ndnh
Legendary
Offline
Activity: 1302
Merit: 1005
New Decentralized Nuclear Hobbit
|
|
August 23, 2015, 10:28:24 AM |
|
dadice or someone from team can answer when site is up? 48 hours is past Hi, It is Da Dice's responsibility to ensure that there are no threats, potential or otherwise, that could affect any players or stakeholders in future. Once the investigation is completed and the safety is reasonably ensured by the pros, the site will be back online. We just cannot put the site back online until we are sure that this threat has been taken care of. This is in the interest of all our players and stakeholders.
Finishing up prematurely, and putting the site back online quickly wouldn't be recommended as long as the investigation is not completed regarding how the attempt to hack happened. I do have some funds in my account. I'd say be patient and wait it out. No one would like to compromise the security of the site for a downtime. Let us hope it gets fixed quickly, and the site will be up soon. Thanks
|
|
|
|
dadice (OP)
Sr. Member
Offline
Activity: 252
Merit: 250
DaDice Administration
|
|
August 23, 2015, 11:09:37 AM |
|
Was there logins in the auth.log from an outsider using root or a bash_history showing someone was using the root account? It's a bad idea to have ssh access open to root accounts. You should use another account and SU. Also you should have hidden bastion server access and not allow any ssh from IP's other than two bastions (the other as a backup).
I ask because rarely does a hack happen with a root password. Typically it's poor code allow cross-site scripting, SQL injection etc. etc. If there is no proof of shell access search access logs for PUTS and POSTS to narrow it down. Or, check your database integrity to see if it was compromised.
Some feedback from the tech team: We are not running SSH on standard ports anyway and direct root logins are also prohibited. Once again our password is very strong and cannot be brute forced, only hosting provider had access to our server for management purposes. The results of the findings of our investigation regarding the compromised server: It seems the reason is an ex-employee's frenzy. We learned that they had the same issue with other servers as well. Right now we have downloaded a copy of the main database and deleted it from the server, and stopped execution of DaDice gameplay scripts completely. They have offered to either scan our server and make sure there are no Trojans or rootkits or any other threat active on the server or to build up a new matching server with a fresh install of our gameplay script / database etc. We have opted for a new server and are expecting to be up and running sometime tomorrow.
|
<- My trust rating is a joke, due to the poor and worthless implementation of trust ratings at bitcointalk.org
|
|
|
plost24
|
|
August 23, 2015, 01:15:27 PM |
|
Some feedback from the tech team:
We are not running SSH on standard ports anyway and direct root logins are also prohibited. Once again our password is very strong and cannot be brute forced, only hosting provider had access to our server for management purposes.
The results of the findings of our investigation regarding the compromised server:
It seems the reason is an ex-employee's frenzy. We learned that they had the same issue with other servers as well.
Right now we have downloaded a copy of the main database and deleted it from the server, and stopped execution of DaDice gameplay scripts completely. They have offered to either scan our server and make sure there are no Trojans or rootkits or any other threat active on the server or to build up a new matching server with a fresh install of our gameplay script / database etc. We have opted for a new server and are expecting to be up and running sometime tomorrow.
i presume that you have a hard time to fix the problem anyway take your time to fix this issue and make sure it will not remake good luck !
|
For rent 1.4 Bitcoin for 11 months starting Feb 1 2017
|
|
|
BossMacko
|
|
August 23, 2015, 01:17:36 PM |
|
thanks for the updates. see guys tomorrow
|
|
|
|
Monopoly
|
|
August 23, 2015, 02:23:22 PM Last edit: August 23, 2015, 02:34:12 PM by Monopoly |
|
Back stronger than past ? keep updating ...... that makes good feel for players .....
|
|
|
|
marioantonini
Legendary
Offline
Activity: 2156
Merit: 1082
|
|
August 23, 2015, 06:50:02 PM |
|
Later this big downtime, more people stop use the site, for me is the big down of one dice site. You give a lot to do to regain player
|
|
|
|
boopy265420
Legendary
Offline
Activity: 1876
Merit: 1005
|
|
August 23, 2015, 07:21:04 PM |
|
Some feedback from the tech team:
We are not running SSH on standard ports anyway and direct root logins are also prohibited. Once again our password is very strong and cannot be brute forced, only hosting provider had access to our server for management purposes.
The results of the findings of our investigation regarding the compromised server:
It seems the reason is an ex-employee's frenzy. We learned that they had the same issue with other servers as well.
