[ANN][DASH] Dash (dash.org) | First Self-Funding Self-Governing Crypto Currency

[InternetApe]

thank you very much for the help over skype, it seems that the hacker could enter my vps, don't know how exactly but he did
he will post on darkcointalk some advice and tips to not have the same issue as me

if someone can help me in any way please send some tip on my darkcoin wallet
XhGwaKJPMdqEyMU85QBReNNMzVGKDW2EPz

So here was the issue(s).

 It appears there is someone that is pulling all the masternodes from the wallet and running scripts on them to hack in.

And in this case they was able to gain access via SSH, so it had nothing to do with problems in the wallet/daemon/masternode itself.

• The firewall was not running, so all ports were open
• Root access via SSH was allowed
• OpenSSL v1.0.1f was installed on the server
• The password to unlock the wallet was still in bash history command
• The root password was less than 8 characters

My recommendations:

• DO NOT allow root ssh access
• Only open port 9999 in your firewall to the world
• Only open port 22 (SSH) to a trusted ip
• Setup SSH to use certificates for logging in
• Do not run any application on the server that you dont have to
• Encrypt you wallet
• Clear your bash history

There are more, but this would have secured this server.

If any of you can spare a few darkcoins to help this person, he lost 999DRK because of the above issues.

his wallet address is XhGwaKJPMdqEyMU85QBReNNMzVGKDW2EPz

He learned the HARDWAY how not to setup your masternode. I will be putting together a list of things to check and an ISO and AMI for people to use with MOST of the issue addressed, you will still be responsible for checking any think I missed and verify it works for your setup.

His lose WILL help everyone else by showing what you MUST setup so please help him where you can. I will pull some together myself to send.

[peteycamey]

8047 difficulty.

wtf is going on? after all that value lost how come everyone and their dog is mining this?

[AlexGR]

8047 difficulty.

wtf is going on? after all that value lost how come everyone and their dog is mining this?

XC switched from pow phase to pos phase, so part of the hashrate returned to other x11 coins.

[Propulsion]

thank you very much for the help over skype, it seems that the hacker could enter my vps, don't know how exactly but he did
he will post on darkcointalk some advice and tips to not have the same issue as me

if someone can help me in any way please send some tip on my darkcoin wallet
XhGwaKJPMdqEyMU85QBReNNMzVGKDW2EPz

So here was the issue(s).

 It appears there is someone that is pulling all the masternodes from the wallet and running scripts on them to hack in.

And in this case they was able to gain access via SSH, so it had nothing to do with problems in the wallet/daemon/masternode itself.

• The firewall was not running, so all ports were open
• Root access via SSH was allowed
• OpenSSL v1.0.1f was installed on the server
• The password to unlock the wallet was still in bash history command
• The root password was less than 8 characters

My recommendations:

• DO NOT allow root ssh access
• Only open port 9999 in your firewall to the world
• Only open port 22 (SSH) to a trusted ip
• Setup SSH to use certificates for logging in
• Do not run any application on the server that you dont have to
• Encrypt you wallet
• Clear your bash history

There are more, but this would have secured this server.

If any of you can spare a few darkcoins to help this person, he lost 999DRK because of the above issues.

his wallet address is XhGwaKJPMdqEyMU85QBReNNMzVGKDW2EPz

He learned the HARDWAY how not to setup your masternode. I will be putting together a list of things to check and an ISO and AMI for people to use with MOST of the issue addressed, you will still be responsible for checking any think I missed and verify it works for your setup.

His lose WILL help everyone else by showing what you MUST setup so please help him where you can. I will pull some together myself to send.

In other words all user error and nothing wrong with the protocol.

[solo20]

question I download the new wallet and my coins are not showing up and my old addresses are gone how do I fix this I have my back up dat file but the wallet is not seeing it do I need to delete the block change

Is the wallet.dat in the right folder? Did you delete EVERYTHING except your wallet.dat and darkcoin.conf from that folder first?

where should the dat file be I change the name to darkcoin.dat does this matter. I did delete everything except the dat file and i dont rember seeing a file called darkcoin.conf before I ran the the new wallet all my records of receiving and sending coins gone but if I cant get my coins back its no big deal it was not much

[camosoul]

It appears there is someone that is pulling all the masternodes from the wallet and running scripts on them to hack in.

Is this a surprise?

And in this case they was able to gain access via SSH, so it had nothing to do with problems in the wallet/daemon/masternode itself.

