Changes
Hosting
,Created page with "This is an overview of the experiences VTLUUG users have had with various VPS providers. === Linode === Linode offers fairly good specs (1 GB memory, 8 cores, 24 GB storage, ..."
This is an overview of the experiences VTLUUG users have had with various VPS providers.
=== Linode ===
Linode offers fairly good specs (1 GB memory, 8 cores, 24 GB storage, 2 TB transfer) for $20 a month, but do not have any cheaper plans. They have a robust management interface with load and bandwidth statistics, DNS management, and allow uploading of custom ISOs.
Linode has had a few security incidents in the past due to a ColdFusion 0-day, but responded reasonably.
=== Digital Ocean ===
DigitalOcean is a startup that offers cheap VPS instances, but lacks basic management and security features.
* For some reason, [http://digitalocean.uservoice.com/forums/136585-digital-ocean/suggestions/2814988-give-option-to-use-the-droplet-s-own-bootloader-?page=1&per_page=20 the VPS's bootloader is not used] so users must explicitly prevent the Linux kernel from updating in their package manager. This is particularly concerning because users must wait for DigitalOcean to provide updated kernels after vulnerabilities are discovered. In the case of CVE-2013-2094, a new kernel was not available for over a week.
* Users are limited to the images provided by Digital Ocean and cannot upload their own ISO or use a custom kernel. BSD, Gentoo, and many other Linux distributions are not supported.
* Root passwords are emailed to users in plain text, and [http://digitalocean.uservoice.com/forums/136585-digital-ocean/suggestions/3566070-add-a-checkbox-to-not-email-root-password there is currently no way to disable this feature]
* There appears to be no network isolation for at least some users, as determined by an IPv6 broadcast ping. ARP poisoning is likely possible.
* There is currently no bandwidth measurement
* No IPv6 addresses are provided
* In the past, DigitalOcean reused disk images between customers without securely wiping data. This enabled one to extract sensitive information by running <code>cat /dev/vda1 | strings</code>
* DigitalOcean allows users to set rDNS to arbitrary FQDNs without searching for matching A records
=== Prgmr ===
Prgmr is a discount Xen host used by several VTLUUG members. After Linode's 2013 upgrades, Prgmr is not as competitive at higher price tiers.
[[Category:Featured content]]
[[Category:Recommended stuff]]
=== Linode ===
Linode offers fairly good specs (1 GB memory, 8 cores, 24 GB storage, 2 TB transfer) for $20 a month, but do not have any cheaper plans. They have a robust management interface with load and bandwidth statistics, DNS management, and allow uploading of custom ISOs.
Linode has had a few security incidents in the past due to a ColdFusion 0-day, but responded reasonably.
=== Digital Ocean ===
DigitalOcean is a startup that offers cheap VPS instances, but lacks basic management and security features.
* For some reason, [http://digitalocean.uservoice.com/forums/136585-digital-ocean/suggestions/2814988-give-option-to-use-the-droplet-s-own-bootloader-?page=1&per_page=20 the VPS's bootloader is not used] so users must explicitly prevent the Linux kernel from updating in their package manager. This is particularly concerning because users must wait for DigitalOcean to provide updated kernels after vulnerabilities are discovered. In the case of CVE-2013-2094, a new kernel was not available for over a week.
* Users are limited to the images provided by Digital Ocean and cannot upload their own ISO or use a custom kernel. BSD, Gentoo, and many other Linux distributions are not supported.
* Root passwords are emailed to users in plain text, and [http://digitalocean.uservoice.com/forums/136585-digital-ocean/suggestions/3566070-add-a-checkbox-to-not-email-root-password there is currently no way to disable this feature]
* There appears to be no network isolation for at least some users, as determined by an IPv6 broadcast ping. ARP poisoning is likely possible.
* There is currently no bandwidth measurement
* No IPv6 addresses are provided
* In the past, DigitalOcean reused disk images between customers without securely wiping data. This enabled one to extract sensitive information by running <code>cat /dev/vda1 | strings</code>
* DigitalOcean allows users to set rDNS to arbitrary FQDNs without searching for matching A records
=== Prgmr ===
Prgmr is a discount Xen host used by several VTLUUG members. After Linode's 2013 upgrades, Prgmr is not as competitive at higher price tiers.
[[Category:Featured content]]
[[Category:Recommended stuff]]