Bitcoin Forum
December 11, 2016, 12:44:18 AM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 »  All
  Print  
Author Topic: Bitcoin Cloud Wallet Hosting  (Read 3914 times)
jfreak53
Sr. Member
****
Offline Offline

Activity: 297



View Profile WWW
August 15, 2011, 01:44:39 PM
 #1

Are you tired of these so called online wallets that you just keep loosing your money in? Most of this money is your business money anyways right? And you don't want to spend the money on a server of your own just to host your "bitcoind" daemon for your business transactions.

Microtronix has come up with a solution for you then. Our bitcoind online wallet hosting service. Our service IS NOT an online wallet, it's not a web based wallet system with it's own API to learn and integrate. It's NOT a community wallet, we can't stress this enough. All of these services require you to use their wallets and it's a community wallet, where YOUR money is stored with everyone else's money.

We are not that. What we are is this. We have a couple dedicated servers that their only purpose on this planet is to host "bitcoind" daemons. What does this mean you ask?

It's simple, you sign up with our bitcoin online wallet service. We then create you a new user on our linux servers, this user has his own user directory on the server. We then compile "bitcoind" from scratch for YOUR user alone, then launch the "bitcoind" service on our servers for ONLY your user! So it's like having your own server running the bitcoind daemon.

This means that you have 100% online access to your wallet at all times! Second, instead of a community wallet, you have your very own personal wallet.dat file that is yours and yours alone! Since it's in your user directory and Linux is one of the most secure OS's on the market for user permissions only you and your passwords have access to the service and YOUR wallet.

Lastly, the wallet.dat file is YOURS, it is yours alone and we have zero rights to the file. Since this is not a community wallet service we don't own your wallets! What you are buying from us is hosting basically, this falls under our typical terms of service, all files contained in your user directory are YOURS and yours alone. No more worrying if an online wallet site steals your coins, THEIR YOURS, you own them, you own the wallet.

You can order here: http://www.microthosting.com/bitcoin-servers.html

Features of our Online Wallet service:
  • A web available panel to start, stop and restart your bitcoind service yourself without logging into SSH and learning Linux. You can add and remove access IPs to the daemon from this panel and also change your bitcoind username and password all from this panel.
  • A web panel to access your wallet! Brand NEW! You can now view transactions to and from your wallet, send bitcoins, view your wallet's addresses and generate a new address all from a web accessible panel that is very user friendly.
  • Both web panels are mobile friendly and accessible from any mobile phone!
  • Your own personal wallet.dat file
  • Your own bitcoind daemon running on our servers
  • SSH access
  • SSH access is only allowed with pre-authorized Keys, this means no one can brute force hack your password to hack into your user in SSH. SSH auth keys are the most secure SSH login.
  • SSH on non-standard port for more security
  • All SSH accounts are jailshelled so limited access to the client only.
  • Your bitcoind daemon runs on YOUR very own port, the default is 8332. We give each user their own port on our server and they are non-default ports.
  • Bitcoind access with SSL only. When you sign up we automatically generate a self signed security certificate for YOUR user and YOUR bitcoind daemon, unique to you.
  • A user control panel to control your keys and files.
  • Our bitcoin servers do NOT host any Apache, MySQL or any other service. This is for security reasons, the only services on our servers are: SSH, Webmin for your control panel and bitcoind for each user. So no PHP, no hacking of apache.
  • We have special security measures in webmin that blocks each user after 2 failed attemps to login, for security reasons this is GREAT!
  • Our firewall also blocks users after 2 failed attempts to login
  • Our firewall BLOCK all and every port to our servers ACCEPT the bitcoind open ports for each service running and SSH ports. Our server also blocks all port scanning and pinging of the server to block every intrusion attempt we could think of.
  • Our firewall also automatically blocks all IPs that try guess your bitcoind password, so if someone tries to hack your bitcoind daemon, 2 tries and they are blocked!
  • We run rkhunter and chkhunter each and every morning to check for Rootkits on the server.
  • You have full access to your bitcoind client using the bitcoind API calls, you can use a PHP script to access or use our professional version of FastCat BRPC being launched very soon now.