As suspected.

• The firewall was not running, so all ports were open
• Root access via SSH was allowed
• OpenSSL v1.0.1f was installed on the server
• The password to unlock the wallet was still in bash history command
• The root password was less than 8 characters

As suspected.

My recommendations:

• DO NOT allow root ssh access
• Only open port 9999 in your firewall to the world
• Only open port 22 (SSH) to a trusted ip
• Setup SSH to use certificates for logging in
• Do not run any application on the server that you dont have to
• Encrypt you wallet
• Clear your bash history

All common sense... It worries me that a rote list is being handed out. These are things a person should know if they're going to support the network...

If a person doesn't know this much already, they have no business running any server on the internet, much less a masternode. Following some rote guide line by line will only give them a false sense of security and no ability to handle the future.

Frankly, I'd prefer all ports but 9999 and TOR Listen be secured by port knocking. Re-direct all externally accessible services through TOR so that they only listen to localhost and no known .onion exists for those services to anyone but yourself. Since TOR uses renzdezvous points, the TOR port being open grants them access to none of the services passing through it, and no idea what the traffic is, where it goes, what it's for, etc... They can't protscan a port that doesn't exist. SOCKS5 stream for the win. Using TOR for this has massive advantages completely removed from it's anonymity/encryption/obfuscation functions.

I re-route all my SSH through TOR. SSHD doesn't even listen to the NIC, localhost only. Also, the entire SSHD service is port knocked to trigger "service sshd start" on top of not even listening to the NIC... Run knock sequence then ssh through socat .onion... Nobody even knows it's there... Nobody knows the address but me. Logs can't even give me away since I'm coming in through tor... If only DPR had used his head... ;-)

his wallet address is XhGwaKJPMdqEyMU85QBReNNMzVGKDW2EPz

He learned the HARDWAY how not to setup your masternode. I will be putting together a list of things to check and an ISO and AMI for people to use with MOST of the issue addressed, you will still be responsible for checking any think I missed and verify it works for your setup.

His lose WILL help everyone else by showing what you MUST setup so please help him where you can. I will pull some together myself to send.

Pain is an excellent teacher. A smart man learns from his mistakes. A wise man learns from the mistakes of others. If you don't know what you're doing; don't!

It's sad and all, but I'm not sending him any welfare. I want him to learn. Let it hurt... Call me a meany poopie face if you want, but this was super extreme stupid. No excuse at all. If you don't know what youo're doing; don't. There is no guide that can teach you common sense. You MUST understand. There is no substitute.

[falsealarm_bf]

thank you very much for the help over skype, it seems that the hacker could enter my vps, don't know how exactly but he did
he will post on darkcointalk some advice and tips to not have the same issue as me

if someone can help me in any way please send some tip on my darkcoin wallet
XhGwaKJPMdqEyMU85QBReNNMzVGKDW2EPz

So here was the issue(s).

 It appears there is someone that is pulling all the masternodes from the wallet and running scripts on them to hack in.

And in this case they was able to gain access via SSH, so it had nothing to do with problems in the wallet/daemon/masternode itself.

• The firewall was not running, so all ports were open
• Root access via SSH was allowed
• OpenSSL v1.0.1f was installed on the server
• The password to unlock the wallet was still in bash history command
• The root password was less than 8 characters

My recommendations:

• DO NOT allow root ssh access
• Only open port 9999 in your firewall to the world
• Only open port 22 (SSH) to a trusted ip
• Setup SSH to use certificates for logging in
• Do not run any application on the server that you dont have to
• Encrypt you wallet
• Clear your bash history

There are more, but this would have secured this server.

If any of you can spare a few darkcoins to help this person, he lost 999DRK because of the above issues.

his wallet address is XhGwaKJPMdqEyMU85QBReNNMzVGKDW2EPz

He learned the HARDWAY how not to setup your masternode. I will be putting together a list of things to check and an ISO and AMI for people to use with MOST of the issue addressed, you will still be responsible for checking any think I missed and verify it works for your setup.

His lose WILL help everyone else by showing what you MUST setup so please help him where you can. I will pull some together myself to send.

Please add all of the above to the FAQ list otherwise more compromises will follow. People also need to understand that security is not a one time task. You will have to proactively scan your MN and remediate on an ongoing basis. If you are not able to do this, please host with a company that provides this service for a fee.

[camosoul]

where should the dat file be I change the name to darkcoin.dat does this matter.

