Warning: Amsterdex is an illigal and unsecure exchange

[BlackHero]

Please be aware that Amsterdex is very unsecure:

- SSH ports open for public
- No appropriate firewall
- Open and uncrypted ports (80)
- Worst F grade security for HTTP headers
- Site vulnerable for cross site request forgery hack
- Site vulnerable for clickjacking hack
- Site vulnerable for XSS hack
- Website, database and wallets all on one server, so no segregation at all
- Zero DDOS protection in place
- IP addresses of the servers are directly exposed through DNS.
- HTTP header leak information about software component versions.
- No HSTS security policy in place
- Allows caching of your sensitive information on your computer, but also on public proxy servers that you might use.
- No account lockout or rate limiting policy allowing brute force attacks.
- No response time equalling on password resets which allows username guessing.
- Much more shit actually

Besides security:
- Its running an illigal / unregistered company. No company registration
- It emits shares without proper license from authorities (AFM)
- The owner did great effort to hide its identity (reasonable when running an illigal operation)

Doesnt take long before, A) This exchange gets hacked or B) The owner gets in trouble with law enforcement or the AFM

Do not send your money there!

Bitcointalk topic: https://bitcointalk.org/index.php?topic=5068288.0

Owner did good work to solve the issue. I will close the thread.

[1715161652]

1715161652

[1715161652]

1715161652

[1715161652]

1715161652

[1715161652]

1715161652

[1715161652]

1715161652

[1715161652]

1715161652

[raetsch]

Please be aware that Amsterdex is very unsecure:

- SSH ports open for public
- No appropriate firewall
- Open and uncrypted ports (80)
- Worst F grade security for HTTP headers
- Site vulnerable for cross site request forgery hack
- Site vulnerable for clickjacking hack
- Site vulnerable for XSS hack
- Website, database and wallets all on one server, so no segregation at all
- Zero DDOS protection in place
- IP addresses of the servers are directly exposed through DNS.
- HTTP header leak information about software component versions.
- No HSTS security policy in place
- Allows caching of your sensitive information on your computer, but also on public proxy servers that you might use.
- No account lockout or rate limiting policy allowing brute force attacks.
- No response time equalling on password resets which allows username guessing.
- Much more shit actually

Besides security:
- Its running an illigal / unregistered company. No company registration
- It emits shares without proper license from authorities (AFM)
- The owner did great effort to hide its identity (reasonable when running an illigal operation)

Doesnt take long before, A) This exchange gets hacked or B) The owner gets in trouble with law enforcement or the AFM

Do not send your money there!

Bitcointalk topic: https://bitcointalk.org/index.php?topic=5068288.0

i just started with point 1, ssh open to public. seems your public is other than mine.
i got a timeout.

[BlackHero]

Please be aware that Amsterdex is very unsecure:

- SSH ports open for public
- No appropriate firewall
- Open and uncrypted ports (80)
- Worst F grade security for HTTP headers
- Site vulnerable for cross site request forgery hack
- Site vulnerable for clickjacking hack
- Site vulnerable for XSS hack
- Website, database and wallets all on one server, so no segregation at all
- Zero DDOS protection in place
- IP addresses of the servers are directly exposed through DNS.
- HTTP header leak information about software component versions.
- No HSTS security policy in place
- Allows caching of your sensitive information on your computer, but also on public proxy servers that you might use.
- No account lockout or rate limiting policy allowing brute force attacks.
- No response time equalling on password resets which allows username guessing.
- Much more shit actually

Besides security:
- Its running an illigal / unregistered company. No company registration
- It emits shares without proper license from authorities (AFM)
- The owner did great effort to hide its identity (reasonable when running an illigal operation)

Doesnt take long before, A) This exchange gets hacked or B) The owner gets in trouble with law enforcement or the AFM

Do not send your money there!

Bitcointalk topic: https://bitcointalk.org/index.php?topic=5068288.0

i just started with point 1, ssh open to public. seems your public is other than mine.
i got a timeout.

Ever thought of the idea that they have read this post and quickly closed the ports? My post was deleted by the owner, so I guess he had a long day.

Seen your signature your just a fan boy of the exchange and it doesnt make your opinion very trustworthy.

[Fallout4]

As opposed to hiding behind a new username to post false information.

Real trustworthy, you have something to hide or just a coward?

Someone obviously is worried about competition.

[audiotopix]

Please be aware that Amsterdex is very unsecure:

- SSH ports open for public
- No appropriate firewall
- Open and uncrypted ports (80)
- Worst F grade security for HTTP headers
- Site vulnerable for cross site request forgery hack
- Site vulnerable for clickjacking hack
- Site vulnerable for XSS hack
- Website, database and wallets all on one server, so no segregation at all
- Zero DDOS protection in place
- IP addresses of the servers are directly exposed through DNS.
- HTTP header leak information about software component versions.
- No HSTS security policy in place
- Allows caching of your sensitive information on your computer, but also on public proxy servers that you might use.
- No account lockout or rate limiting policy allowing brute force attacks.
- No response time equalling on password resets which allows username guessing.
- Much more shit actually

Besides security:
- Its running an illigal / unregistered company. No company registration
- It emits shares without proper license from authorities (AFM)
- The owner did great effort to hide its identity (reasonable when running an illigal operation)

Doesnt take long before, A) This exchange gets hacked or B) The owner gets in trouble with law enforcement or the AFM

Do not send your money there!

Bitcointalk topic: https://bitcointalk.org/index.php?topic=5068288.0

i just started with point 1, ssh open to public. seems your public is other than mine.
i got a timeout.

Ever thought of the idea that they have read this post and quickly closed the ports? My post was deleted by the owner, so I guess he had a long day.

Seen your signature your just a fan boy of the exchange and it doesnt make your opinion very trustworthy.

Black Hero, He is a Legendary account with history,......

Your claims raise concerns, those guys are really nice, I am sure they will respond to this.

Who are you?

[PT92]

Was hoping I could resist the urge to reply, but oh well. As far for the more technical stuff I have no clue, but let me correct you on the AFM part:

This is absolute nonsense, the AFM has nothing to do with crypto unless FIAT is involved. As Amsterdex trades in crypto and crypto only the rules of the Autoriteit Financiële Markten do not apply. Of course there is a chance that in the future things will change and Amsterdex will have to comply to certain rules the AFM will emit to crypto companies, but for now there are no such regulations in place. Of course the owner still has to pay his taxes and comply to the regular Dutch laws concerning running a company.

"Illegal shares", one thing is for sure you haven't done your research properly on the non-technical side of your above mentioned garbage.

Cheers.

[BlackHero]

Owner did good work to solve the issue. I will close the thread.