What does all this mean? It means the only way a potential hacker can get into your wallet file is to guess YOUR password or hack YOUR personal PC. This is more secure than any other online wallet service since we don't host PHP websites, those are easy to hack. We don't host FTP access, and we don't allow SSH with passwords, this is the most secure.

What's more is that if any ONE single user account gets hacked on the server and the wallet stolen, that user that was hacked has ZERO access to your user files. So even if one single user is hacked, the rest are 100% secure from the intrusion.

This all means the best in security for your online wallet. The only way in is if a hacker guesses your password to YOUR account. We also require a certain strength of password, so each password has to be secure to be used on our servers, this provides even more security for your account and wallet.

Monthly Price:

We charge a flat monthly fee to use this service, your bitcoind daemon will be running at all times on the server. We restart each daemon once a day at night time to clear out memory since the bitcoind daemons have major memory leak issues, this insures all clients are running 100% at all times.

The cost of this service is $5.26 a month, ONLY! We manage all services on the server, we manage all security. When you purchase we automatically generate a certificate for your client also. All is managed at this low monthly cost.

Backing up your wallet:

We also offer full backup services for your wallet. For the low monthly cost of $3.50 per 10GB of space we backup your wallet for YOU! You get a $0.50 discount on the normal backup prices since you own this wallet service.

We do everything, you purchase the backup service, we then create a user for you on our super secure backup servers. Once the user is created we then create a backup script on the bitcoin server that backs up once a day automatically your wallet.dat file to the backup server.

Not only does it backup the wallet file it encrypts the wallet file before backup using 4096-bit PGP encryption, this is the BEST military grade encryption on the NET. If when you sign up you don't already have a PGP keyfile we will automatically make one for you, once made we will use this key file for the encryption of your wallet. Once done we send you the private and public key for you to keep to unencrypt your wallet in the backup.

Better yet! If you already have a backup service at another host we will setup this automatic backup for you also, free of charge using your current backup provider! Using the same encryption routine to ensure utmost security of your wallet at all times!

You can order here: http://www.microthosting.com/bitcoin-servers.html

"Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -Benjamin Franklin 1755
█ █ http://www.microthosting.com -- Free reseller web hosting, OpenVZ-XEN-HVM VPS', ATOM Dedicateds!
1481417058
Hero Member
*
Offline Offline

Posts: 1481417058

View Profile Personal Message (Offline)

Ignore
1481417058
Reply with quote  #2

1481417058
Report to moderator
1481417058
Hero Member
*
Offline Offline

Posts: 1481417058

View Profile Personal Message (Offline)

Ignore
1481417058
Reply with quote  #2

1481417058
Report to moderator
1481417058
Hero Member
*
Offline Offline

Posts: 1481417058

View Profile Personal Message (Offline)

Ignore
1481417058
Reply with quote  #2

1481417058
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481417058
Hero Member
*
Offline Offline

Posts: 1481417058

View Profile Personal Message (Offline)

Ignore
1481417058
Reply with quote  #2

1481417058
Report to moderator
drgr33n
Sr. Member
****
Offline Offline

Activity: 266



View Profile
August 15, 2011, 02:34:45 PM
 #2

Is the bitcoin daemon not the weakest link here ? Not trolling was just thinking about running a similar service and that's what conclusion I came to ?
jfreak53
Sr. Member
****
Offline Offline

Activity: 297



View Profile WWW
August 15, 2011, 02:41:46 PM
 #3

Considering it's what the wallet services run ha ha

But since it's all there is in daemon form right now with an API.

If someone can come up with a better daemon client then we might just think of switching over once we have tested it thoroughly on our servers for bugs.

"Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -Benjamin Franklin 1755
█ █ http://www.microthosting.com -- Free reseller web hosting, OpenVZ-XEN-HVM VPS', ATOM Dedicateds!
willphase
Hero Member
*****
Offline Offline

Activity: 770


View Profile
August 15, 2011, 03:56:42 PM
 #4

Quote
Your own bitcoind daemon running on our servers

1.  how about accepting bitcoins as payment instead of fiat
2.  the administrator/owner of the server still has access to the files, so still suffers from the same problems.  Having e.g. wallets encrypted with a key that the user keeps would alleviate this problem somewhat, but still has the risks of the administrator of the server just caching/stealing that key

The problem with ANY online wallet is trust.  Any user of your service still has to trust you, the administrator of the service.

