Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
Buy OSRS Gold

Sign in to follow this  
Virt

Montreal's Private Proxy

Recommended Posts

Scammer's Username: @Montreal
Link to Scammer's TriBot Profile: https://tribot.org/forums/profile/10370-montreal/
Chat/Discussion Methods: i bought few proxies from his site and i contacted him via email 
Chat Username(If Applicable)*: 
Describe in detail in your words what happened: so i bought few proxies off his site, and i asked him to whitelist it for me, my ip have changed and he said that it's whitelisted, but i could still use it on tribot and on maxathon with no problems!
Evidence**:
Other:  

From: Socks5Proxies Admin <[email protected]>
Sent: Wednesday, October 26, 2016 11:37 PM
To: omar leo
Subject: Re: 2 proxies that i've purchased From [email protected]
 

Hi, thanks for letting us know about the email issue. Our Dev will look into and fix it. As for the whitelisting, the IP requested is now whitelisted.

 
On Oct 26, 2016 7:37 AM, "[email protected]" <[email protected]> wrote:
I've purchased 2 proxies, how ever i did not recieve them in my inbox/spam folder either, i want them whitelisted on this ip 5.107.113.192
 
 
 
 
 
 
so this is the first email i've sent, the proxy includes username and password, my cousin who live in france has tried them after the whitelisting and it's working
i also asked fluffee to try them @iFluffee
and @Netami
they both tried them and said it worked for them
i can give any mod the proxy or the email he has sent me in full or the proxies in private.
or any proof of others using the proxy
 
 
 
Edited by iFluffee
  • Like 1

Share this post


Link to post
Share on other sites

When you whitelisted the IP it can be used without user and pass. If you include the user and password, no whitelist is needed as you used another form of authentication.

I whitelisted the IP under the assumption you needed to access the proxy without user and pass.

You also submitted the wrong IP for whitelisting, then submitted the new IP in the middle of the night and followed up with a ticket complaining the right IP was not whitelisted.

Our ticket hours are 5-11PM eastern. The site says we aim to respond within 24 hours.

If you had submitted a ticket regarding this I could have told you all this privately.

Edited by Montreal

Share this post


Link to post
Share on other sites
2 minutes ago, Montreal said:

When you whitelisted the IP it can be used without user and pass. If you include the user and password, no whitelist is needed as you used another form of authentication.

I whitelisted the IP under the assumption you needed to access the proxy without user and pass.

You also submitted the wrong IP for whitelisting, then submitted the new IP in the middle of the night and followed up with a ticket complaining the right IP was not whitelisted.

Our ticket hours are 5-11PM eastern. The site says we aim to respond within 24 hours.

If you had submitted a ticket regarding this I could have told you all this privately.

all the user/password/port is the same for the proxies i've purchased at different timing

whitelist ip is supposed to work only for the ip that u asked for no matter if u ask for user or pass thats how other proxy providers do it

i didn't submit the wrong ip i just said my ip has changed and wanted to whitelist another ip

 

anyone can try different ip subnets and get in using ur proxy without a problem if that's the case theres no security in that matter or what u call private proxies/whitelisting

Share this post


Link to post
Share on other sites
19 minutes ago, leoshiro said:

all the user/password/port is the same for the proxies i've purchased at different timing

whitelist ip is supposed to work only for the ip that u asked for no matter if u ask for user or pass thats how other proxy providers do it

i didn't submit the wrong ip i just said my ip has changed and wanted to whitelist another ip

 

anyone can try different ip subnets and get in using ur proxy without a problem if that's the case theres no security in that matter or what u call private proxies/whitelisting

As I said. Your understanding of the whitelist feature is incorrect. The whitelist allows you to connect with only IP and Port authenticating with your IP. User and pass are different authentication methods.  If you want just IP authentication then we can remove the user and pass. That however, is not what you asked for.

Share this post


Link to post
Share on other sites
1 hour ago, Montreal said:

As I said. Your understanding of the whitelist feature is incorrect. The whitelist allows you to connect with only IP and Port authenticating with your IP. User and pass are different authentication methods.  If you want just IP authentication then we can remove the user and pass. That however, is not what you asked for.

Other proxy host use the whitelist feature as a security measure to prevent brute force and other users to enter the proxy. You state your proxies are 100% private yet all the info port/user/pass are the same. And with past history of your business linking to this feature


it clearly has not worked. As a client, my first and foremost concern is getting what I paid for, same goes for your tribot client as i told u in the email u need to clear things out!

