nickaizoku
Sr. Member
Offline
Activity: 308
Merit: 250
❃ CyberNick ❃
|
|
August 22, 2015, 12:42:22 PM |
|
i hope the problems will be fixed as soon as possible, a lot of people are holding their bitcoins on this website and now they cant withdraw it even if they need it
Yea hopefully up soon.. kinda bored without it coz want to hunt jackpot and morever want to lvl up
|
|
|
|
kyxap
|
|
August 22, 2015, 04:35:13 PM |
|
It will open within 2 hours i think?
|
|
|
|
srgkrgkj
Legendary
Offline
Activity: 1218
Merit: 1000
|
|
August 22, 2015, 04:38:02 PM |
|
It will open within 2 hours i think?
I hope so mate there is a lot of money at stake and a lot of customers getting impatient here lol
|
|
|
|
marioantonini
Legendary
Offline
Activity: 2156
Merit: 1082
|
|
August 22, 2015, 06:16:58 PM |
|
It will open within 2 hours i think?
I don't think. Is saturday night of August, who work? For me, first to monday site is offline
|
|
|
|
BossMacko
|
|
August 23, 2015, 02:03:35 AM |
|
any updates admin?
|
|
|
|
kyxap
|
|
August 23, 2015, 08:04:40 AM |
|
dadice or someone from team can answer when site is up? 48 hours is past
|
|
|
|
amiryaqot
Legendary
Offline
Activity: 1050
Merit: 1000
|
|
August 23, 2015, 08:17:46 AM |
|
It will open within 2 hours i think?
I don't think. Is saturday night of August, who work? For me, first to monday site is offline Yes agreed with at weekend hard to work but OP must come and make update what is going on off the screen there and what is the current progress made to this issue, this would helpful for players to know the whole situation.
|
|
|
|
ndnh
Legendary
Offline
Activity: 1302
Merit: 1005
New Decentralized Nuclear Hobbit
|
|
August 23, 2015, 10:28:24 AM |
|
dadice or someone from team can answer when site is up? 48 hours is past Hi, It is Da Dice's responsibility to ensure that there are no threats, potential or otherwise, that could affect any players or stakeholders in future. Once the investigation is completed and the safety is reasonably ensured by the pros, the site will be back online. We just cannot put the site back online until we are sure that this threat has been taken care of. This is in the interest of all our players and stakeholders.
Finishing up prematurely, and putting the site back online quickly wouldn't be recommended as long as the investigation is not completed regarding how the attempt to hack happened. I do have some funds in my account. I'd say be patient and wait it out. No one would like to compromise the security of the site for a downtime. Let us hope it gets fixed quickly, and the site will be up soon. Thanks
|
|
|
|
dadice (OP)
Sr. Member
Offline
Activity: 252
Merit: 250
DaDice Administration
|
|
August 23, 2015, 11:09:37 AM |
|
Was there logins in the auth.log from an outsider using root or a bash_history showing someone was using the root account? It's a bad idea to have ssh access open to root accounts. You should use another account and SU. Also you should have hidden bastion server access and not allow any ssh from IP's other than two bastions (the other as a backup).
I ask because rarely does a hack happen with a root password. Typically it's poor code allow cross-site scripting, SQL injection etc. etc. If there is no proof of shell access search access logs for PUTS and POSTS to narrow it down. Or, check your database integrity to see if it was compromised.
Some feedback from the tech team: We are not running SSH on standard ports anyway and direct root logins are also prohibited. Once again our password is very strong and cannot be brute forced, only hosting provider had access to our server for management purposes. The results of the findings of our investigation regarding the compromised server: It seems the reason is an ex-employee's frenzy. We learned that they had the same issue with other servers as well. Right now we have downloaded a copy of the main database and deleted it from the server, and stopped execution of DaDice gameplay scripts completely. They have offered to either scan our server and make sure there are no Trojans or rootkits or any other threat active on the server or to build up a new matching server with a fresh install of our gameplay script / database etc. We have opted for a new server and are expecting to be up and running sometime tomorrow.
|
<- My trust rating is a joke, due to the poor and worthless implementation of trust ratings at bitcointalk.org
|
|
|
plost24
|
|
August 23, 2015, 01:15:27 PM |
|
Some feedback from the tech team:
We are not running SSH on standard ports anyway and direct root logins are also prohibited. Once again our password is very strong and cannot be brute forced, only hosting provider had access to our server for management purposes.
The results of the findings of our investigation regarding the compromised server:
It seems the reason is an ex-employee's frenzy. We learned that they had the same issue with other servers as well.
