VPS Recommendations - futures io
futures io futures trading



VPS Recommendations


Discussion in Trading Reviews and Vendors

Updated by Obelixtrader
      Top Posters
    1. looks_one sam028 with 5 posts (14 thanks)
    2. looks_two Big Mike with 4 posts (11 thanks)
    3. looks_3 Jura with 3 posts (0 thanks)
    4. looks_4 RM99 with 3 posts (0 thanks)
      Best Posters
    1. looks_one artemiso with 3.0 thanks per post
    2. looks_two sam028 with 2.8 thanks per post
    3. looks_3 Big Mike with 2.8 thanks per post
    4. looks_4 Rajiv with 1.5 thanks per post
    1. trending_up 16,119 views
    2. thumb_up 38 thanks given
    3. group 18 followers
    1. forum 32 replies
    2. attach_file 0 attachments




Welcome to futures io: the largest futures trading community on the planet, with well over 100,000 members
  • Genuine reviews from real traders, not fake reviews from stealth vendors
  • Quality education from leading professional traders
  • We are a friendly, helpful, and positive community
  • We do not tolerate rude behavior, trolling, or vendors advertising in posts
  • We are here to help, just let us know what you need
You'll need to register in order to view the content of the threads and start contributing to our community.  It's free and simple.

-- Big Mike, Site Administrator

(If you already have an account, login at the top of the page)

 
Search this Thread
 

VPS Recommendations

(login for full post details)
  #21 (permalink)
HK, Hong Kong
 
Experience: Advanced
Platform: Multicharts
Trading: ES, CL, FX, Bonds
 
Posts: 4 since Jun 2012
Thanks: 1 given, 1 received


Big Mike View Post
That is not really accurate. The site owner (ie: sam028) will provide you with an initial password to your box. It is a password for the Administrator account in Windows.

You then login to Windows, and change the password to something only you know. You can also then check the Users/Groups on the box to confirm there are no additional accounts. You can also check Services and Firewall to confirm there are no back doors. All of this goes hand in hand with using a reputable vendor.

Sam028 would not have access to your system. Technically speaking, if someone had physical access to the server at the datacenter, then there are brute force / password recovery tools to break in without the Windows administrator password. In that case, you could use an Encrypted File System - but if you are this paranoid, then you have a major problem no matter what you do really.

Short answer, sam028 does not have access to any of your stuff or files unless you don't change the password (which would be stupid on your part), or unless you specifically give him the new administrator password (ie: you need his assistance with something).

Mike

Thanks Mike - I won't worry about bruteforce physical access thing. If you are correct that once I change the admin password and make sure there are no more accounts on the box, then Sam028 has no access. Then it is great and it addresses my concern. It will be great if Sam028 can confirm this (Sam if you are reading this).

Let me point to another thread outside of futures.io (formerly BMT) (hopefully it is ok) that has caused me to wonder on this aspect of the security. The writer below runs a VPS firm. He clearly suggests that staff at the firm have a "support" password. He explains in detail about the processes that they typically have at VPS firm to ensure some staff doesn't steal IP from the virtual machine. However, he nowhere mentions that something as simple as just changing the admin password will render it impossible for VPS company staff to access the VM. So, it appears from reading his comments, that even after changing admin passwords to your VPS, admins retain access to it through some support password. If my understanding is wrong on this aspect, I will be happier.


Quoting 
Security issues when using a VPS to trade? - MQL4 forum
BarrySDCA 2012.05.31 06:52
I can't speak for all hosting companies but...

Not likely to go unnoticed. When employees access servers it is in response to either a support ticket or abuse. There is no one magic password to login to every subscriber's server. Everyone is different. And so the tech would need to access the subscribers account record (usually subsequent to a support ticket) to obtain the support password and from there enter the VM. It's all logged and reviewed with other security related reports - and any abnormality would easily stick out like a sore thumb. The support password is unique to each VM and changes randomly.

All our employees go through thorough background checks even the coders that never actually login to a subscriber's server. There are even measures in place to prevent say a kidnapping and subsequent data breach.

