How bad firewall settings can make you lose 75 BTCs

[m3ta]

The topic of this post could also be "How my carelessness cost me 75 BTC".
As some of you will (obviously - i'm expecting it) retort - "carelessness" can also be "foolishness", "stupidity", or some even harsher words.
But the fact is:
You only think you're invulnerable to mistakes until you make one.

TLDR version:
I left my firewall vulnerable to the bitcoin daemon RPC with severely unsafe settings, and 75 BTCs vanished.

I will not dwell on a big whining - the simple fact is, mistakes cost me my wallet.
Or, as someone who I shall not quote just told me:

"It is 90% the attacker's fault for not being a nice person. 8% your fault for being careless, and 2% the system's fault for making it easy for you to be careless."

I was even raising my % a bit higher, but like I said, this is a quote.

With that said, regardless of fault %s, i hope this just serves as a big warning - do you know exactly if your settings are as safe as they can/should be? If you didn't say "yes" in less than half a second, then i urge you to revise your settings.

The facts:
There are no excuses, really. There is a plethora of facts that lead me to this, YES, but that does not serve as justification.
"spill your guts anyway!" i hear in the back.
Ok, then, the loss of 75 BTCs is surely worse than the shame, so if you insist..:

I opened my firewall ports during lunch to show a friend some node.js things I have been working on - a realtime dashboard for P2Pool stats.
This wouldn't be too severe, if my RPCport settings were not too permissive. Which they were since I was abroad last month, and forgot to revert to secure settings.

Working 18 hours a day is not an excuse. Forgetting the RPCport settings is not an excuse. Leaving the firewall open when I got home and only wanted to sleep is also not an excuse.
Just a big sum of recklessness, that had a bitter taste in the end.

The attacker easily accessed my open RPC, brute-forced my user and pass (yes yes, which could also be more complex) and emptied my wallet.

The result:

Code:

Date: 1/25/12 08:07
To: 18GQdbRCF1f7fjkx3rMdWbuqqR8XFxhQgM
Debit: -75.00 BTC
Transaction fee: -0.0235 BTC

http://blockexplorer.com/address/18GQdbRCF1f7fjkx3rMdWbuqqR8XFxhQgM

http://blockexplorer.com/tx/1cbcb30e26a00b81dfd03f3cf4b1d8ded8005a19493050b588d3f752a982b913#i4155767

The only thing i will whine about, is.. "on my birthday? really? that was harsh."

Also, there is a clear need for more security measures in place.
To defend the (dumb/reckless/whatever) miner. Yeah because in the whole BTC universe, even dumb miners... mine.
The whole BTC universe, as a whole, is a sum of its parts. Even the dumb ones.
And today, i was "just another dumb miner". Which was, and still is, a part of the whole.

Maybe bitcoind should log ip addresses.
Maybe the RPC port should have some anti-bruteforcing logic attached to it. A real, effective one, not just telling the attacker the password is short, like it happens now.
Maybe. Just sayin'.

Troll away. But only after you double-checked all your settings.

[1714106676]

1714106676

[1714106676]

1714106676

[1714106676]

1714106676

[1714106676]

1714106676

[1714106676]

1714106676

[LightRider]

I want to know more about "a realtime dashboard for P2Pool stats."

[ineededausername]

Wow, it looks like there are now bots that are always looking for open bitcoin rpc ports.  It took about 4 hours for you to lose 75 BTC.

[m3ta]

I want to know more about "a realtime dashboard for P2Pool stats."

Not finished, but my idea was to put it on Github when it got to a stage where it could be developed further by other people - at this moment, it has a lot of "hardcoded local settings".
node.js, with some smoothiecharts, updating in realtime  (of course, thus node.js) being fed by the p2pool log.

http://imageshack.us/photo/my-images/32/screenshot20120126at404.png/

Or I might just give it away as it is, at this time I lost the mood or will to do anything regarding this.

[m3ta]

I opened my firewall ports during lunch to show a friend some node.js things I have been working on - a realtime dashboard for P2Pool stats.
This wouldn't be too severe, if my RPCport settings were not too permissive. Which they were since I was abroad last month, and forgot to revert to secure settings.

