Bitcoin Forum
December 03, 2016, 12:36:00 AM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: « 1 ... 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 [107] 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 »
  Print  
Author Topic: [0Th]Ozcoin Pooled Mining |DGM 1%|Stratum+VarDiff port 80|NEW CN mining|  (Read 367922 times)
Wayno
Member
**
Offline Offline

Activity: 61


View Profile
April 21, 2013, 04:15:24 AM
 #2121

IM BATMAN!

Compromised account? Might explain a number of things if a similar/same password was used for the coding he did.

lmfao completely different passwords here.

i was bored.

YinCoin YangCoin ☯☯First Ever POS/POW Alternator! Multipool! ☯ ☯ http://yinyangpool.com/ 
Free Distribution! https://bitcointalk.org/index.php?topic=623937
1480725360
Hero Member
*
Offline Offline

Posts: 1480725360

View Profile Personal Message (Offline)

Ignore
1480725360
Reply with quote  #2

1480725360
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1480725360
Hero Member
*
Offline Offline

Posts: 1480725360

View Profile Personal Message (Offline)

Ignore
1480725360
Reply with quote  #2

1480725360
Report to moderator
1480725360
Hero Member
*
Offline Offline

Posts: 1480725360

View Profile Personal Message (Offline)

Ignore
1480725360
Reply with quote  #2

1480725360
Report to moderator
Raize
Donator
Legendary
*
Offline Offline

Activity: 1374


View Profile
April 21, 2013, 04:18:24 AM
 #2122

Okay, sorry I freaked. I've been spending the better half of today tracking down various Runescape hackers dealing in Bitcoin.

OrganofCorti's Neighbourhood Pool Watch - The most informative website on blockchain health
organofcorti
Donator
Legendary
*
Offline Offline

Activity: 1946


Poor impulse control.


View Profile WWW
April 21, 2013, 04:30:05 AM
 #2123

IM BATMAN!

Compromised account? Might explain a number of things if a similar/same password was used for the coding he did.
No just Wayno being Wayno

In other news the police computer crime division only works Monday to Friday 9am -5pm, I'll call again during office hours

Just as well computer crimes are only committed between Monday to Friday, 9 - 5. Not sure what we'd do if those criminals started keeping odd hours.

Bitcoin network and pool analysis 12QxPHEuxDrs7mCyGSx1iVSozTwtquDB3r
follow @oocBlog for new post notifications
Graet
VIP
Legendary
*
Offline Offline

Activity: 980



View Profile WWW
April 21, 2013, 04:52:00 AM
 #2124

IM BATMAN!

Compromised account? Might explain a number of things if a similar/same password was used for the coding he did.
No just Wayno being Wayno

In other news the police computer crime division only works Monday to Friday 9am -5pm, I'll call again during office hours

Just as well computer crimes are only committed between Monday to Friday, 9 - 5. Not sure what we'd do if those criminals started keeping odd hours.
ROFL gotta try eh :/

Good news is server is ready to go back into colocation, it ill be in "maintainance mode" while we finish up some stuff and shares catch up.
More news as it comes to hand
Cheers
Graet

| Ozcoin Pooled Mining Pty Ltd https://ozcoin.net Double Geometric Reward System https://lc.ozcoin.net for Litecoin mining DGM| https://crowncloud.net VPS and Dedicated Servers for the BTC community
kaerf
Hero Member
*****
Offline Offline

Activity: 631


View Profile
April 21, 2013, 06:36:52 AM
 #2125

do you know how you were compromised? putting the same code back up might just let the hacker back in...
Graet
VIP
Legendary
*
Offline Offline

Activity: 980



View Profile WWW
April 21, 2013, 07:01:24 AM
 #2126

do you know how you were compromised? putting the same code back up might just let the hacker back in...
yes we do...would be silly eh?

| Ozcoin Pooled Mining Pty Ltd https://ozcoin.net Double Geometric Reward System https://lc.ozcoin.net for Litecoin mining DGM| https://crowncloud.net VPS and Dedicated Servers for the BTC community
zebedee
Donator
Hero Member
*
Offline Offline

Activity: 666



View Profile
April 21, 2013, 09:19:52 AM
 #2127

do you know how you were compromised? putting the same code back up might just let the hacker back in...
yes we do...would be silly eh?