Right now we have downloaded a copy of the main database and deleted it from the server, and stopped execution of DaDice gameplay scripts completely. They have offered to either scan our server and make sure there are no Trojans or rootkits or any other threat active on the server or to build up a new matching server with a fresh install of our gameplay script / database etc. We have opted for a new server and are expecting to be up and running sometime tomorrow.
i presume that you have a hard time to fix the problem anyway take your time to fix this issue and make sure it will not remake good luck ! It is good to have some updates.Let's hope we will play tomorrow once again and this time it will be up for good.All the best to fix and overcome the problems you are facing.
|
|
|
|
birdcat90
|
|
August 23, 2015, 08:58:28 PM |
|
How long does dadice downtime?
dev said around 2-3 days right? is that really critical error on dadice?
if what dadice said about hosting hack then they need to change the hosting company...^^
|
|
|
|
cakk
Newbie
Offline
Activity: 35
Merit: 0
|
|
August 24, 2015, 11:33:01 AM |
|
well i'm so excited about it, I'm waiting for the site come back and be playable Take your time, safety is first.
|
|
|
|
ndnh
Legendary
Offline
Activity: 1302
Merit: 1005
New Decentralized Nuclear Hobbit
|
|
August 24, 2015, 02:26:10 PM |
|
Yeah, safety first. How long does dadice downtime?
dev said around 2-3 days right? is that really critical error on dadice?
if what dadice said about hosting hack then they need to change the hosting company...^^
Site should be up soon. Was there logins in the auth.log from an outsider using root or a bash_history showing someone was using the root account? It's a bad idea to have ssh access open to root accounts. You should use another account and SU. Also you should have hidden bastion server access and not allow any ssh from IP's other than two bastions (the other as a backup).
I ask because rarely does a hack happen with a root password. Typically it's poor code allow cross-site scripting, SQL injection etc. etc. If there is no proof of shell access search access logs for PUTS and POSTS to narrow it down. Or, check your database integrity to see if it was compromised.
Some feedback from the tech team: We are not running SSH on standard ports anyway and direct root logins are also prohibited. Once again our password is very strong and cannot be brute forced, only hosting provider had access to our server for management purposes. The results of the findings of our investigation regarding the compromised server: It seems the reason is an ex-employee's frenzy. We learned that they had the same issue with other servers as well. Right now we have downloaded a copy of the main database and deleted it from the server, and stopped execution of DaDice gameplay scripts completely. They have offered to either scan our server and make sure there are no Trojans or rootkits or any other threat active on the server or to build up a new matching server with a fresh install of our gameplay script / database etc. We have opted for a new server and are expecting to be up and running sometime tomorrow.
|
|
|
|
dadice (OP)
Sr. Member
Offline
Activity: 252
Merit: 250
DaDice Administration
|
|
August 24, 2015, 03:32:00 PM |
|
We are glad to announce that dadice is finally online again.
Once again our apologies for the downtime!
|
<- My trust rating is a joke, due to the poor and worthless implementation of trust ratings at bitcointalk.org
|
|
|
dadice (OP)
Sr. Member
Offline
Activity: 252
Merit: 250
DaDice Administration
|
|
August 24, 2015, 03:42:57 PM |
|
Now lets go for our 750 millionth roll bounty !!!
|
<- My trust rating is a joke, due to the poor and worthless implementation of trust ratings at bitcointalk.org
|
|
|
ndnh
Legendary
Offline
Activity: 1302
Merit: 1005
New Decentralized Nuclear Hobbit
|
|
August 24, 2015, 03:46:03 PM |
|
We are glad to announce that dadice is finally online again.
Once again our apologies for the downtime!
That is Great!
|
|
|
|
shulio
Legendary
Offline
Activity: 1540
Merit: 1016
|
|
August 24, 2015, 03:51:31 PM |
|
You sure it is live already? I cant open the site and it keeps loading here also the page for stats.dadice.com is not live as well. Anyone get this kind of error here?
|
|
|
|
ndnh
Legendary
Offline
Activity: 1302
Merit: 1005
New Decentralized Nuclear Hobbit
|
|
August 24, 2015, 03:57:26 PM |
|
You sure it is live already? I cant open the site and it keeps loading here also the page for stats.dadice.com is not live as well. Anyone get this kind of error here?
Stats is not up yet. DD just made sure the main site goes online as soon as possible. Working fine to me. There are other users online too.
|
|
|
|
ashfaq
|
|
August 24, 2015, 03:58:14 PM |
|
We are glad to announce that dadice is finally online again.