Will

jfreak53
Sr. Member
****
Offline Offline

Activity: 297



View Profile WWW
August 15, 2011, 04:09:04 PM
 #5

1.  Actually we do accept Bitcoins as payment for our services, please check out site, bold and beautiful right out front.  And once the client purchases this system they too will be able to use automatic payments on their site with bitcoins since the API allows this through SSL.

So if anyone ever wanted to accept Bitcoins on their site, this system would allow them to do that using PHP, ASP, Perl, or anything that could send and receive JSON commands.

2.  Actually most online wallets are not protected because of just that stealing.  But, we are a legal entity in 2 countries of the world, as our website states.  Our terms of service strictly prohibits us from using the customers content or viewing it in any way, as does all hosting companies contracts.  So you are doing business with a company that has been in business for 10 years now in 2 countries of the world, USA and Guatemala.  Much more safe and secure than with fly by night wallet companies that have been around for say 2 years.

I would be definitely be interested in encrypted wallets, I would really like to use PGP encrypted wallets with a 4096 bit encryption using the client private key.  But unless someone can show us how BitcoinD supports that, then until someone creates a daemon client that does we are sitting still Sad

But I would be more than interested in ideas from developers of the community for something like this, we would be willing to pay also for a client that supports PGP encrypted wallets and un-encrypts at runtime.

"Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -Benjamin Franklin 1755
█ █ http://www.microthosting.com -- Free reseller web hosting, OpenVZ-XEN-HVM VPS', ATOM Dedicateds!
drgr33n
Sr. Member
****
Offline Offline

Activity: 266



View Profile
August 15, 2011, 04:23:34 PM
 #6

Considering it's what the wallet services run ha ha

I do realize this, I was just saying !! Work is in progress my end Cheesy I'm planning on running a similar service to you guys but access to the bitcoin daemon via VPN using sandboxed bitcoin daemons with encrypted symlinked wallets. My thoughts were that the weakest link was the bitcoin daemon & the owner of the service Cheesy. I'm working on other things right now but when I'm done I'm going to be looking deeper into the bitcoin daemon and take a look at viable attack vectors. Also thinking about allowing the customer to encrypt their own wallet with their own passwords. Although this way there won't be no recovery for lost passwords.
jfreak53
Sr. Member
****
Offline Offline

Activity: 297



View Profile WWW
August 15, 2011, 05:50:50 PM
 #7

Hence the use of PGP private keys, it's a file, and it's much better encryption than most others out there.

"Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -Benjamin Franklin 1755
█ █ http://www.microthosting.com -- Free reseller web hosting, OpenVZ-XEN-HVM VPS', ATOM Dedicateds!
BitcoinStars.com
Full Member
***
Offline Offline

Activity: 140


View Profile
August 15, 2011, 06:02:07 PM
 #8

We highly recommend this company
jfreak53
Sr. Member
****
Offline Offline

Activity: 297



View Profile WWW
August 15, 2011, 07:00:06 PM
 #9

Thanks for the vote Grin

"Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -Benjamin Franklin 1755
█ █ http://www.microthosting.com -- Free reseller web hosting, OpenVZ-XEN-HVM VPS', ATOM Dedicateds!
drgr33n
Sr. Member
****
Offline Offline

Activity: 266



View Profile
August 15, 2011, 07:22:57 PM
 #10

Hence the use of PGP private keys, it's a file, and it's much better encryption than most others out there.

Still doesn't stop someone ARP poisoning the client and sniffing the key exchange. But that wasn't my point Cheesy I was merely saying that the bitcoin daemon could be insecure and open to remote exploits. The biggest gaping hole in this setup is the bitcoin daemon I would of thought ? I was just interested if you have done some pen testing on the bitcoin daemon ? 