Other proxy host use the whitelist feature as a security measure to prevent brute force and other users to enter the proxy. You state your proxies are 100% private yet all the info port/user/pass are the same. And with past history of your business linking to this feature

it clearly has not worked. As a client, my first and foremost concern is getting what I paid for, same goes for your tribot client as i told u in the email u need to clear things out!

if you whitelist a proxy, you still cannot login that proxy using user/password because that IP is not authenticated. SSH will block out any alien IP that will try to authenticate via user/password, hence why it's called whitelisting. 

the reason why whitelisting works better than user/password is because SSH bruce force is very easily done, and since all my pass's and user's are the same anyone can hack easily into these proxies
 
By whitelisting an IP, it prevents users from randomly guessing root user and root password, because it blocks them if their IP is not registered as valid.
If someone were to try to login via SSH using ur root user/ root password, and u whitelisted it, it would rebound and would not let anyone enter

source: http://blog.rackspace.com/securing-your-ssh-server

 

1 hour ago, Montreal said:

 

When you whitelisted the IP it can be used without user and pass. If you include the user and password, no whitelist is needed as you used another form of authentication.

 

 

This is true, but if you whitelist and use user and password to login it will not work, because it is whitelisted

 

 

 

 

Share this post


Link to post
Share on other sites

Once again. You are telling me how other businesses whitelist work. That is not how our whitelist works, because you assume something does not make it true.

The passwords are not all the same as you claim, and we have security features in place to prevent brute forcing that I am happy to share with staff but not publicly as that would help users circumvent it.

I did change the whitelisted and password for you, if you would like customer support post a ticket. It has nothing to do with this dispute.

As I've said, you misunderstood how our whitelist works. We've done nothing nefarious or shady, you jumped the gun and filed a dispute before asking in a ticket.

As for you posting that topic. That was another business. Since has closed. The new proxy business is allowed to run because we have placed security protocols to make sure things like brute forcing doesn't happen.

Share this post


Link to post
Share on other sites

I know I'm technically not supposed to post here, but I just want to state that I have purchased many proxies from Montreal and they almost never have the same port, username, and pw. If I order a set of 20, as an example, those might all have the same port, username, and pw. However my next set would often times have different ones. I had a deal with him recently and he would request that I provide alternate usernames/pws for the proxies that I was requesting because it assisted in the organization of his system. 

I doubt he is responsible for anything nefarious, I believe that you (leo) just were used to a different system and expected Montreal's to be exactly the same.

  • Like 1

Share this post


Link to post
Share on other sites
1 hour ago, FALSkills said:

I know I'm technically not supposed to post here, but I just want to state that I have purchased many proxies from Montreal and they almost never have the same port, username, and pw. If I order a set of 20, as an example, those might all have the same port, username, and pw. However my next set would often times have different ones. I had a deal with him recently and he would request that I provide alternate usernames/pws for the proxies that I was requesting because it assisted in the organization of his system. 

I doubt he is responsible for anything nefarious, I believe that you (leo) just were used to a different system and expected Montreal's to be exactly the same.

to add further to this, each set of 10 have the same authentication. However none of the 10 are the same subnet or sequential. Meaning it cannot be guessed or brute forced. You also get a mix per order, especially on our new and improved system. 

We also offer as you said the option to change your user and pass via ticket and even the option to connect via IP authentication (whitelisting). Which is what the user requested. 

This is nothing more than him not understanding what our whitelist system was for and does and then making false inferences and instead of submitting a ticket which would have provided him clarification he went straight to a public dispute.

There's not much more to be said here. We only provide private proxies and we have security protocols in place. We time name change and whitelisted options to anyone who wishes to. I truly try to go above and beyond and appreciate all of our customers.

Edited by Montreal

Share this post


Link to post
Share on other sites
59 minutes ago, Montreal said:

This is nothing more than him not understanding what our whitelist system was for and does and then making false inferences and instead of submitting a ticket which would have provided him clarification he went straight to a public dispute.

as i have told you in the email, and i'll tell you again, i'm not benefiting anything from this, why would i open a dispute if i don't know what i'm asking for?

you keep saying that like i'm your enemy or something, as i said in the email im trying to clarify everything so tribot members know that, u didnt even say that in ur system that it only whitelist ip and u can still use password and username untill i opened a dispute and maybe 30 ppl who viewed this dispute now know how ur system works? why u always play the victim i don't get it..

