of the data center (such as surveillance cameras, entrance and exit management, and security of the building itself).If you want to prevent them, you'll need to constantly hire highly skilled employees who can afford expensive facilities, build and operate them, and it's very expensive.
© 2024 OneMinuteCode. All rights reserved.