Bitcoin Forum
November 14, 2024, 12:17:16 AM *
News: Check out the artwork 1Dq created to commemorate this forum's 15th anniversary
 
   Home   Help Search Login Register More  
Pages: « 1 ... 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 [107] 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 »
  Print  
Author Topic: [0Th]Ozcoin Pooled Mining |DGM 1%|Stratum+VarDiff port 80|NEW CN mining|  (Read 398401 times)
organofcorti
Donator
Legendary
*
Offline Offline

Activity: 2058
Merit: 1007


Poor impulse control.


View Profile WWW
April 21, 2013, 04:30:05 AM
 #2121

IM BATMAN!

Compromised account? Might explain a number of things if a similar/same password was used for the coding he did.
No just Wayno being Wayno

In other news the police computer crime division only works Monday to Friday 9am -5pm, I'll call again during office hours

Just as well computer crimes are only committed between Monday to Friday, 9 - 5. Not sure what we'd do if those criminals started keeping odd hours.

Bitcoin network and pool analysis 12QxPHEuxDrs7mCyGSx1iVSozTwtquDB3r
follow @oocBlog for new post notifications
Graet (OP)
VIP
Legendary
*
Offline Offline

Activity: 980
Merit: 1001



View Profile WWW
April 21, 2013, 04:52:00 AM
 #2122

IM BATMAN!

Compromised account? Might explain a number of things if a similar/same password was used for the coding he did.
No just Wayno being Wayno

In other news the police computer crime division only works Monday to Friday 9am -5pm, I'll call again during office hours

Just as well computer crimes are only committed between Monday to Friday, 9 - 5. Not sure what we'd do if those criminals started keeping odd hours.
ROFL gotta try eh :/

Good news is server is ready to go back into colocation, it ill be in "maintainance mode" while we finish up some stuff and shares catch up.
More news as it comes to hand
Cheers
Graet

| Ozcoin Pooled Mining Pty Ltd https://ozcoin.net Double Geometric Reward System https://lc.ozcoin.net for Litecoin mining DGM| https://crowncloud.net VPS and Dedicated Servers for the BTC community
kaerf
Hero Member
*****
Offline Offline

Activity: 631
Merit: 500


View Profile
April 21, 2013, 06:36:52 AM
 #2123

do you know how you were compromised? putting the same code back up might just let the hacker back in...
Graet (OP)
VIP
Legendary
*
Offline Offline

Activity: 980
Merit: 1001



View Profile WWW
April 21, 2013, 07:01:24 AM
 #2124

do you know how you were compromised? putting the same code back up might just let the hacker back in...
yes we do...would be silly eh?

| Ozcoin Pooled Mining Pty Ltd https://ozcoin.net Double Geometric Reward System https://lc.ozcoin.net for Litecoin mining DGM| https://crowncloud.net VPS and Dedicated Servers for the BTC community
zebedee
Donator
Hero Member
*
Offline Offline

Activity: 668
Merit: 500



View Profile
April 21, 2013, 09:19:52 AM
 #2125

do you know how you were compromised? putting the same code back up might just let the hacker back in...
yes we do...would be silly eh?

Can you share what happened?  Might be useful for others.
kslavik
Sr. Member
****
Offline Offline

Activity: 441
Merit: 250


GET IN - Smart Ticket Protocol - Live in market!


View Profile
April 21, 2013, 02:37:14 PM
 #2126

Graet,

I'm very sorry for what happened, You run the great pool and I hope that your pool would survive for the sake of the bitcoin network.

Nevertheless:  What do you use to store passwords inside the database. Is there a possibility that password hashes were compromised during the last break in? What algorithm do you use to store password hashes inside the database: SHA1, SHA256, do you use salt? I'm asking because many users are using the same password and username with many pools and online accounts.