A bit random that your Bitcoins were stolen after opening your port to show your friend some stuff. How close is this friend?

I just find it strange that it worked out how it did. You think you were the target of a random attack exactly when it could do the most damage?

Known him for 15 years,  and he doesn't know what bitcoins are.... He liked the realtime data,  but didn't know what data it was.
I find it strange, too. Just a few hours after my flaw this happens... 
After hitting the wall (with my head of course) my first thought was a crawler script just doing portscans based on peer IPs coming from a tail of the logs.
Hmm... I see this as SO doable, it's really freaky...

[vuce]

unencrypted wallet, I take it?

[JusticeForYou]

The attacker easily accessed my open RPC, brute-forced my user and pass (yes yes, which could also be more complex) and emptied my wallet.

I've read about this attack recently. Your other quote is probably dead on on the %.

Username:Password should force a certain level of entropy before being accepted. I can only imagine how many 12345678 pw there are out there.

[Serge]

the reason i'm not on IRC anymore and the reason why my bitcoin node is not exposed there with bitcoin client 'noirc' flag enabled.
to me it's just being an easy target as anyone can get IP lists from IRC and start probing different ports, default router l/p's and what not.

[caveden]

unencrypted wallet, I take it?

No, he said on OP, open RPC (well, maybe the wallet was unencrypted too, but it doesn't matter, that's not how it was stolen). Summarizing, it is as if his bitcoind node was accessible by anyone on the internet that happened to know his password, and apparently the password wasn't that strong since it was bruteforced. The attacker just requested the victim's bitcoind to send him money, and it sent.

The interesting part is for such a theft to happen, the thief needed to know that there was an accessible bitcoind on that IP. So, either it is someone close to OP who's stealing him, or there are hackers with crawlers searching for such vulnerable nodes. The latter sounds quite possible, what would mean people using bitcoind RPC should really pay attention to their access rules.

[Serge]

the reason i'm not on IRC anymore and the reason why my bitcoin node is not exposed there with bitcoin client 'noirc' flag enabled.
to me it's just being an easy target as anyone can get IP lists from IRC and start probing different ports, default router l/p's and what not.

Wouldn't it be easier just to implement a savings wallet and keep a functional, yet minimal, amount of Bitcoins in the wallet on your daily PC?

don't want my local network and my system compromised in any way regardless of bitcoin wallet

[vuce]

unencrypted wallet, I take it?

No, he said on OP, open RPC (well, maybe the wallet was unencrypted too, but it doesn't matter, that's not how it was stolen). Summarizing, it is as if his bitcoind node was accessible by anyone on the internet that happened to know his password, and apparently the password wasn't that strong since it was bruteforced. The attacker just requested the victim's bitcoind to send him money, and it sent.

aren't private keys encrypted, therefore even with open RPC one would still have to decrypt them before a transaction could be made? In other words, an attacker would have to know rpc username/password and the wallet password?

[caveden]

aren't private keys encrypted, therefore even with open RPC one would still have to decrypt them before a transaction could be made?

No, RPC is there to allow control of bitcoind by other programs. Like, imagine you have a website that needs to perform payments automatically. Your web server contacts bitcoind and requests the payment. If authorized, bitcoind performs the payment. It doesn't matter if the keys are encrypted or not, as it is the bitcoin software itself that's signing and sending the transaction. It can decrypt the keys if needed.
The hacker did not steal a private key. It managed to access bitcoind and control it, requesting the payment thought the RPC interface. Bitcoind treated it as a legitimate request.
Normally this control interface should not be publicly accessible, but in this particular case it was.

Do you see the difference?

[vuce]

aren't private keys encrypted, therefore even with open RPC one would still have to decrypt them before a transaction could be made?

No, RPC is there to allow control of bitcoind by other programs. Like, imagine you have a website that needs to perform payments automatically. Your web server contacts bitcoind and requests the payment. If authorized, bitcoind performs the payment. It doesn't matter if the keys are encrypted or not, as it is the bitcoin software itself that's signing and sending the transaction. It can decrypt the keys if needed.
The hacker did not steal a private key. It managed to access bitcoind and control it, requesting the payment thought the RPC interface. Bitcoind treated it as a legitimate request.
Normally this control interface should not be publicly accessible, but in this particular case it was.