Can you share what happened?  Might be useful for others.
kslavik
Sr. Member
****
Offline Offline

Activity: 348


View Profile
April 21, 2013, 02:37:14 PM
 #2128

Graet,

I'm very sorry for what happened, You run the great pool and I hope that your pool would survive for the sake of the bitcoin network.

Nevertheless:  What do you use to store passwords inside the database. Is there a possibility that password hashes were compromised during the last break in? What algorithm do you use to store password hashes inside the database: SHA1, SHA256, do you use salt? I'm asking because many users are using the same password and username with many pools and online accounts.

Thank you
roomservice
Full Member
***
Offline Offline

Activity: 190



View Profile
April 21, 2013, 02:48:53 PM
 #2129

Graet,

I'm very sorry for what happened, You run the great pool and I hope that your pool would survive for the sake of the bitcoin network.

Nevertheless:  What do you use to store passwords inside the database. Is there a possibility that password hashes were compromised during the last break in? What algorithm do you use to store password hashes inside the database: SHA1, SHA256, do you use salt? I'm asking because many users are using the same password and username with many pools and online accounts.

Thank you

ozcoin uses drupal 7 function user_hash_password:
http://api.drupal.org/api/drupal/includes!password.inc/function/user_hash_password/7

Drupal 7 use SHA512 by default with a salt. It runs the hash through PHP's hash function numerous times to increase the computation cost of generating a password's final hash (a security technique called stretching).

"Tonight's the night. And it's going to happen again, and again. It has to happen. Nice night."
Inspector 2211
Sr. Member
****
Offline Offline

Activity: 383



View Profile
April 21, 2013, 05:36:49 PM
 #2130

do you know how you were compromised? putting the same code back up might just let the hacker back in...
yes we do...would be silly eh?


So - pray tell!
Graet
VIP
Legendary
*
Offline Offline

Activity: 980



View Profile WWW
April 21, 2013, 09:00:35 PM
 #2131

Main server is back up but in "maintainance mode"
Cached shares are being counted at the moment
a bit more to do before we can make the site live
getting close though Smiley
Best wishes
Graet

| Ozcoin Pooled Mining Pty Ltd https://ozcoin.net Double Geometric Reward System https://lc.ozcoin.net for Litecoin mining DGM| https://crowncloud.net VPS and Dedicated Servers for the BTC community
felente
Full Member
***
Offline Offline

Activity: 143



View Profile
April 22, 2013, 02:43:10 AM
 #2132

i'm not a regular miner at ozcoin but respect it and Graet - based on his posts at this forum.
it would be very pity to let this pool disappear. have just detached one miner from slush's and pointed to ozcoin as my solidarity. that's not too much hashes - just what i can afford to spend then...

do not give up
Graet
VIP
Legendary
*
Offline Offline

Activity: 980



View Profile WWW
April 22, 2013, 07:23:46 AM
 #2133

Website back online  Smiley
webserver has had a clean install on new HDDs old HDDs still under forensic investigation
The pool forum and some other drupal modules disabled - we are looking forward to a new front end soon
Still some finishing up to do
eustratum mining node was where the exploit started, code has been changed and that node is offline until reinstalled.