Thank you


               ████
             ███  ███
           ████     ███
         ███  ███    ███
       ████     ███    ███
     ███  ███     ███    ███
   ████     ███     ███   ██
 ███  ███     █████████████████
███     ███     ███           ██
 ███      ███     ██          ██
   ███      ██████████      ███
     ███      ██████      ███
       ███      ██      ███
         ███          ███
           ███      ███
             ███  ███
               ████

GUTS
    ███
███
███
███
███
███
███
███
███
███
███
███
███
███
   
smart-ticket protocol for events
live product with market traction!
    ███
███
███
███
███
███
███
███
███
███
███
███
███
███
   
  BTC ANN
  WEBSITE
  BLOG
   
  SANDBOX
  WHITEPAPER
  BOUNTY
   
roomservice
Full Member
***
Offline Offline

Activity: 199
Merit: 100



View Profile
April 21, 2013, 02:48:53 PM
 #2127

Graet,

I'm very sorry for what happened, You run the great pool and I hope that your pool would survive for the sake of the bitcoin network.

Nevertheless:  What do you use to store passwords inside the database. Is there a possibility that password hashes were compromised during the last break in? What algorithm do you use to store password hashes inside the database: SHA1, SHA256, do you use salt? I'm asking because many users are using the same password and username with many pools and online accounts.

Thank you

ozcoin uses drupal 7 function user_hash_password:
http://api.drupal.org/api/drupal/includes!password.inc/function/user_hash_password/7

Drupal 7 use SHA512 by default with a salt. It runs the hash through PHP's hash function numerous times to increase the computation cost of generating a password's final hash (a security technique called stretching).

"Tonight's the night. And it's going to happen again, and again. It has to happen. Nice night."
Inspector 2211
Sr. Member
****
Offline Offline

Activity: 448
Merit: 250



View Profile
April 21, 2013, 05:36:49 PM
 #2128

do you know how you were compromised? putting the same code back up might just let the hacker back in...
yes we do...would be silly eh?


So - pray tell!

               ▄█▄
            ▄█ ▀█▀
     ▄ ▄███▄▄████▄▀ ▄▄▀▄
    ▀█▄████
██████▀▄█████▀▄▀
   ▄█▀▄
███████████████████▄
 ▄██▀█▀
▀▀▀███▀▀▀█████▄▄▄▀█▀▄
 ▄█▀▀   ▀█
███▀▄████████ █▀█▄▄
██▀  ▀ ▀ ▀
██████████▄   ▄▀▀█▄
     ▀ ▀
  ███▀▀▀▀▀████▌ ▄  ▀
          ████████████▌   █
        █████████████▀
        ▀▀▀██▀▀██▀▀
           ▀▀  ▀▀
BTC-GREEN       ▄▄████████▄▄
    ▄██████████████▄
  ▄██████
██████████████▄
 ▄███
███████████████████▄
▄█████████████████████████▄
██████████████████████████
███████████████████████████
███████████████████████████
▀█████████████████████████▀
 ▀███████████████████████▀
  ▀█████████████████████▀
    ▀█████████████████
       ▀▀█████████▀▀
Ecological Community in the Green Planet
❱❱❱❱❱❱     WHITEPAGE   |   ANN THREAD     ❰❰❰❰❰❰
           ▄███▄▄
       ▄▄█████████▄
      ▄████████████▌
   ▄█████████████▄▄
 ▄████████████████████
███████████████▄
▄████████████████████▀
███████████████████████▀
 ▀▀██████▀██▌██████▀
   ▀██▀▀▀  ██  ▀▀▀▀▀▀
           ██
           ██▌
          ▐███▄
.
Graet (OP)
VIP
Legendary
*
Offline Offline

Activity: 980
Merit: 1001



View Profile WWW
April 21, 2013, 09:00:35 PM
 #2129

Main server is back up but in "maintainance mode"
Cached shares are being counted at the moment
a bit more to do before we can make the site live
getting close though Smiley
Best wishes
Graet

| Ozcoin Pooled Mining Pty Ltd https://ozcoin.net Double Geometric Reward System https://lc.ozcoin.net for Litecoin mining DGM| https://crowncloud.net VPS and Dedicated Servers for the BTC community
felente
Full Member
***
Offline Offline

