notlist3d
Legendary
Offline
Activity: 1456
Merit: 1000
|
|
June 01, 2015, 05:13:22 AM |
|
same thing here, not rackmountable, very annoying..
I'm very surprised that they are not rack mountable they had been following that on regular S4's. But I guess a lot of asic data centers use shelves and not racks. So maybe they had asic data centers in mind?
|
|
|
|
Digitalmocking
|
|
June 01, 2015, 05:23:35 AM |
|
same thing here, not rackmountable, very annoying..
I'm going to find some flat headed screws tomorrow and take care of that, it doesn't need much in the way of clearance. Will let you know what I source.
|
|
|
|
supertee
|
|
June 01, 2015, 05:31:08 AM |
|
same thing here, not rackmountable, very annoying..
I'm very surprised that they are not rack mountable they had been following that on regular S4's. But I guess a lot of asic data centers use shelves and not racks. So maybe they had asic data centers in mind? They sell it as rackmountable device, which it is not... so it is no excuse that you usually have it on a shelve.... May it is enough if you leave away the ring washer, I didn't try that and just put them in the rack, as in my pictures above.
|
Passion.
|
|
|
supertee
|
|
June 01, 2015, 09:31:59 PM |
|
btw: it would be great if it was possible to restrict ui access, I only want the miner to be accessible from one (or more) ips... would appreciate if bitmain tech could add this feature in a future firmware upgrade Well, it happened! All of my S4+ (6 in total) have been hijacked... I have different passwords for each device, and they are bulletproof... I've read some posts here and it seems that the developers of cgminer have reported that this will happend to bitmaintech but they didn't care... Even KNC Miner Neptune can restrict access to specific IPs... Seems like the only solution is to put the devices behind a firewall, which is a bit annoying, as the solution would be so easy! Why can I not access the device by ssh and adjust cgminer api? It keeps telling me access denied (on all devices), altough password is correct for sure... Is there some kinda default user/password for ssh? Thanks for your help
|
Passion.
|
|
|
Evan
|
|
June 02, 2015, 12:13:47 AM |
|
btw: it would be great if it was possible to restrict ui access, I only want the miner to be accessible from one (or more) ips... would appreciate if bitmain tech could add this feature in a future firmware upgrade Well, it happened! All of my S4+ (6 in total) have been hijacked... I have different passwords for each device, and they are bulletproof... I've read some posts here and it seems that the developers of cgminer have reported that this will happend to bitmaintech but they didn't care... Even KNC Miner Neptune can restrict access to specific IPs... Seems like the only solution is to put the devices behind a firewall, which is a bit annoying, as the solution would be so easy! Why can I not access the device by ssh and adjust cgminer api? It keeps telling me access denied (on all devices), altough password is correct for sure... Is there some kinda default user/password for ssh? Thanks for your help Profitable..... https://www.nicehash.com/?p=miners&a=1&addr=1NH8i5MPB16K57fNLXeeffBXD3mHhufviR
|
I am poor, but i do work for Coin 1PtHcavXoakgNkQfEQdvnvEksEY2NvwaLM
|
|
|
notlist3d
Legendary
Offline
Activity: 1456
Merit: 1000
|
|
June 02, 2015, 12:36:40 AM |
|
btw: it would be great if it was possible to restrict ui access, I only want the miner to be accessible from one (or more) ips... would appreciate if bitmain tech could add this feature in a future firmware upgrade Well, it happened! All of my S4+ (6 in total) have been hijacked... I have different passwords for each device, and they are bulletproof... I've read some posts here and it seems that the developers of cgminer have reported that this will happend to bitmaintech but they didn't care... Even KNC Miner Neptune can restrict access to specific IPs... Seems like the only solution is to put the devices behind a firewall, which is a bit annoying, as the solution would be so easy! Why can I not access the device by ssh and adjust cgminer api? It keeps telling me access denied (on all devices), altough password is correct for sure... Is there some kinda default user/password for ssh? Thanks for your help This would be very scary. Is your miners in a data center with other? Or are you hosting at your house? Anyways wish you best of luck stopping it. If home I would see about locking down your router. Start there for security.