Yeah, that's not going to work.

I did delete everything except the dat file and i dont rember see a file called darkcoin.conf

Then you don't have one. Don't worry about it.

before I ran the the new wallet all my records of receiving and sending coins gone but if I cant get my coins back its no big deal it was not much

You never lost your coins. You're just making a dangerous mess.

Your client has no created a new wallet.dat that you don't want. You need to delete it, but NOT delete your REAL wallet.dat

Rename your darkcoin.dat back to wallet.dat. You won't be able to do this until you delete the new empty one.

[humanitee]

• The firewall was not running, so all ports were open
• Root access via SSH was allowed
• OpenSSL v1.0.1f was installed on the server
• The password to unlock the wallet was still in bash history command
• The root password was less than 8 characters

lol.

I feel sorry for the guy, but he was asking for it. Jesus christ, that list is painful. This is why IF YOU DO NOT KNOW WHAT YOU ARE DOING YOU SHOULDN'T RUN A MASTER NODE.



Dear computer noob reading this,

Do not buy into DRK to run a swiss cheese master node. Just don't do it.

Seriously,
Humanitee

[HiddenDark]

question I download the new wallet and my coins are not showing up and my old addresses are gone how do I fix this I have my back up dat file but the wallet is not seeing it do I need to delete the block change

Is the wallet.dat in the right folder? Did you delete EVERYTHING except your wallet.dat and darkcoin.conf from that folder first?

where should the dat file be I change the name to darkcoin.dat does this matter. I did delete everything except the dat file and i dont rember seeing a file called darkcoin.conf before I ran the the new wallet all my records of receiving and sending coins gone but if I cant get my coins back its no big deal it was not much

You need to put you .dat file in here C:\Users\USER\AppData\Roaming\DarkCoin, and yes it must be named 'wallet.dat'.

[camosoul]

• The firewall was not running, so all ports were open
• Root access via SSH was allowed
• OpenSSL v1.0.1f was installed on the server
• The password to unlock the wallet was still in bash history command
• The root password was less than 8 characters

lol.

I feel sorry for the guy, but he was asking for it. Jesus christ, that list is painful. This is why IF YOU DO NOT KNOW WHAT YOU ARE DOING YOU SHOULDN'T RUN A MASTER NODE.



Dear computer noob reading this,

Do not buy into DRK to run a swiss cheese master node. Just don't do it.

This is fucking dumb. And it's out of compassion and a desire to see him grow that I say it and refuse to give him any DRK. He needs this pain to teach him the basics. There's no excuse for this.

Seriously,
Humanitee

THIS.

Your money hose will backfire, greedy noobs. Don't do it. This is just plain stupid... I say it out of compassion, with the hope that pain will make him less stupid. If he learns from it, then the price was worth paying.

If you don't understand even one thing on that list, take you masternode down NOW.

[solo20]

where should the dat file be I change the name to darkcoin.dat does this matter.

Yeah, that's not going to work.

I did delete everything except the dat file and i dont rember see a file called darkcoin.conf

Then you don't have one. Don't worry about it.

before I ran the the new wallet all my records of receiving and sending coins gone but if I cant get my coins back its no big deal it was not much

You never lost your coins. You're just making a dangerous mess.

Your client has no created a new wallet.dat that you don't want. You need to delete it, but NOT delete your REAL wallet.dat

Rename your darkcoin.dat back to wallet.dat. You won't be able to do this until you delete the new empty one.

thanks everything is fix now all my records of receiving and sending coins and coins are back now

[humanitee]

He learned the HARDWAY how not to setup your masternode. I will be putting together a list of things to check and an ISO and AMI for people to use with MOST of the issue addressed, you will still be responsible for checking any think I missed and verify it works for your setup.

I would like to request no AMI images. There are already too many Amazon servers (over 50%) and I believe having a readily available image will just encourage more centralization! Just do ISO's, please!

[tifozi]

[camosoul]

He learned the HARDWAY how not to setup your masternode. I will be putting together a list of things to check and an ISO and AMI for people to use with MOST of the issue addressed, you will still be responsible for checking any think I missed and verify it works for your setup.

I would like to request no AMI images. There are already too many Amazon servers (over 50%) and I believe having a readily available image will just encourage more centralization! Just do ISO's, please!

Making it easier only encourages people to do dumb crap like this. We don't want to make this sort of thing easier. Easier = unsafe. They need to be forced to understand what they are doing under pain of loss or this defeats the purpose altogether.

