Hacking into VPS by originally getting IPs from Primecoin nodes

hendo420 (OP)

Sr. Member

Offline

Activity: 420
Merit: 250

Hacking into VPS by originally getting IPs from Primecoin nodes

July 27, 2013, 10:43:58 AM
Last edit: July 27, 2013, 11:11:32 AM by hendo420

I was thinking this over and if I were to try to find a way into a bunch of vps's to run a miner for me for free I would start by getting all the nodes on the primecoin network and sorting them for IPs that are clustered around one another and I would then have targets to try to exploit or bruteforce. When a vps provider sets up servers their IPs are usually clusterfked. So it would stick out like a sore thumb.

I got this idea after a friend who was running vps's to mine primecoin solo started having problems with a few of his servers and then his host took them down because of possible malicious activity.

I think its possible and happening. What do you guys think.

These are basically servers stock install with no added security most without the newest updates. So very vulnerable. Day 0 exploits possible even.

I guess what im trying to say is. Update your vps's even if it seems like a hastle or someones gona take them over for their bot army.

ebmarket.co

1714966816

Hero Member

Offline

Posts: 1714966816

Ignore

1714966816

1714966816


	Report to moderator

1714966816

Hero Member

Offline

Posts: 1714966816

Ignore

1714966816


	Report to moderator

Every time a block is mined, a certain amount of BTC (called the subsidy) is created out of thin air and given to the miner. The subsidy halves every four years and will reach 0 in about 130 years.

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.

fluffypony

Donator
Legendary

Offline

Activity: 1274
Merit: 1060

GetMonero.org / MyMonero.com

Re: Hacking into VPS by originally getting IPs from Primecoin nodes

July 27, 2013, 11:38:14 AM

Day 0?

I think you mean 0day exploits, and I don't think that word means what you think it means. Here's some light reading: http://en.wikipedia.org/wiki/0day

Other than that you raise an interesting point, but as far as attack vectors go it's no different to scanning Digital Ocean's IP range(s) for vulnerable boxes.

[MyMonero - transact with Monero anywhere, any time]

[OpenAlias - the simple, secure alias standard]

OnlyC

Full Member

Offline

Activity: 154
Merit: 100

Re: Hacking into VPS by originally getting IPs from Primecoin nodes

July 27, 2013, 11:54:37 AM

I think possible when they have your IP and port (opened port)

fluffypony

Donator
Legendary

Offline

Activity: 1274
Merit: 1060

GetMonero.org / MyMonero.com

Re: Hacking into VPS by originally getting IPs from Primecoin nodes

July 27, 2013, 12:26:52 PM

Quote from: OnlyC on July 27, 2013, 11:54:37 AM

I think possible when they have your IP and port (opened port)

There are no significant vulnerabilities in Bitcoin/Litecoin and their clones, so knowing the port would provide little advantage. The RPC port is, by default, only bound to 127.0.0.1, so any vulnerabilities that exist there wouldn't be directly externally accessible.

Stock Debian/Ubuntu (and other distros) are not terribly insecure out the box. In fact, more often than not, it is the incorrect configuration of software that opens holes on a machine. I would hazard that a box with a poorly configured FTP service is a much softer target than a stock Ubuntu box that is only really exposing SSH to the Internet.

[MyMonero - transact with Monero anywhere, any time]

[OpenAlias - the simple, secure alias standard]

Pages: [1]

Bitcoin Forum > Alternate cryptocurrencies > Altcoin Discussion > Hacking into VPS by originally getting IPs from Primecoin nodes

« previous topic next topic »