|
|
|
|
Evan
|
|
June 02, 2015, 12:42:38 AM |
|
btw: it would be great if it was possible to restrict ui access, I only want the miner to be accessible from one (or more) ips... would appreciate if bitmain tech could add this feature in a future firmware upgrade Well, it happened! All of my S4+ (6 in total) have been hijacked... I have different passwords for each device, and they are bulletproof... I've read some posts here and it seems that the developers of cgminer have reported that this will happend to bitmaintech but they didn't care... Even KNC Miner Neptune can restrict access to specific IPs... Seems like the only solution is to put the devices behind a firewall, which is a bit annoying, as the solution would be so easy! Why can I not access the device by ssh and adjust cgminer api? It keeps telling me access denied (on all devices), altough password is correct for sure... Is there some kinda default user/password for ssh? Thanks for your help This would be very scary. Is your miners in a data center with other? Or are you hosting at your house? Anyways wish you best of luck stopping it. If home I would see about locking down your router. Start there for security. spending 15min looking at this I am going to assume datacenter, or like a college network, and I think I've figured out how to do this via the network. Its kind of scary the security gaps in bitmains gear so without logging in I can send via the network /etc/init.d/cgminer restart ......... sooo that stands to reason... You could just scan your local network and see all the other bitmain gear then....set them to work for you.
|
I am poor, but i do work for Coin 1PtHcavXoakgNkQfEQdvnvEksEY2NvwaLM
|
|
|
Digitalmocking
|
|
June 02, 2015, 01:18:56 AM |
|
First thing I did was put an ACL on the switch my bitmain gear is connected to cutting off all traffic other than outbound or management from my workstation.
There was a thread about this months and months ago or maybe in the product thread for the s4 or s5?
|
|
|
|
Romanko
|
|
June 02, 2015, 10:10:08 AM |
|
btw: it would be great if it was possible to restrict ui access, I only want the miner to be accessible from one (or more) ips... would appreciate if bitmain tech could add this feature in a future firmware upgrade Well, it happened! All of my S4+ (6 in total) have been hijacked... I have different passwords for each device, and they are bulletproof... I've read some posts here and it seems that the developers of cgminer have reported that this will happend to bitmaintech but they didn't care... Even KNC Miner Neptune can restrict access to specific IPs... Seems like the only solution is to put the devices behind a firewall, which is a bit annoying, as the solution would be so easy! Why can I not access the device by ssh and adjust cgminer api? It keeps telling me access denied (on all devices), altough password is correct for sure... Is there some kinda default user/password for ssh? Thanks for your help Hello! Part of my s4 models were rock mounted , but after Recieved sp35 I have put them instead because they are thinner. No trouble rock mounting the S4 model, they had in the set the mounting ears. Isn't the s4+ with the same dimensions as s4? Also sorry for your troubles with the high jacked devices. I thought there is a reset button on the front that resets passwords to root. I also wrote you a PM..check it out!
|
|
|
|
supertee
|
|
June 02, 2015, 10:54:56 AM |
|
This would be very scary. Is your miners in a data center with other? Or are you hosting at your house?
Anyways wish you best of luck stopping it. If home I would see about locking down your router. Start there for security.
I have them in my datacenter, directly attached to the internet for testing purposes. Of course it is an easy thing to put them behind a firewall, but this should not be possible... However, I reset them, changed the IPs, changed the ssh password and will put the behind a firewall as soon as I am back at the datacenter. But it seems to be very easy to get hashpower from bitmain products without buying bitmain products... I rather wonder how they got my ips?
|
Passion.
|
|
|
Evan
|
|
June 02, 2015, 11:18:30 AM |
|
This would be very scary. Is your miners in a data center with other? Or are you hosting at your house?
Anyways wish you best of luck stopping it. If home I would see about locking down your router. Start there for security.