[Propulsion]

He learned the HARDWAY how not to setup your masternode. I will be putting together a list of things to check and an ISO and AMI for people to use with MOST of the issue addressed, you will still be responsible for checking any think I missed and verify it works for your setup.

I would like to request for no AMI images. There are already too many Amazon servers (over 50%) and I believe having a readily available image will just encourage more centralization! Just do ISO's, please!

Amazon already has the firewall locked down.

Root login without a .pem key is disabled.

Just the .pem key alone would of saved him.

This just shows though, that you absolutely need to be running a remote and local set up.

[humanitee]

He learned the HARDWAY how not to setup your masternode. I will be putting together a list of things to check and an ISO and AMI for people to use with MOST of the issue addressed, you will still be responsible for checking any think I missed and verify it works for your setup.

I would like to request for no AMI images. There are already too many Amazon servers (over 50%) and I believe having a readily available image will just encourage more centralization! Just do ISO's, please!

Amazon already has the firewall locked down.

Root login without a .pem key is disabled.

Just the .pem key alone would of saved him.

This just shows though, that you absolutely need to be running a remote and local set up.

I don't disagree at all, it definitely would have saved him. I am requesting this because we are overly reliant on a US company's network to host our decentralized currency. Making an AMI just encourages everyone to make more MN on Amazon servers. They would probably be more secure for the noobs, but if they must do this then they can follow chaeplin's guide relatively easily.

If they want to further centralize MN hosting at least make them do the work.  

[falsealarm_bf]

He learned the HARDWAY how not to setup your masternode. I will be putting together a list of things to check and an ISO and AMI for people to use with MOST of the issue addressed, you will still be responsible for checking any think I missed and verify it works for your setup.

I would like to request for no AMI images. There are already too many Amazon servers (over 50%) and I believe having a readily available image will just encourage more centralization! Just do ISO's, please!

Amazon already has the firewall locked down.

Root login without a .pem key is disabled.

Just the .pem key alone would of saved him.

This just shows though, that you absolutely need to be running a remote and local set up.

Again, this, that or the other would have saved him statement is based on the assumption that you harden one time and that's it. No, though you may make it difficult for the script kiddies to compromise via a brute force, etc., unless these MN are maintained properly, it is only a question of "when" the 1000DRK will be stolen.

[camosoul]

He learned the HARDWAY how not to setup your masternode. I will be putting together a list of things to check and an ISO and AMI for people to use with MOST of the issue addressed, you will still be responsible for checking any think I missed and verify it works for your setup.

I would like to request for no AMI images. There are already too many Amazon servers (over 50%) and I believe having a readily available image will just encourage more centralization! Just do ISO's, please!

Amazon already has the firewall locked down.

Root login without a .pem key is disabled.

Just the .pem key alone would of saved him.

This just shows though, that you absolutely need to be running a remote and local set up.

Again, this, that or the other would have saved him statement is based on the assumption that you harden one time and that's it. No, though you may make it difficult for the script kiddies to compromise via a brute force, etc., unless these MN are maintained properly, it is only a question of "when" the 1000DRK will be stolen.

There is no substitute for knowing what you're doing. Please no guides. Please no ISOs. The barriers to entry must remain, or this is going to happen again, and the trolls will be back saying matsernodes are haz teh failz... And they'll be right...

[Minotaur26]

He learned the HARDWAY how not to setup your masternode. I will be putting together a list of things to check and an ISO and AMI for people to use with MOST of the issue addressed, you will still be responsible for checking any think I missed and verify it works for your setup.

I would like to request for no AMI images. There are already too many Amazon servers (over 50%) and I believe having a readily available image will just encourage more centralization! Just do ISO's, please!

Amazon already has the firewall locked down.

Root login without a .pem key is disabled.

Just the .pem key alone would of saved him.

This just shows though, that you absolutely need to be running a remote and local set up.

I would like to have an AMI from InternetApe, I don't see why you  wouldn't help all the people running Amazon nodes. People will move if detailed instructions and guidance from the Dev team is provided, the notion that people will move from Amazon without this is unrealistic.

You can repeat that non IT experts shouldn't run masternodes all you want, there is money to be make and people will run them. That is why the model was created to help by keeping coins out of circulation, so it is in the best interest of the project and the duty of the dev team to support the masternode ops whether new or expert with everything possible including AMI´s.