Activity: 147
Merit: 100



View Profile
April 22, 2013, 02:43:10 AM
 #2130

i'm not a regular miner at ozcoin but respect it and Graet - based on his posts at this forum.
it would be very pity to let this pool disappear. have just detached one miner from slush's and pointed to ozcoin as my solidarity. that's not too much hashes - just what i can afford to spend then...

do not give up
Graet (OP)
VIP
Legendary
*
Offline Offline

Activity: 980
Merit: 1001



View Profile WWW
April 22, 2013, 07:23:46 AM
 #2131

Website back online  Smiley
webserver has had a clean install on new HDDs old HDDs still under forensic investigation
The pool forum and some other drupal modules disabled - we are looking forward to a new front end soon
Still some finishing up to do
eustratum mining node was where the exploit started, code has been changed and that node is offline until reinstalled.

I missed some emails during the downtime - if I have not responded, please resend, thanks

Hopefully there will be more good news within 24hours

I am amazed and even overwhelmed at times by the offers of help and the many ways people have contacted me with messages of support. Please know every one of you has made a difference, even if I have not been able to thank you personally. I feel humbled but more determined than ever to continue my involvement in Bitcoin, get Ozcoin back on a good footing and see where this amazing experiment takes us next Smiley

Best wishes and thanks all
Graeme









| Ozcoin Pooled Mining Pty Ltd https://ozcoin.net Double Geometric Reward System https://lc.ozcoin.net for Litecoin mining DGM| https://crowncloud.net VPS and Dedicated Servers for the BTC community
arklan
Legendary
*
Offline Offline

Activity: 1778
Merit: 1008



View Profile
April 22, 2013, 07:25:59 AM
 #2132

in simple terms: YAY!

i don't post much, but this space for rent.
LazyOtto
Sr. Member
****
Offline Offline

Activity: 476
Merit: 250


View Profile
April 22, 2013, 07:34:09 AM
 #2133

Website back online  Smiley
Not for me.

https://ozcoin.net/

Is there an incantation which should be used other than that?
zero-asic
Member
**
Offline Offline

Activity: 79
Merit: 10


View Profile
April 22, 2013, 07:38:53 AM
Last edit: April 22, 2013, 07:49:51 AM by zero-asic
 #2134

Website back online  Smiley

Thank you for all your hard work Graet!

I pointed my Avalons back at Ozcoin.  I updated the firmware and cranked up the clock.  They sit at ~140GHash/s.

I'm sitting at number 2 on the Top 20 Chart.  Can anyone knock me down? Cheesy

Edit: I got knocked down! Cheesy

Eloipool + bitcoind Ubuntu 12.04 install scripts: https://bitcointalk.org/index.php?topic=171782.0
Graet (OP)
VIP
Legendary
*
Offline Offline

Activity: 980
Merit: 1001



View Profile WWW
April 22, 2013, 08:17:58 AM
 #2135

Website back online  Smiley
Not for me.

https://ozcoin.net/

Is there an incantation which should be used other than that?
Batman forgot to do the https:// fixing it right now
and fixed

| Ozcoin Pooled Mining Pty Ltd https://ozcoin.net Double Geometric Reward System https://lc.ozcoin.net for Litecoin mining DGM| https://crowncloud.net VPS and Dedicated Servers for the BTC community
LazyOtto
Sr. Member
****
Offline Offline

Activity: 476
Merit: 250


View Profile
April 22, 2013, 08:30:30 AM
 #2136

I hit the site. And logged in.

Looks like you are back on-line.

Congratulations.

And my sincere best wishes.

-- edit

Looks like there's still cached shares / history to catch up with.