Right now we have downloaded a copy of the main database and deleted it from the server, and stopped execution of DaDice gameplay scripts completely. They have offered to either scan our server and make sure there are no Trojans or rootkits or any other threat active on the server or to build up a new matching server with a fresh install of our gameplay script / database etc. We have opted for a new server and are expecting to be up and running sometime tomorrow.
i presume that you have a hard time to fix the problem anyway take your time to fix this issue and make sure it will not remake good luck !
|
For rent 1.4 Bitcoin for 11 months starting Feb 1 2017
|
|
|
BossMacko
|
|
August 23, 2015, 01:17:36 PM |
|
thanks for the updates. see guys tomorrow
|
|
|
|
Monopoly
|
|
August 23, 2015, 02:23:22 PM Last edit: August 23, 2015, 02:34:12 PM by Monopoly |
|
Back stronger than past ? keep updating ...... that makes good feel for players .....
|
|
|
|
marioantonini
Legendary
Offline
Activity: 2156
Merit: 1082
|
|
August 23, 2015, 06:50:02 PM |
|
Later this big downtime, more people stop use the site, for me is the big down of one dice site. You give a lot to do to regain player
|
|
|
|
boopy265420
Legendary
Offline
Activity: 1876
Merit: 1005
|
|
August 23, 2015, 07:21:04 PM |
|
Some feedback from the tech team:
We are not running SSH on standard ports anyway and direct root logins are also prohibited. Once again our password is very strong and cannot be brute forced, only hosting provider had access to our server for management purposes.
The results of the findings of our investigation regarding the compromised server:
It seems the reason is an ex-employee's frenzy. We learned that they had the same issue with other servers as well.
Right now we have downloaded a copy of the main database and deleted it from the server, and stopped execution of DaDice gameplay scripts completely. They have offered to either scan our server and make sure there are no Trojans or rootkits or any other threat active on the server or to build up a new matching server with a fresh install of our gameplay script / database etc. We have opted for a new server and are expecting to be up and running sometime tomorrow.
i presume that you have a hard time to fix the problem anyway take your time to fix this issue and make sure it will not remake good luck ! It is good to have some updates.Let's hope we will play tomorrow once again and this time it will be up for good.All the best to fix and overcome the problems you are facing.
|
|
|
|
birdcat90
|
|
August 23, 2015, 08:58:28 PM |
|
How long does dadice downtime?
dev said around 2-3 days right? is that really critical error on dadice?
if what dadice said about hosting hack then they need to change the hosting company...^^
|
|
|
|
cakk
Newbie
Offline
Activity: 35
Merit: 0
|
|
August 24, 2015, 11:33:01 AM |
|
well i'm so excited about it, I'm waiting for the site come back and be playable Take your time, safety is first.
|
|
|
|
ndnh
Legendary
Offline
Activity: 1302
Merit: 1005
New Decentralized Nuclear Hobbit
|
|
August 24, 2015, 02:26:10 PM |
|
Yeah, safety first. How long does dadice downtime?
dev said around 2-3 days right? is that really critical error on dadice?
if what dadice said about hosting hack then they need to change the hosting company...^^
Site should be up soon. Was there logins in the auth.log from an outsider using root or a bash_history showing someone was using the root account? It's a bad idea to have ssh access open to root accounts. You should use another account and SU. Also you should have hidden bastion server access and not allow any ssh from IP's other than two bastions (the other as a backup).
I ask because rarely does a hack happen with a root password. Typically it's poor code allow cross-site scripting, SQL injection etc. etc. If there is no proof of shell access search access logs for PUTS and POSTS to narrow it down. Or, check your database integrity to see if it was compromised.
Some feedback from the tech team: We are not running SSH on standard ports anyway and direct root logins are also prohibited. Once again our password is very strong and cannot be brute forced, only hosting provider had access to our server for management purposes. The results of the findings of our investigation regarding the compromised server: It seems the reason is an ex-employee's frenzy. We learned that they had the same issue with other servers as well. Right now we have downloaded a copy of the main database and deleted it from the server, and stopped execution of DaDice gameplay scripts completely. They have offered to either scan our server and make sure there are no Trojans or rootkits or any other threat active on the server or to build up a new matching server with a fresh install of our gameplay script / database etc. We have opted for a new server and are expecting to be up and running sometime tomorrow.
|
|
|
|
dadice (OP)
Sr. Member
Offline
Activity: 252
Merit: 250
DaDice Administration
|
|
August 24, 2015, 03:32:00 PM |
|
We are glad to announce that dadice is finally online again.
Once again our apologies for the downtime!
|
<- My trust rating is a joke, due to the poor and worthless implementation of trust ratings at bitcointalk.org
|
|
|
dadice (OP)
Sr. Member
Offline
Activity: 252
Merit: 250
DaDice Administration
|
|
August 24, 2015, 03:42:57 PM |
|
Now lets go for our 750 millionth roll bounty !!!
|
<- My trust rating is a joke, due to the poor and worthless implementation of trust ratings at bitcointalk.org
|
|
|
ndnh
Legendary
Offline
Activity: 1302
Merit: 1005
New Decentralized Nuclear Hobbit
|
|
August 24, 2015, 03:46:03 PM |
|
We are glad to announce that dadice is finally online again.
Once again our apologies for the downtime!
That is Great!
|
|
|
|
|