Bitcoin Forum
December 13, 2024, 10:16:07 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 ... 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 [335] 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 ... 1154 »
  Print  
Author Topic: [4+ EH] Slush Pool (slushpool.com); Overt AsicBoost; World First Mining Pool  (Read 4382722 times)
slush (OP)
Legendary
*
Offline Offline

Activity: 1386
Merit: 1097



View Profile WWW
April 24, 2013, 09:02:47 AM
 #6681

I'm setting up server right now on safe location with physical access only, the website should be back in few hours.

nottm28
Hero Member
*****
Offline Offline

Activity: 574
Merit: 500



View Profile
April 24, 2013, 09:04:13 AM
 #6682

Stratum servers have been migrated to (not-compromised) EC2 backends, I just see few first connections. So mining continues and no action is required by you.

I'll set up database and website in few hours on trusted machines, so the pool will be in normal operation soon.

I'd have my EC2 servers penetration tested several times by big companies because my sites take online payments - they couldn't get in - I'll feel safer when your in the EC2 cloud Slush...

donations not accepted
slush (OP)
Legendary
*
Offline Offline

Activity: 1386
Merit: 1097



View Profile WWW
April 24, 2013, 09:33:17 AM
 #6683

FYI Pool hashrate is still above 7Thash/s and it reports new blocks normally. Please be patient, I'm working hardly to get website back online.

VishwaJay
Newbie
*
Offline Offline

Activity: 56
Merit: 0



View Profile
April 24, 2013, 09:37:13 AM
 #6684

The pool has been hacked. Fortunately I noticed it fast enough, so I made database snapshot seconds before attackers overtake the database machine. I lost some amount of bitcoins, but I'll be able to recover it from my pocket. For now I'm evaluating what's next to do, because all machines in OVH has been compromised and they cannot be trusted anymore.

Wow, glad to know my BTC0.002 is safe, LOL.... seriously, this amount is so small, please don't worry about it with me. If it helps, just apply it to those who need payment or toward the server. I'm not doing this really for the money, I'm doing it because it's fun and there is a small payout which I can then track to measure progress with.

Thanks for the rapid response, slush.
ewitte
Member
**
Offline Offline

Activity: 98
Merit: 10


View Profile
April 24, 2013, 09:40:35 AM
Last edit: April 24, 2013, 09:51:35 AM by ewitte
 #6685

Everyone mining with Slush, restart your mining clients and make sure the stratum domain resolves to an address in the Amazon cloud. It's 54.214.10.135 when I check here.
Before I restarted mine it still used the old compromised server which is still running. I'm not sure they will be able to use the bitcoins mined there but I hate the thought of it.

Hmm for stratum.bitcoin.cz its reporting a 77.93 address for me.  I did a flush DNS and complete reboot.  Was mining LTC all night.  Its connected and accepting.

EDIT guiminer uses api2.bitcoin.cz which redirects to stratum.bitcoin.cz.  I tried stratum2.bitcoin.cz directly and it wouldn't work.  Updated hosts file for now hopefully no DNS changes coming up soon Smiley

Donations
BTC - 13Lgy6fb4d3nSYEf2nkgBgyBkkhPw8zkPd
LTC - LegzRwyc2Xhu8cqvaW2jwRrqSnhyaYU6gZ
uberduber
Newbie
*
Offline Offline

Activity: 13
Merit: 0


View Profile
April 24, 2013, 09:42:50 AM
 #6686

Slush, do you use IRC at all?
slush (OP)
Legendary
*
Offline Offline

Activity: 1386
Merit: 1097



View Profile WWW
April 24, 2013, 09:44:19 AM
 #6687

Slush, do you use IRC at all?

I do use IRC, but currently I don't have a time hanging on chat, sorry Sad.

melvster
Sr. Member
****
Offline Offline

Activity: 350
Merit: 250


View Profile
April 24, 2013, 09:53:01 AM
 #6688

What about the user database?  Was it compromised?  I'd hate to see bitcoins sent to the wrong address.

I have a database snapshot taken before bad guys overtook the database. So there's no reason to think payout addresses have been modified. Any change of wallet on pool profile requires email confirmation by account owner so I think we're on safe side here.

Unfortunately the user database can be considered as compromised, so the attacker knows user's emails :-(.
How were the passwords hashed?

1. Great job slush! 

2. Passwords are generally low entropy.  If you've used your mining pw elsewhere change it now.
DryMartini
Newbie
*
Offline Offline

Activity: 37
Merit: 0



View Profile
April 24, 2013, 10:02:36 AM
 #6689

Strange, ewitte. But DNS's live their own lives sometimes. Looks like all stratum records have several IP's so one of these should be valid:
    stratum.bitcoin.cz, A, 54.214.10.150
    stratum.bitcoin.cz, A, 54.214.4.50
    stratum.bitcoin.cz, A, 54.214.10.101
    stratum.bitcoin.cz, A, 54.214.10.134
    stratum.bitcoin.cz, A, 54.214.10.135

And slush: Keep up the great work! Hope you'll get some sleep eventually. I'm sure the Amazon cloud will be a safe solution.
ewitte
Member
**
Offline Offline