I show unconfirmed credits even though it is *way* past twenty hours since I submitted a share.

NP. Just FYI.
Mikej0h
Member
**
Offline Offline

Activity: 117
Merit: 100

Life is short, play long


View Profile
April 22, 2013, 08:47:02 AM
 #2137

Fantastic the pool is getting back up.
Hopefully you were able to tackle this issue, so this doesn't reoccur up.

I will change my miners back to your pool when I get back from work.

I noticed in the payout screen, the "unsuccessful payout" (to the hacker) is still listed as payout.
Is this going to be corrected/send out later again?
Graet (OP)
VIP
Legendary
*
Offline Offline

Activity: 980
Merit: 1001



View Profile WWW
April 22, 2013, 09:33:48 AM
 #2138

I hit the site. And logged in.

Looks like you are back on-line.

Congratulations.

And my sincere best wishes.

-- edit

Looks like there's still cached shares / history to catch up with.

I show unconfirmed credits even though it is *way* past twenty hours since I submitted a share.

NP. Just FYI.
if you are on DGM you will be paid for several rounds after you stop mining, it is the "tail off"

Fantastic the pool is getting back up.
Hopefully you were able to tackle this issue, so this doesn't reoccur up.

I will change my miners back to your pool when I get back from work.

I noticed in the payout screen, the "unsuccessful payout" (to the hacker) is still listed as payout.
Is this going to be corrected/send out later again?

I asked for this to be done before we went live
will investigate what is going on :/

| Ozcoin Pooled Mining Pty Ltd https://ozcoin.net Double Geometric Reward System https://lc.ozcoin.net for Litecoin mining DGM| https://crowncloud.net VPS and Dedicated Servers for the BTC community
LazyOtto
Sr. Member
****
Offline Offline

Activity: 476
Merit: 250


View Profile
April 22, 2013, 09:41:59 AM
 #2139

Looks like there's still cached shares / history to catch up with.

I show unconfirmed credits even though it is *way* past twenty hours since I submitted a share.

NP. Just FYI.
if you are on DGM you will be paid for several rounds after you stop mining, it is the "tail off"
Yep, expect that.

Here's some data. Just in case it is useful.

If you wish / need, I'll PM you the account name.
Although I doubt this is an anomaly specific to me.

Just trying to help work through the transition effects.

I don't think you would be out of line to suggest to just give it a day and see if it settles out. I'm merely reporting what I see now.

"DGM
Round Credit*:
0.00000982 BTC
Unconfirmed Credit:
0.03981841 BTC"

"232427   2013-04-19 14:56:14   1,490   0.00293916   0.00000000   0.00000197   Completed"
Graet (OP)
VIP
Legendary
*
Offline Offline

Activity: 980
Merit: 1001



View Profile WWW
April 22, 2013, 09:48:51 AM
 #2140

Looks like there's still cached shares / history to catch up with.

I show unconfirmed credits even though it is *way* past twenty hours since I submitted a share.

NP. Just FYI.
if you are on DGM you will be paid for several rounds after you stop mining, it is the "tail off"
Yep, expect that.

Here's some data. Just in case it is useful.

If you wish / need, I'll PM you the account name.
Although I doubt this is an anomaly specific to me.

Just trying to help work through the transition effects.

I don't think you would be out of line to suggest to just give it a day and see if it settles out. I'm merely reporting what I see now.

"DGM
Round Credit*:
0.00000982 BTC
Unconfirmed Credit:
0.03981841 BTC"

"232427   2013-04-19 14:56:14   1,490   0.00293916   0.00000000   0.00000197   Completed"
cool, cheers Smiley

| Ozcoin Pooled Mining Pty Ltd https://ozcoin.net Double Geometric Reward System https://lc.ozcoin.net for Litecoin mining DGM| https://crowncloud.net VPS and Dedicated Servers for the BTC community
Pages: « 1 ... 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 [107] 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!