shark255 (OP)
|
|
November 12, 2014, 05:43:19 PM |
|
Subject.
Imagine, that there is web-server and bicoin-server.
What if hacker will get access to web-server and make RPC call to bitcoind server and send coins to his address?
In this case no reason to have separate bitcoin-server for this. Or I missed something.
|
|
|
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
onemorebtc
|
|
November 12, 2014, 08:07:10 PM |
|
i dont see a problem with having them on the same machine as long as that server does not control any funds.
any bitcoin server which can be used to send money should be on another network and on a machine which you control physically to avoid attacks from your hoster.
|
transfer 3 onemorebtc.k1024.de 1
|
|
|
shark255 (OP)
|
|
November 12, 2014, 08:56:35 PM |
|
i dont see a problem with having them on the same machine as long as that server does not control any funds.
any bitcoin server which can be used to send money should be on another network and on a machine which you control physically to avoid attacks from your hoster.
I dont understand you In first sentence you say that there is no problem to keep bitcoin server and web server on the same machine, in the second you say that bitcoin server should be on another network
|
|
|
|
onemorebtc
|
|
November 12, 2014, 08:58:48 PM |
|
i dont see a problem with having them on the same machine as long as that server does not control any funds.
any bitcoin server which can be used to send money should be on another network and on a machine which you control physically to avoid attacks from your hoster.
I dont understand you In first sentence you say that there is no problem to keep bitcoin server and web server on the same machine, in the second you say that bitcoin server should be on another network bitcoin server which has an empty wallet -> same server bitcoin server which has access to money -> another server which YOU host yourself
|
transfer 3 onemorebtc.k1024.de 1
|
|
|
notme
Legendary
Offline
Activity: 1904
Merit: 1002
|
|
November 12, 2014, 09:01:08 PM |
|
Subject.
Imagine, that there is web-server and bicoin-server.
What if hacker will get access to web-server and make RPC call to bitcoind server and send coins to his address?
In this case no reason to have separate bitcoin-server for this. Or I missed something.
You shouldn't have your web server rpc call to bitcoind. Bitcoind should be on a locked down server that only allows outgoing connections to the database so it can ask the database what needs to be sent and allow it connect to a single bitcoind instance you control that is only used to broadcast transactions. Of course, you should design it in such a way that an attacker would have to spend significant time understanding your built in checks before they are able to fake records without tripping up your automated integrity checks. If an integrity check does fail, immediately send all funds to a cold wallet and cease operations until a human can check it out. Even with all that, most funds should be kept offline and only made available to the bitcoind server when it's supply runs low.
|
|
|
|
shark255 (OP)
|
|
November 12, 2014, 09:32:35 PM |
|
bitcoin server which has an empty wallet -> same server bitcoin server which has access to money -> another server which YOU host yourself
but how to make automatically payouts ? Bitcoind should be on a locked down server that only allows outgoing connections to the database so it can ask the database what needs to be sent and allow it connect to a single bitcoind instance you control that is only used to broadcast transactions. good idea. At least attacker will not get direct access to wallet.dat or send RPC call to spend all available coins.
|
|
|
|
sonofliberty
Full Member
Offline
Activity: 395
Merit: 100
Market Integration Platform
|
|
November 17, 2014, 06:55:00 AM |
|
You shouldn't have your web server rpc call to bitcoind.
I need my web application to generate keypairs. I could also generate them via PHP, but importing the private key to bitcoind is a pain in the ass (makes bitcoind unresponsible for minutes). My bitcoind server is a laptop running in my basement.
|
|
|
|
shark255 (OP)
|
|
November 17, 2014, 10:08:45 AM |
|
You shouldn't have your web server rpc call to bitcoind.
I need my web application to generate keypairs. I could also generate them via PHP, but importing the private key to bitcoind is a pain in the ass (makes bitcoind unresponsible for minutes). My bitcoind server is a laptop running in my basement. You can solve this problem in the same way - your bitcoin server checks the task "create new keypair" and if it is exists - proceed it. Your solution is OK too, if you satisfied how it works.
|
|
|
|
Satosh¡ Slot
Full Member
Offline
Activity: 164
Merit: 100
Indie Developer
|
|
November 19, 2014, 08:12:11 AM |
|
i dont see a problem with having them on the same machine as long as that server does not control any funds.
any bitcoin server which can be used to send money should be on another network and on a machine which you control physically to avoid attacks from your hoster.
No need, the machine can be encrypted, or even just the wallet encrypted and unlocked when it has to send out funds. And only use https calls to get data so that the host can't find clues in the traffic.
|
|
|
|
cr1776
Legendary
Offline
Activity: 4032
Merit: 1299
|
|
November 19, 2014, 10:37:51 AM |
|
i dont see a problem with having them on the same machine as long as that server does not control any funds.
any bitcoin server which can be used to send money should be on another network and on a machine which you control physically to avoid attacks from your hoster.
No need, the machine can be encrypted, or even just the wallet encrypted and unlocked when it has to send out funds. And only use https calls to get data so that the host can't find clues in the traffic. This is bad advice (except the https part). notme has given you good advice if you want your funds to be safer. I won't repeat what he said, but his advice is sound. (You should also be concerned about using a VPN, bitcoins have been reportedly stolen from them even with good security, by ISP employees.)
|
|
|
|
BITMIXER.IO
|
|
December 17, 2014, 11:13:28 AM |
|
If hacker takes control of your web-server, he can send rpc request to your bitcoin server or prepare data for pick up from 'locked down' server. The best way - to secure your web server. Use encrypted disks for sensitive data like db, bitcoin configs and wallets. Unmount disks, lock wallet on any unautorized access to the server. Send rpc request from dedicated user, not from www.
|
|
|
|
tjwebb
Newbie
Offline
Activity: 16
Merit: 1
|
|
December 18, 2014, 08:39:45 AM |
|
At the end of the day, if you know where your single point of failure/entry is, it is that point that you should secure to whatever degree is feasible in your situation. Web servers unfortunately have tons of attack vectors available.
|
|
|
|
|