This kind of stuff is very serious here.


Reply With Quote

Can you help answer these questions
from other members on futures io?
SPY, QQQ Weekly Closing Range Probabilities
Traders Hideout
Market Replay and Fills (Denali data)
Sierra Chart
Delta PVP ( POC )
MultiCharts
Das Trader Pro
Platforms and Indicators
Thanksgiving 2020 Fundraiser - lets be grateful!
Feedback and Announcements
 
 
(login for full post details)
  #22 (permalink)
Site Administrator
Manta, Ecuador
 
Experience: Advanced
Platform: My own custom solution
Trading: Emini Futures
 
Big Mike's Avatar
 
Posts: 49,127 since Jun 2009
Thanks: 31,792 given, 95,644 received


Rajiv View Post
Let me point to another thread outside of futures.io (formerly BMT) (hopefully it is ok) that has caused me to wonder on this aspect of the security. The writer below runs a VPS firm. He clearly suggests that staff at the firm have a "support" password. He explains in detail about the processes that they typically have at VPS firm to ensure some staff doesn't steal IP from the virtual machine. However, he nowhere mentions that something as simple as just changing the admin password will render it impossible for VPS company staff to access the VM. So, it appears from reading his comments, that even after changing admin passwords to your VPS, admins retain access to it through some support password. If my understanding is wrong on this aspect, I will be happier.

That is just that company insisting on having a backdoor. I wouldn't use such a company. No one has access to my boxes but me, and I am sure @sam028 is the same way.

Mike

We're here to help -- just ask

For the best trading education, watch our webinars
Searching for trading reviews? Review this list

Follow us on Twitter, YouTube, and Facebook

Support our community as an Elite Member:
https://futures.io/elite/
Follow me on Twitter Visit my Facebook Visit my futures io Trade Journal Reply With Quote
The following user says Thank You to Big Mike for this post:
 
(login for full post details)
  #23 (permalink)
Site Moderator
 
 
sam028's Avatar
 
Posts: 3,652 since Jun 2009
Thanks: 3,770 given, 4,468 received


I can confirm that I'm asking each new user, when he begins its one week trial, to change this password.
I also mention in the introduction email that we are not doing backups of our users VPS, so we can't have access to their data. A small tool is installed on our VPS to block each IP trying to log in more than 3 times with a wrong password.
When a guy is losing its Administrator password (like someone in this forum who decided to change its password after a long party with a lot of alcohol it seems ), we usually re-install a new VPS.
So the support do not have our customers password, and if they want us to take a look at their VPS, they change the password and we check what we have to check. It can be done with the customer seeing what we're doing, but most of the time I do this alone, with their approval. It's also because they know me a bit, enough to trust me.
In my case, I'm also selecting my customers: I have to trust them (no pirated software, IRC servers, game server, torrents download, ... on the VPS, it's made for trading), so they should trust me a bit too.
I won't go into details, but it should be possible to crack a VPS Admin password, when you're admin of the physical server. Not easy and long, but possible.

But let's see what happen, if someone have access to, let's say 200 systems.
What next?
Use all these systems?
Backtest and opimize them one by one?
What are the good parameters/instruments?
Ready to risk real money with someone else ideas, risk tolerance and start capital?
Nobody will do that, unless being really insane.

Just for the story, on of my customer asked some help and advice for his strategy, which was running in simulation on a VPS. After some time we talked a bit, I help him to check his results (which were very good), and to thank me he offered me to use his strategy myself, for my own accounts. I told him that I won't use it, because the contract traded was too big for me, it was not my idea so I'll never 100% trust it, and for few other logical reasons.
If a system thief can think a bit, he'll do the same, that's why I don't think it's so critical to have a strategy/system stolen, if it happens. The real risk is someone connecting on your account, and blow it for fun, or trying to steal the money's account, but with only an access to the machine, it's impossible (if you have to give, like for IB, your birth date, your first pet name, and a ton of personal questions).