Activity: 98
Merit: 10


View Profile
April 24, 2013, 10:03:51 AM
 #6690


1. Great job slush! 

2. Passwords are generally low entropy.  If you've used your mining pw elsewhere change it now.

They are welcome to mine for me if they wish its not the same as my login Wink

Donations
BTC - 13Lgy6fb4d3nSYEf2nkgBgyBkkhPw8zkPd
LTC - LegzRwyc2Xhu8cqvaW2jwRrqSnhyaYU6gZ
ewitte
Member
**
Offline Offline

Activity: 98
Merit: 10


View Profile
April 24, 2013, 10:11:34 AM
 #6691

Strange, ewitte. But DNS's live their own lives sometimes. Looks like all stratum records have several IP's so one of these should be valid:
    stratum.bitcoin.cz, A, 54.214.10.150
    stratum.bitcoin.cz, A, 54.214.4.50
    stratum.bitcoin.cz, A, 54.214.10.101
    stratum.bitcoin.cz, A, 54.214.10.134
    stratum.bitcoin.cz, A, 54.214.10.135

And slush: Keep up the great work! Hope you'll get some sleep eventually. I'm sure the Amazon cloud will be a safe solution.

As long as its mining on a correct address I'll not touch it for now let them breathe a bit.  We always assume 24h for certain changes though most places usually go through in less than 1h... there are occasional holdouts with certain servers.

Donations
BTC - 13Lgy6fb4d3nSYEf2nkgBgyBkkhPw8zkPd
LTC - LegzRwyc2Xhu8cqvaW2jwRrqSnhyaYU6gZ
bigb159
Full Member
***
Offline Offline

Activity: 163
Merit: 100



View Profile
April 24, 2013, 11:24:10 AM
 #6692

When people ask me what is the best pool, the dedication and communication of it's admin is the case I always make for Slush's pool. Kudos Slush - thanks for keeping us online.
joolzg
Member
**
Offline Offline

Activity: 76
Merit: 10


View Profile
April 24, 2013, 11:34:55 AM
 #6693

When people ask me what is the best pool, the dedication and communication of it's admin is the case I always make for Slush's pool. Kudos Slush - thanks for keeping us online.

will be nice to see how we have been doing, noticed quite a few found blocks for slush's pool.

hope he can get the shares sorted out for us all.

joolz
Khertan
Full Member
***
Offline Offline

Activity: 193
Merit: 100


View Profile WWW
April 24, 2013, 12:19:31 PM
 #6694

Hum ... pretty strange

OVH Block my website (on a mutualized server) too due to suspect activity on my website, except ownCloud and a static website was hosted on it ... nothing suspect in the httplog, nor the ftp log ...

Look like there are false alarm, or hack come from inside ...

silicont
Member
**
Offline Offline

Activity: 87
Merit: 10



View Profile
April 24, 2013, 12:26:08 PM
 #6695

Good effort, slush, thanks.  I wish there was a 'thanks' button for posts, so we could share the sentiments of other posts without bloating the lone, long thread.   Thanks.
ntgrac
Newbie
*
Offline Offline

Activity: 14
Merit: 0


View Profile
April 24, 2013, 12:41:21 PM
 #6696

Good effort, slush, thanks.  I wish there was a 'thanks' button for posts, so we could share the sentiments of other posts without bloating the lone, long thread.   Thanks.
+1
dmphotog
Newbie
*
Offline Offline

Activity: 17
Merit: 0



View Profile
April 24, 2013, 12:47:02 PM
 #6697

Good effort, slush, thanks.  I wish there was a 'thanks' button for posts, so we could share the sentiments of other posts without bloating the lone, long thread.   Thanks.
+1
++1

Keep up the great work.  If you ever come to my town, I will gladly buy you a beer (or whatever you drink).
soundasleep
Full Member
***
Offline Offline

Activity: 169
Merit: 100


View Profile
April 24, 2013, 01:04:17 PM
 #6698

2. Passwords are generally low entropy.  If you've used your mining pw elsewhere change it now.

I use a securely generated random password for every slave and every pool. Even if the passwords aren't hashed there's no way any attacker can get into any other pool account.
Lucko
Hero Member
*****
Offline Offline

Activity: 826
Merit: 1000



View Profile
April 24, 2013, 01:12:24 PM
 #6699

Any estimation on complition? I need to take out some bitcoins at 20:00 (UTC +1)
Camello_AR
Newbie
*
Offline Offline

Activity: 43
Merit: 0



View Profile
April 24, 2013, 01:24:20 PM
 #6700

2. Passwords are generally low entropy.  If you've used your mining pw elsewhere change it now.

I use a securely generated random password for every slave and every pool. Even if the passwords aren't hashed there's no way any attacker can get into any other pool account.

Is not necesary to have a high secure worker pass. Even when pass is so simple (but diferent as other passwords you use in your life) the only use that it has is mine. Then, if somebody knows your worker/pass combination, the only can do is mine for you Smiley
I have simply workname/passwords combinations, but not related to other pass used, to get easy remembers when setup diferents workers 
Pages: « 1 ... 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 [335] 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 ... 1154 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!