I missed some emails during the downtime - if I have not responded, please resend, thanks

Hopefully there will be more good news within 24hours

I am amazed and even overwhelmed at times by the offers of help and the many ways people have contacted me with messages of support. Please know every one of you has made a difference, even if I have not been able to thank you personally. I feel humbled but more determined than ever to continue my involvement in Bitcoin, get Ozcoin back on a good footing and see where this amazing experiment takes us next Smiley

Best wishes and thanks all
Graeme









| Ozcoin Pooled Mining Pty Ltd https://ozcoin.net Double Geometric Reward System https://lc.ozcoin.net for Litecoin mining DGM| https://crowncloud.net VPS and Dedicated Servers for the BTC community
arklan
Legendary
*
Offline Offline

Activity: 1204


Just along for the ride...


View Profile
April 22, 2013, 07:25:59 AM
 #2134

in simple terms: YAY!
LazyOtto
Sr. Member
****
Offline Offline

Activity: 476


View Profile
April 22, 2013, 07:34:09 AM
 #2135

Website back online  Smiley
Not for me.

https://ozcoin.net/

Is there an incantation which should be used other than that?
zero-asic
Member
**
Offline Offline

Activity: 79


View Profile
April 22, 2013, 07:38:53 AM
 #2136

Website back online  Smiley

Thank you for all your hard work Graet!

I pointed my Avalons back at Ozcoin.  I updated the firmware and cranked up the clock.  They sit at ~140GHash/s.

I'm sitting at number 2 on the Top 20 Chart.  Can anyone knock me down? Cheesy

Edit: I got knocked down! Cheesy

Eloipool + bitcoind Ubuntu 12.04 install scripts: https://bitcointalk.org/index.php?topic=171782.0
Graet
VIP
Legendary
*
Offline Offline

Activity: 980



View Profile WWW
April 22, 2013, 08:17:58 AM
 #2137

Website back online  Smiley
Not for me.

https://ozcoin.net/

Is there an incantation which should be used other than that?
Batman forgot to do the https:// fixing it right now
and fixed

| Ozcoin Pooled Mining Pty Ltd https://ozcoin.net Double Geometric Reward System https://lc.ozcoin.net for Litecoin mining DGM| https://crowncloud.net VPS and Dedicated Servers for the BTC community
LazyOtto
Sr. Member
****
Offline Offline

Activity: 476


View Profile
April 22, 2013, 08:30:30 AM
 #2138

I hit the site. And logged in.

Looks like you are back on-line.

Congratulations.

And my sincere best wishes.

-- edit

Looks like there's still cached shares / history to catch up with.

I show unconfirmed credits even though it is *way* past twenty hours since I submitted a share.

NP. Just FYI.
Mikej0h
Full Member
***
Offline Offline

Activity: 121

Life is short, play long


View Profile
April 22, 2013, 08:47:02 AM
 #2139

Fantastic the pool is getting back up.
Hopefully you were able to tackle this issue, so this doesn't reoccur up.

I will change my miners back to your pool when I get back from work.

I noticed in the payout screen, the "unsuccessful payout" (to the hacker) is still listed as payout.
Is this going to be corrected/send out later again?
Graet
VIP
Legendary
*
Offline Offline

Activity: 980



View Profile WWW
April 22, 2013, 09:33:48 AM
 #2140

I hit the site. And logged in.

Looks like you are back on-line.

Congratulations.

And my sincere best wishes.

-- edit

Looks like there's still cached shares / history to catch up with.

I show unconfirmed credits even though it is *way* past twenty hours since I submitted a share.

NP. Just FYI.
if you are on DGM you will be paid for several rounds after you stop mining, it is the "tail off"

Fantastic the pool is getting back up.
Hopefully you were able to tackle this issue, so this doesn't reoccur up.

I will change my miners back to your pool when I get back from work.

I noticed in the payout screen, the "unsuccessful payout" (to the hacker) is still listed as payout.
Is this going to be corrected/send out later again?

I asked for this to be done before we went live
will investigate what is going on :/

| Ozcoin Pooled Mining Pty Ltd https://ozcoin.net Double Geometric Reward System https://lc.ozcoin.net for Litecoin mining DGM| https://crowncloud.net VPS and Dedicated Servers for the BTC community
Pages: « 1 ... 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 [107] 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!