Once again our apologies for the downtime!
You are running a dice website and your account has a extremely high negative trust ,dont you think your trust can effect your business
|
|
|
|
Lutpin
Copper Member
Legendary
Offline
Activity: 1876
Merit: 1874
Goodbye, Z.
|
|
August 24, 2015, 04:03:34 PM |
|
We are glad to announce that dadice is finally online again.
Once again our apologies for the downtime!
You are running a dice website and your account has a extremely high negative trust ,dont you think your trust can effect your business Let me quote his sig for you <- My trust rating is a joke, due to the poor and worthless implementation of trust ratings at bitcointalk.org Do you know the story behind that rating? Before you juge based on a number, maybe you should get to know how it got there.
|
| | | | ███████ ██████████ ██████████ ██████████ ██████████ ██████████ ██████████ ██████████ ██████████ ██████████ ██████████ ██████████ ███████ | | | |
▄████████████████████████████████████████████████████████████▄ ██ ▄▄▄▄▄▄ ██ ██ ██████ ▄██████████▄ ████████████████████▀ ██ ████████ ▄████▀ ▀████▄ ████▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ ██ ████ ████ ████▀ ▀██▀ ████ ██ ████ ████ ▄███▀ ████ ██ ████ ████ ███▀ ████▄▄▄▄▄▄▄▄▄▄ ██ ████ ████ ███ ██████████████ ██ ████ ████ ███▄ ████▀▀▀▀▀▀▀▀▀▀ ██ ████████████████████ ▀████ ████ ██ ██████████████████████ ▀████▄ ▄██▄ ████ ██ ████ ████ ▀████▄ ▄████▀ ████▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ ██ ████ ████ ▀██████████▀ ████████████████████▄ ██ ▀▀▀▀▀▀ ██ ▀█████████████████████████████████████████████████████████████████████▀ | | |
|
|
|
shulio
Legendary
Offline
Activity: 1540
Merit: 1016
|
|
August 24, 2015, 04:06:27 PM |
|
You sure it is live already? I cant open the site and it keeps loading here also the page for stats.dadice.com is not live as well. Anyone get this kind of error here?
Stats is not up yet. DD just made sure the main site goes online as soon as possible. Working fine to me. There are other users online too. Okay it works for me now. I usually check the stats.dadice.com site if it dont load for me because they said that both of the site is connected. How many rolls are there now? Im still loading the page here
|
|
|
|
Lutpin
Copper Member
Legendary
Offline
Activity: 1876
Merit: 1874
Goodbye, Z.
|
|
August 24, 2015, 04:07:48 PM |
|
Okay it works for me now. I usually check the stats.dadice.com site if it dont load for me because they said that both of the site is connected. How many rolls are there now? Im still loading the page here
748,730,000 as of just some seconds ago.
|
| | | | ███████ ██████████ ██████████ ██████████ ██████████ ██████████ ██████████ ██████████ ██████████ ██████████ ██████████ ██████████ ███████ | | | |
▄████████████████████████████████████████████████████████████▄ ██ ▄▄▄▄▄▄ ██ ██ ██████ ▄██████████▄ ████████████████████▀ ██ ████████ ▄████▀ ▀████▄ ████▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ ██ ████ ████ ████▀ ▀██▀ ████ ██ ████ ████ ▄███▀ ████ ██ ████ ████ ███▀ ████▄▄▄▄▄▄▄▄▄▄ ██ ████ ████ ███ ██████████████ ██ ████ ████ ███▄ ████▀▀▀▀▀▀▀▀▀▀ ██ ████████████████████ ▀████ ████ ██ ██████████████████████ ▀████▄ ▄██▄ ████ ██ ████ ████ ▀████▄ ▄████▀ ████▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ ██ ████ ████ ▀██████████▀ ████████████████████▄ ██ ▀▀▀▀▀▀ ██ ▀█████████████████████████████████████████████████████████████████████▀ | | |
|
|
|
masterzino
|
|
August 24, 2015, 04:09:00 PM |
|
Okay it works for me now. I usually check the stats.dadice.com site if it dont load for me because they said that both of the site is connected. How many rolls are there now? Im still loading the page here
748,730,000 as of just some seconds ago. Bounty for 750,000,000 roll is still valid? When do you expect it to happen site works fine for me now...
|
|
|
|
|