Will be good to see how it all pans out for you Wink GL !!
jfreak53
Sr. Member
****
Offline Offline

Activity: 297



View Profile WWW
August 15, 2011, 07:35:21 PM
 #11

Quite true since the client has to have it open at all times.  At this point in time it seems to work just fine, the only leak we can find is the account itself, in other words someone would have to get into the Linux OS first to get to the wallet.

From outside right now it looks decent, we have tried quite a few attacks ourselves to the client from the outside and found a few places that we patched up between the client and the firewall.  So all is good there but not many, just basic things.

I still would be interested to know if someone in the community is in active development of a much much better daemon client for bitcoin??  Is there anyone?  Or does anyone want to?  As I said, as a company we would be willing to pay for a better daemon client, something that reads and writes an encrypted wallet file and also has some better protection on it's daemon conf file and password information as this is a major part.

If someone is looking into this please let us know as this is the one part we are still looking to better in the server itself.

As I said though, as of right now to do the hacks you are stating one of two things.  Either the hacker would have to get into the Linux server through the user account, so the clients PC would have to be compromised or the users API password would have to be compromised from his personal PC as well.  So either way the hacker would have to get INTO the linux server to get to this point.

But please by all means, if someone is developing a better daemon client please let us know, we are all ears Smiley

"Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -Benjamin Franklin 1755
█ █ http://www.microthosting.com -- Free reseller web hosting, OpenVZ-XEN-HVM VPS', ATOM Dedicateds!
mameise
Hero Member
*****
Offline Offline

Activity: 561


View Profile
August 15, 2011, 09:01:24 PM
 #12

I just ordered it to test. I also ordered a normal Hosting with a Domain and payed with btc.
Domain is registered and I can access control panel. BTC Hosting is still in progress.

Looks very good till now. Thanks!
N.Z.
Sr. Member
****
Offline Offline

Activity: 449



View Profile
August 15, 2011, 10:59:37 PM
 #13

Carefully read first post. Well I must admit if all this stuff is the really way this server runs, it will be hard to break in. Although I have questions:
1. What about physical access to server? Someone would have full access to server=wallets, so it should be a really trusted person.
2. What about SELinux and other hack-hardening stuff? Like multifactor authentication (spare change->wallet->full account access), multiple wallets, diversification and other hard-spelling words cool things? Smiley

Also consider using asymmetric encryption in the way that no one (even you) could break to the wallet without knowing of the pass-phrase. I do not know how it should be implemented, but I think it is the only secure way of storing such important data as btc wallets. Imagine some three-letter agency come and steal you server for "investigation" of one of accounts. Noone could stop it of stealing all wallets at once. At least you should have one big red button of server self-destruction Smiley A bit paranoid, of course, but its better than having all your money lost one day Smiley
jfreak53
Sr. Member
****
Offline Offline

Activity: 297



View Profile WWW
August 16, 2011, 03:46:12 PM
 #14

N.Z.:

1.  Yes we agree, this is why only one single tech admin has access to the servers in question, when we add more we add one tech per 3 servers.  So that one single tech is the only one with access to the server, besides myself the owner of the company.  We carefully pick the tech who does, we have worked with a very good NOC in Chicago for many many years and they are one of the best in the country for security.  Hence we are not worried about this.  To be honest we are more worried with the occasional hacker who thinks he's good enough ha ha

2.  Yes these are all ideas, we are working daily to find new threats and new entries.  We actually have one server that we setup for the sole purpose of hacking into ourselves.  We test it from every possible angle WE can think of and see what we find that is missing.  Whatever is missing we add to our production servers running bitcoin clients.  So we are constantly looking for more ways of securing each client.

This is the reason when we backup your wallets for you we back them up using PGP 4096 bit encryption.  If the receiver doesn't have the private key, well then sorry your sunk you can never open the wallet, ever.