I have them in my datacenter, directly attached to the internet for testing purposes. Of course it is an easy thing to put them behind a firewall, but this should not be possible... However, I reset them, changed the IPs, changed the ssh password and will put the behind a firewall as soon as I am back at the datacenter. But it seems to be very easy to get hashpower from bitmain products without buying bitmain products... I rather wonder how they got my ips? One might assume by the type of traffic, or it could be someone in the datacenter
|
I am poor, but i do work for Coin 1PtHcavXoakgNkQfEQdvnvEksEY2NvwaLM
|
|
|
supertee
|
|
June 02, 2015, 11:21:16 AM |
|
There is no access to that part of the datacenter and nobody can see the traffic... might a pool got hacked or something like that?
|
Passion.
|
|
|
notlist3d
Legendary
Offline
Activity: 1456
Merit: 1000
|
|
June 02, 2015, 12:39:13 PM |
|
There is no access to that part of the datacenter and nobody can see the traffic... might a pool got hacked or something like that?
There should be no access in data center but things can happen that should not. I suggest looking into the center. What pool were you using? We can tell more about pool troubles knowing it.
|
|
|
|
supertee
|
|
June 02, 2015, 01:09:28 PM |
|
It is my datacenter, I know that it is in a room where nobody has access. I was on bitminter and kano with the devices.
|
Passion.
|
|
|
notlist3d
Legendary
Offline
Activity: 1456
Merit: 1000
|
|
June 02, 2015, 01:37:33 PM |
|
It is my datacenter, I know that it is in a room where nobody has access. I was on bitminter and kano with the devices. I don't believe either of those have been hacked, at least not that I know about. And with them changing pool makes me think someone accessing machine, as if they had the pool they would still let the miners all mine to it and take the block rewards. I highly suggest looking at your security logs to see if outside IP was connected during time range it switched. I don't mean physical access but remote via internet. I have some on a IP and they have never been hacked (i have hardened my router to help). But if you look at security breaches things that should not happen, does not mean it cannot happen.
|
|
|
|
supertee
|
|
June 02, 2015, 01:56:53 PM |
|
I attached them directly to the internet, too lazy to set something up for my testrun.
|
Passion.
|
|
|
Evan
|
|
June 02, 2015, 02:09:57 PM |
|
It is my datacenter, I know that it is in a room where nobody has access. I was on bitminter and kano with the devices. Check your Logs, see where the change came from, also update your passwords. From what I understand its a flaw in the bitmain system. And people could just be scanning for devices. Its not hard to scan a full subnet for a device that reports it's self as Antminer, then launch a relatively non-sophisticated attack.
|
I am poor, but i do work for Coin 1PtHcavXoakgNkQfEQdvnvEksEY2NvwaLM
|
|
|
dogie
Legendary
Offline
Activity: 1666
Merit: 1185
dogiecoin.com
|
|
June 02, 2015, 02:33:46 PM |
|
It is my datacenter, I know that it is in a room where nobody has access. I was on bitminter and kano with the devices. Check your Logs, see where the change came from, also update your passwords. From what I understand its a flaw in the bitmain system. And people could just be scanning for devices. Its not hard to scan a full subnet for a device that reports it's self as Antminer, then launch a relatively non-sophisticated attack. This was looked at previously. It requires publicly accessible IP addresses which co-locations often use. Secure your gear behind a firewall.
|
|
|
|
notlist3d
Legendary
Offline
Activity: 1456
Merit: 1000
|
|
June 02, 2015, 03:34:11 PM |
|
I attached them directly to the internet, too lazy to set something up for my testrun. This would explain it. It's not just about physical access. If your putting any device miner or other put up a firewall unless for some reason you cannot have it. Now that they have seen those IP's you for sure need to change them from test run to regular behind router and possibly other equipment if it's a true data center.
|
|
|
|
dogie
Legendary
Offline
Activity: 1666
Merit: 1185
dogiecoin.com
|
|
June 02, 2015, 04:06:08 PM |
|
Now that they have seen those IP's you for sure need to change them from test run to regular behind router and possibly other equipment if it's a true data center.
Yep. They'll have added those IPs to the script they use so regardless of how many times you reset it, the script will still change it back when it runs. It may even be entirely operated, just scouting around for open IPs and hardware.
|
|
|
|
|