I think this Mikael guy (https://terrascope.be/en/forum/virtual-machines/please-keep-terrascope-safe) had a good point on security concerns according to his previous post (https://snowice.yourenvybook.ml/please-keep-terrascope-safe.html). The internet is wild and crazy, we couldn't guarantee everyone is innocent and harmless.
1. Some users may host illegal services (or do evil things) exposed to outside world by the free Cloudflare Argo Tunnel (or by their own self-hosted similar tools) 2. Crypto Mining 3. P2P/Torrents video hosting, which may result in some digital copyright lawsuits
For crypto mining, it's not very hard to tell (1. It's easy to figure it out by high CPU loads for long term; 2. Another easy way is by network traffic, if there're some suspicous traffic to mining pools, they're definitely not innocent and unguilty. You can do some web scraping to fetch these mining pools addresses from here: https://miningpoolstats.stream/, which included most of main mining pools)
I think these tools can be broadly classified into the following categories: 1. Proxy over HTTPS (or HTTP Stream) or Websocket (Glad to see you have HTTP inspection to handle this situation) 2. TCP based proxy solutions 3. Overlay networks. The easy part is to monitor the outbound traffic of userVM, if there's big traffic in days even weeks, they're definitely use these tools with bad intentions (This solution also applies to issue-3 since they need to be exposed to outside world). The hard way is to analyse or inspect the network traffic, which is not easy and requires a lot of work.
1. I think you need to check the abnormal requests, if there're dozens even hundreds of new userVM requests in some day, it's not normal, it's more like spreadings from some private chat groups or other illegal forums.
2. Please add the following information to the userVM request page: English (Strong, highlighted): Crypto Mining, VPN/Proxy, P2P/Torrents Video Hosting or other illegal services against our TOS (https://terrascope.be/en/terms-use) are strictly Prohibited. Chinese (Must have): 本平台一律禁止挖矿、PT(视频、音频做种)、VPN代理、私自搭建网盘(或其它非法获利服务)等其它违反TOS(https://terrascope.be/en/terms-use)行为. VM自带监控和审计系统, 请不要自作聪明, 一再挑战我们的底线, 本平台对任何有违TOS的行为零容忍. Hindi: क्रिप्टो माइनिंग, वीपीएन/प्रॉक्सी, पी2पी/टोरेंट वीडियो होस्टिंग या हमारी टीओएस (https://terrascope.be/en/terms-use) के खिलाफ अन्य अवैध सेवाएं सख्ती से प्रतिबंधित हैं (Sorry for using google translate) Russian: Крипто-майнинг, VPN/прокси, видеохостинг P2P/Torrents или другие незаконные услуги, противоречащие нашим TOS (https://terrascope.be/en/terms-use), строго запрещены. (Sorry for using google translate) Arabic (Sorry for using google translate): يحظر تمامًا تعدين التشفير أو VPN / Proxy أو P2P / Torrents Video Hosting أو غيرها من الخدمات غير القانونية ضد TOS (https://terrascope.be/en/terms-use).
That's all what we hope for ! Gerrit
First we would like to thank you for your constructive input regarding our service. Please know that we take security on our systems seriously and they are monitored for irregular activity. Without going into details, for obvious reasons, we would like to stress that the provided resources are isolated from each other. Their access to the outside web is restricted while traffic that is allowed is monitored for suspicious activity. and system metrics are collected. Most of the risks that have been laid out in your post are on our radar, and security guards are in place. Of course a 100% secure environment is not possible, but we continue working to get as close to that goal as possible while respecting usability. We welcome all constructive input, now and in the future. However, please reach out to us in private through the contact form at the bottom of this page in case you would like to report a detailed security issue. This way we can work together to resolve it and make the platform safer.