Our goal would be to find a client that encrypts the wallet file from the get go and keeps in encrypted, that way there is double security on that file during runtime, we have yet to find this.

mameise: Glad your liking it so far, hope your service is running beyond adequately.  Things were a bit slow yesterday for first comers, since no matter how hard you plan you just can't get ready for a wave Smiley.  But we are slowly ironing out the setup glitches and getting things running smoothly for signups.  New service, not automated yet so it's a bit slow setting up.

But all that said about slow, we would rather spend our time getting the security great than fast setups any day Wink, that is what we've been working on.

"Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -Benjamin Franklin 1755
█ █ http://www.microthosting.com -- Free reseller web hosting, OpenVZ-XEN-HVM VPS', ATOM Dedicateds!
mameise
Hero Member
*****
Offline Offline

Activity: 561


View Profile
August 16, 2011, 05:19:25 PM
 #15

never wanted to say you are slow Smiley

Services are running now and the support is absolutely great! I am a total noob and a very patience stuff member hepled me till i was able to connect to everything.
So i only can say that i am more than happy and give a 1+++ for your service!
Furyan
Full Member
***
Offline Offline

Activity: 175



View Profile
August 17, 2011, 12:55:46 PM
 #16

This is a really cool idea.  If you were to offer JUST encrypted wallet.dat backup service, I might be interested in that too.

By the way there are a ton of grammar errors on your page at http://www.microthosting.com/bitcoin-servers.html.  You might want to have someone do a nice run through it and fix them, it looks very very unprofessional.

Otherwise, nice job.
jfreak53
Sr. Member
****
Offline Offline

Activity: 297



View Profile WWW
August 17, 2011, 02:04:16 PM
 #17

Most definitively we offer just backup services.  What you would do is purchase our backup service at $4 a month for 10GB of space, and you purchase managed backup services or have us setup the backups.  Then you either state in the comment or in a ticket the login information to the place where your wallet.dat file is stored, we will then generate keys and setup your backup for you.

The other option if you don't have access for that is to just upload your wallet.dat file and on our backup server once a day and we will setup some automated scripts to run after your backup is made and encrypt your wallet then remove the old unencrypted .dat file.

Either way it is possible, it would come under our regular backup services just managed services on the order form.

And thank you for the information on the page, I will have someone run through it since it was thrown up real fast the other day, hadn't realized myself yet.

"Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -Benjamin Franklin 1755
█ █ http://www.microthosting.com -- Free reseller web hosting, OpenVZ-XEN-HVM VPS', ATOM Dedicateds!
jfreak53
Sr. Member
****
Offline Offline

Activity: 297



View Profile WWW
August 18, 2011, 08:39:16 PM
 #18

For those of you who have IXCoin and want IXCoin online wallet we now offer this.  When signing up just select the client you want.  I know this is not the right forum, but since some run double systems just thought we would mention it.

There is a post over at the other.

Also if there is a forked client that you would like to see let us know here and we will see if we can setup a daemon for that client.

"Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -Benjamin Franklin 1755
█ █ http://www.microthosting.com -- Free reseller web hosting, OpenVZ-XEN-HVM VPS', ATOM Dedicateds!
Nasakioto
Full Member
***
Offline Offline

Activity: 172


Thomas Nasakioto


View Profile WWW
August 19, 2011, 01:34:06 AM
 #19

I think that's a great idea. It'll save a lot of merchants hassle having to install and secure their own daemon on their ecommerce servers.

We use Microtronix for some of our ixcoin.org hosting and I have nothing but praise for them. Great support and lots of features/addons.


Thomas Nasakioto - Upgrade to Ixcoin 0.3.24.3 before block 43,000
Ixcoin.org
joepie91
Sr. Member
****
Offline Offline

Activity: 294


View Profile
August 19, 2011, 04:45:02 AM
 #20

It's slightly offtopic, but are you by any chance planning to offer (low-priced) unmanaged VPS hosting in the future as well? I think it would be nice to have more unmanaged hosts that accept Bitcoin Smiley

Like my post(s)? 12TSXLa5Tu6ag4PNYCwKKSiZsaSCpAjzpu Smiley
Quote from: hawks5999
I just can't wait for fall/winter. My furnace never generated money for me before. I'll keep mining until my furnace is more profitable.
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!