BTW, I'm not sure to understand why the other VPS company needs to have an access, but I don't think we have the same kind of users, as it seems to be more Forex/MT4 oriented (small accounts, young guys who wants some fun an emotions losing $0.002 ), and they accept everybody.
I don't think I have a single MT4 customer, but mostly futures/stocks/options traders, and some small hedge funds.

And last word (I didn't expect to be so loooong....), if you're really paranoid with a server, just unplug the power cord and the ethernet cable .


Rajiv View Post
Thanks Mike - I won't worry about bruteforce physical access thing. If you are correct that once I change the admin password and make sure there are no more accounts on the box, then Sam028 has no access. Then it is great and it addresses my concern. It will be great if Sam028 can confirm this (Sam if you are reading this).

Let me point to another thread outside of futures.io (formerly BMT) (hopefully it is ok) that has caused me to wonder on this aspect of the security. The writer below runs a VPS firm. He clearly suggests that staff at the firm have a "support" password. He explains in detail about the processes that they typically have at VPS firm to ensure some staff doesn't steal IP from the virtual machine. However, he nowhere mentions that something as simple as just changing the admin password will render it impossible for VPS company staff to access the VM. So, it appears from reading his comments, that even after changing admin passwords to your VPS, admins retain access to it through some support password. If my understanding is wrong on this aspect, I will be happier.


Success requires no deodorant! (Sun Tzu)
Follow me on Twitter Reply With Quote
The following 7 users say Thank You to sam028 for this post:
 
(login for full post details)
  #24 (permalink)
The Netherlands
 
Experience: None
Platform: MultiCharts, TradingView
Trading: ...
 
Jura's Avatar
 
Posts: 774 since Apr 2010
Thanks: 2,347 given, 686 received


sam028 View Post
I can confirm that I'm asking each new user, when he begins its one week trial, to change this password.
I also mention in the introduction email that we are not doing backups of our users VPS, so we can't have access to their data. A small tool is installed on our VPS to block each IP trying to log in more than 3 times with a wrong password.

Thanks Sam for this thoughtful response. I'm not yet in the market for a VPS, but you almost already sold me one.

On a more serious note, would it be possible to limit the VPS log-ins to a certain range of IP Addresses? For example, wouldn't it be safer for your own VPS if you exclude all non-French visitors from accessing the VPS in the first place? Or would this give a false sense of security, since a hacker can than use a French pc to attack you?

Reply With Quote
 
(login for full post details)
  #25 (permalink)
Site Moderator
 
 
sam028's Avatar
 
Posts: 3,652 since Jun 2009
Thanks: 3,770 given, 4,468 received


Jura View Post
Thanks Sam for this thoughtful response. I'm not yet in the market for a VPS, but you almost already sold me one.

On a more serious note, would it be possible to limit the VPS log-ins to a certain range of IP Addresses? For example, wouldn't it be safer for your own VPS if you exclude all non-French visitors from accessing the VPS in the first place? Or would this give a false sense of security, since a hacker can than use a French pc to attack you?

You can allow the connection to only some specific IP ranges, so if you have the IP range of a single country, that's is possible (in theory). But these IP geo-location stuff is not 100% reliable.
The best solution is, IMHO, to let your VPS act as VPN server, and then connect to your VPS using your client VPN network interface to log in.
I started to write what's in place to avoid hacking, but finally I won't give too much details for security purposes.

Success requires no deodorant! (Sun Tzu)
Follow me on Twitter Reply With Quote
The following 3 users say Thank You to sam028 for this post:
 
(login for full post details)
  #26 (permalink)
Site Administrator
Manta, Ecuador
 
Experience: Advanced
Platform: My own custom solution
Trading: Emini Futures
 
Big Mike's Avatar
 
Posts: 49,127 since Jun 2009
Thanks: 31,792 given, 95,644 received

@artemiso can you create a NinjaTrader script to visually demonstrate the latency between different locations when it comes to market order execution?

Perhaps outputting to excel CSV so data can be plotted?