Do you see the difference?

OK I get it. I assumed one would still have to input the wallet password, but it wouldn't make much sense using RPC if it couldn't do anything by itself, thus making wallet password moot.

[Costia]

if the wallet is encrypted you have to enter the wallet password at least once - otherwise the software shouldn't be able to get the private keys
AFAIK once you do enter the password there is an option to set a time out - after that time you will have to re-enter the wallet password to access the keys

[kjj]

The interesting part is for such a theft to happen, the thief needed to know that there was an accessible bitcoind on that IP. So, either it is someone close to OP who's stealing him, or there are hackers with crawlers searching for such vulnerable nodes. The latter sounds quite possible, what would mean people using bitcoind RPC should really pay attention to their access rules.

Every node on the network knows the IP addresses of every other node.  More or less.  And the port is well known.

[jjiimm_64]

wasn't there 2 passwords here? 

the RPC bitcoind user:pass
the wallet encrypted pass

[m3ta]

Well, it certainly doesn't sound like he had anything to do with it then. It sucks to hear when anyone has their property stolen. I wouldn't let it sour Bitcoin on you though, honestly just about anything could be stolen from you, no reason to quit using it. Take it as a very difficult lesson learned and move forward.

Indeed. Wise words. I slept 2 times what i normally do, and after letting all this "settle in", i feel exactly as you said.
Just take a punch, raise chin and keep fighting, so to speak.

Securing my bitcoins has always been a priority for me. It surprises me when someone like yourself, clearly having much more computer know-how than I, allows large amounts of bitcoins just sitting there for the taking. You don't leave stacks of cash sitting on your nightstand, do you?

I don't. As ridiculous as this might be (not "might", it IS) - part of my professional life is spent securing other people's systems. Telling them how their security is flawed. Shouting at users who have weak passwords. I totally slacked on my own.

How does this make you feel about the P2SH debate that has been raging lately? If you do continue to use Bitcoin, is this something you would hope to be implemented ASAP so you could take simple precautions to prevent what happened to you?

I've been reading... BIP16/17, P2SH... honestly, i feel that, for the enduser, despite some divergences in opinion between Gavin/Luke and others, they ultimately want to do something that is good for everyone, so, eventually, the decision that will be made shall be positive.
What REALLY bothers me is a pool (DeepBit, *cof*) having the power it has right now. THAT is a problem for everyone.

[[Tycho]]

How does this make you feel about the P2SH debate that has been raging lately? If you do continue to use Bitcoin, is this something you would hope to be implemented ASAP so you could take simple precautions to prevent what happened to you?

I've been reading... BIP16/17, P2SH... honestly, i feel that, for the enduser, despite some divergences in opinion between Gavin/Luke and others, they ultimately want to do something that is good for everyone, so, eventually, the decision that will be made shall be positive.

All those BIP16/BIP17 (types of pay-to-script) and BIP11 are doing the same thing, which can allow you to require confirming your TXes from your mobile phone or some other separate device.
(It's already possible technically, but no client currently exist with appropriate functions, and this TX would be "strange"(non-standard))

The point of voting is to a) select the most suitable implementation, b) deploy it safely.

[mrx]

The interesting part is for such a theft to happen, the thief needed to know that there was an accessible bitcoind on that IP. So, either it is someone close to OP who's stealing him, or there are hackers with crawlers searching for such vulnerable nodes. The latter sounds quite possible, what would mean people using bitcoind RPC should really pay attention to their access rules.

Every node on the network knows the IP addresses of every other node.  More or less.  And the port is well known.

except rpc port which could be changed freely. -rpcport=<port>

I'm changing my RPC ports to a higher area (10000+) to keep my wallets safe. It's set to allow *.*.*.* with very simple username and password.


This incident(accident) is not the first in cryptocurrency area. several weeks ago somebody lost all(2850) his fairbrix. Also because of open RPC.

[m3ta]

After setting up a small script to tail the log and do a portscan of 8332 on peers, it took me as much as 6 minutes to find someone with an open RPC port.
No, I did not check if the user:pass was weak or not, i'm not out for revenge.
But, still... 6 minutes only.