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  

  • Our picks

    • Gradle is a build tool used to accelerate developer productivity.

      We recently setup a Maven repository (TRiBot Central) to make it easier for scripters to create scripts. Check it out here: https://gitlab.com/trilez-software/tribot/tribot-central/-/packages

      Furthermore, we've released a simple Gradle project to make it easy to run TRiBot and develop scripts for it. Check it out here: https://gitlab.com/trilez-software/tribot/tribot-gradle-launcher

      The goals of TRiBot Central are to:

      Deliver updates to TRiBot faster


      Better organize TRiBot's dependencies (AKA dependancies)


      Make it easier to develop scripts for TRiBot


      Make it easier to use and run TRiBot


      Note: TRiBot won't be able to run scripts from within this project until TRiBot's next release.
        • Like
      • 8 replies
    • Hi everyone,

      I'd like to thank everyone for their patience in this transition period. Since last week, we've worked out the remaining bugs with this integration.

      Some users have still been having issues with connecting their forums account to their Auth0 account. To resolve this, we've imported all forums accounts into Auth0.

      Unfortunately, the accounts which were imported today were using an unsupported password hashing algorithm. Hence, random passwords were set during the import.

      What does this mean for me?

      If you've previously linked your forums account to your Auth0 account, you don't have to do anything. Nothing changes for you.


      If you haven't logged in via our new login yet,

      Try logging in with your forums email address and the last password you used


      If you are unable to login, please use the "Forgot password" tool on the login page:
      Follow the instructions to reset your password
       
        • thonking
        • Like
      • 15 replies
    • Hello everyone,

      Last week we tried to roll out Auth0 Login, but we lost that battle. Now it's time to win the war!

      Important changes

      When logging into the client, you'll now have to enter your Auth0 account credentials instead of your forums credentials

      Note: 2FA is still handled through your forums account (for the time being)



      Changes for existing users

      You'll have to link your Auth0 account to your forums account here: https://tribot.org/forums/settings/login/?service=11


      Auth0 accounts have been created for most existing users. Please use your forums email address and password to login.



      Important notes

      Make sure to verify your email address upon creating a new Auth0 account


      When we mention your Auth0 account, we mean your account used for auth.tribot.org as displayed below
      • 81 replies
    • To better support the upcoming changes (TRiBot X, new repository), we're switching our login handler to Auth0. Instead of logging in with the standard form, you'll now be required to login through our Auth0 application.

      All existing accounts which have been used within approximately the past year have been imported into Auth0 using the same email and password combination which has been stored on the forums.

      What does this mean for users?

      Your account credentials are now even more securely stored


      You'll be able to login via Facebook, Google, and others in the future


      Is there anything users have to do differently now?

      Existing users: You'll have to login with the standard login, open your Account Settings, then link your Auth0 account


      New users: You'll be redirected to our Auth0 app (auth.tribot.org) where you'll be able to create an account


      Why was this change made?

      The new apps we are creating (such as the new repository) aren't able to use the forums to handle user logins


      To centralize all user accounts in one area


      To ensure that the client login doesn't go down when the forums are having problems


      To speed up our development


      Other considerations

      There's no documentation or official support for using Invision Community combined with Auth0, so there are still a few kinks we're working out


      We're in the works of creating an account management panel specifically for Auth0 accounts (ETA August)


      It's not possible to change email addresses for the time being (this will be resolved this August)


      Changing passwords is a weird process for the time being. To change your password, you'll have to use the "Don't remember your password" tool on the Auth0 login page
        • Like
      • 11 replies
    • Over the past month, we've been working hard on TRiBot's new repository - a much needed update. This change has been deemed necessary for TRiBot X, and will allow us to really speed up development of all aspects of TRiBot.

      Today we are going to share what we've been working on!


      Now you must be wondering what kind of features the new repository will have.... well, you'll have to be patient for a little while longer. We're still figuring out various technical aspects so we can't provide answers to all possible questions. We're also focusing on development rather than writing about it so that everyone can get access to our latest developments at lightning speed. I will however answer a few users' questions.

      We're planning on a release of this early to mid August, giving users some goodies before TRiBot X's release.

      Thank you all for being patient. I hope everyone is excited as much as I am!
        • Like
      • 17 replies
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...