I would like to run from various servers and share the data

Sent from my Nexus 4

We're here to help -- just ask

For the best trading education, watch our webinars
Searching for trading reviews? Review this list

Follow us on Twitter, YouTube, and Facebook

Support our community as an Elite Member:
https://futures.io/elite/
Follow me on Twitter Visit my Facebook Visit my futures io Trade Journal Reply With Quote
The following 3 users say Thank You to Big Mike for this post:
 
(login for full post details)
  #27 (permalink)
Site Administrator
Manta, Ecuador
 
Experience: Advanced
Platform: My own custom solution
Trading: Emini Futures
 
Big Mike's Avatar
 
Posts: 49,127 since Jun 2009
Thanks: 31,792 given, 95,644 received

@artemiso, you there? (see above post)

Mike

We're here to help -- just ask

For the best trading education, watch our webinars
Searching for trading reviews? Review this list

Follow us on Twitter, YouTube, and Facebook

Support our community as an Elite Member:
https://futures.io/elite/
Follow me on Twitter Visit my Facebook Visit my futures io Trade Journal Reply With Quote
The following user says Thank You to Big Mike for this post:
 
(login for full post details)
  #28 (permalink)
Market Wizard
New York, NY
 
Experience: Beginner
Platform: Vanguard 401k
Broker: Yahoo Finance
Trading: Mutual funds
 
Posts: 1,098 since Jul 2012
Thanks: 747 given, 2,427 received

Hey,

I'm sorry but it would be a project of undertaking beyond my time and means. I think it's better to be honest about this than promise anything and fail to deliver. Thanks for your appreciation.

Reply With Quote
The following 3 users say Thank You to artemiso for this post:
 
(login for full post details)
  #29 (permalink)
Orlando, Florida
 
Experience: None
Platform: shoes
Trading: happy
 
GaryD's Avatar
 
Posts: 6,462 since May 2011


sam028 View Post
I can confirm that I'm asking each new user, when he begins its one week trial, to change this password.

Sam, I am having some issues related to loss of information in high data times, the CL EIA report, for example. I have been talking to my ISP about bumping up my service, but already run at 20mbps service and receiving about 16mbps on a test to Chicago or New York from Orlando. Pingtest shows me to be about 70-80 ms.

Would running on a VPS help me get better resuts than I am getting now? I just leaned about it this morning, and your thread here was the first thing I saw that made some sense to me. I saw the "free trial" mentioned and am curious. Thanks.

Reply With Quote
 
(login for full post details)
  #30 (permalink)
Site Moderator
 
 
sam028's Avatar
 
Posts: 3,652 since Jun 2009
Thanks: 3,770 given, 4,468 received



GaryD View Post
Sam, I am having some issues related to loss of information in high data times, the CL EIA report, for example. I have been talking to my ISP about bumping up my service, but already run at 20mbps service and receiving about 16mbps on a test to Chicago or New York from Orlando. Pingtest shows me to be about 70-80 ms.

Would running on a VPS help me get better resuts than I am getting now? I just leaned about it this morning, and your thread here was the first thing I saw that made some sense to me. I saw the "free trial" mentioned and am curious. Thanks.

Your problem is maybe not the bandwidth itself, but the latency and the quality of your data feed provider.
16 mb/s is more than enough for market data burst.

Send me a PM if you want to try a VPS, or use the contact page on my (ugly) web site, futures.io (formerly BMT) fellows are always welcome .

Success requires no deodorant! (Sun Tzu)
Follow me on Twitter Reply With Quote
The following 4 users say Thank You to sam028 for this post:


futures io Trading Community Trading Reviews and Vendors > VPS Recommendations


January 19, 2018


Upcoming Webinars and Events
 

Bookmap

Nov TBD
     



Copyright © 2020 by futures io, s.a., Av Ricardo J. Alfaro, Century Tower, Panama, +507 833-9432, info@futures.io
All information is for educational use only and is not investment advice.
There is a substantial risk of loss in trading commodity futures, stocks, options and foreign exchange products. Past performance is not indicative of future results.
no new posts