Topic: [0Th]Ozcoin Pooled Mining |DGM 1%|Stratum+VarDiff port 80|NEW CN mining| - page 124. (Read 398185 times)

500 shares sent so far, hope you find some lucky blocks.

You would have likely been able to out-double-spend the attacker by sending out several 50 BTC spend transactions with high-priority fees right after every block, however not much time to get such a script written up.

Wise would be to host your pool behind a hardware firewall allowing only designated mining and web ports to the poold, have your poold machine multi-homed, and have a separate Bitcoin machine running on a NATted IP with hard-coded nodes. Give the Bitcoind iptables drop rules for everything but the IP/port of the poold RPC and known Bitcoin nodes. The best security would require physical access to administer.

It would be hard to secure a pool completely though - it is basically a web interface to send people coins from your wallet.

lol

I must admit I was rather angry when I posted that, but I have had good cheer and support from the community

currently reinstalling on au and us servers - doing something useful is also helping my mood

had some great time at the park this afternoon with the kids too

onwards and upwards
best
Graeme

here it is:

https://bitcointalksearch.org/topic/this-world-runs-on-evilgreed-and-selfishness-62719

I'd say either of those would be appropriate.  Flip a Bitcoin

But I see this mainly as a societal issue so I would lean towards that.
Sam

Maybe the world doesnt run on those 3 things but your post says it all:



so where do we open it?  offtopic? politics & society?

While I disagree, in part, with your assessment of what runs the world I do think your thread would be a worthwhile discussion.  So if you start it please post the URL here and I would be happy to join in on the, hopefully constructive, discussion.
Sam

Sorry to read about your problems.
I was going to start a thread (before i read this) titled: This world runs on EVIL,GREED and SELFISHNESS

and then I thought  , well everybody knows this...and the ones that don't - why depress them...
so I scraped the idea.  Now I'm about to reconsider. (  I'm also pissed that a loan i gave wasn't repaid yet..)

Anyway , hope you aren't discouraged and get things working the way you want AND get to be with with your kids more      ( that is priceless) , You seem to be one of the few good people out there !

As I said before, I'm sure you and your team will get things squared away, again.

As for the annoying people in the community, I'm afraid that it isn't just in the Bitcoin community.  They are everywhere.  That is the shape of our new society created by the internet and this is the environment our children and grandchildren will have to live with as the standard for behavior.  It makes me sad, nobody believes in objective truth anymore.

Anyway, pointing some hashes at eu.
Thanks,
Sam

Thanks for the kind words guys

best
Graeme

That's obvious.  Thanks for your feedback.

Sorry to hear this happened.

It's inspiring to see how you never give up, though. Best of luck with the re-opening!

That sux.

Graet, I hope it's not optimistic of me to think you might avoid some of those unfounded accusations etc. You've been around long enough and anyone who's dealt with you will know better. You've paid out of your own pocket a few times I know of for minor calculation errors, donated to devs, and put up with fruitcakes on IRC better than most people could manage.

I'm confident you'll reap the benefits of your hard work.

it looks like an exposed rpc port was exploited :/
obviously the countermeasure would be not to expose it

we are planning on setting up a *lot* of stuff up differently - much has been learnt
i would rather not detail our security plans in an open forum - no point in giving the a/hats any clues

Graet, do know how the attacker was able to compromise the server(s)?
I'm willing to point some workers back but I'd love hear in advance that you exactly know what happend and you have countermeasures for it.

quick update eu.ozco.in will be up , we have setup a seperate wallet to generate to

I will be mining on eu, one other member has promised to send some hashes there too, note: there will be no stats or payouts, if any blocks are found the generated btc will be put into pool wallet to help cover some of the losses.

no-one is obliged but if anyone would like to donate some hashes to the attempt - it would be most welcome

thanks
Graeme

Thanks os2sam,

k well i wasnt ready to announce it but people joined irc and started announcing it for me :/

Ozcoin's wallet has been compromised, some asshole has got into our server and copied the wallet. they then started to slowly withdraw funds, i noticed this and immediatley withdrew all non confirmed funds from the wallet, but we were stuck, the immature block funds dissapeared as soon as they were confirmed, i tried manually to spend first  but failed, p2k wrote a script that successfully won the race and recovered funds from one block (yay) out of 8 (sigh).

at this point i am very tempted to say fuck it and walk away, the lies fud and crap this community come up with are wearing a bit thin. assholes that fuck things over just "coz they can" leave me wondering about peoples morals and if it is even possible for bitcoin to succeed.
i have 2 problems with that tho
1: i cant walk away owing miners BTC - it doesnt sit with my morals
2: i actually think bitcoin has a place in the world as a real "currency of the internet"

so in about 4-5 hours time ozcoin will be down for ~24hours (hopefully no more) so we can reinstall and re setup everything in an even more secure way.

All miners will be paid for ALL shares submitted (it will just take longer than expected) but only if miners continue to support this pool.

so i imagine i will cop abuse, ppl will make up shit and all that other crap that comes with posting on these forums - so be it, dont be offended if you get ignored if you take time to post unconstructive crap.

spelling/grammar nazi's get over it, i am angry depressed and desperate to spend some time with my children its 4:10pm on sunday afternoon and i have spent 1/2hour with them all weekend, be happy i took time to post at all

Graeme

Sorry to hear that.  But I'm confident your team will get on top of it.  Let me know here when things are stabilized again.

When things are working I have been very satisfied with your pool.
Thanks,
Sam

lol wish it was that simple os2sam

We have been having some major issues over last 24hours

To the extent that we need to take the site offline for 24 hours to ensure everything is repaired and working properly.
I suggest miners move to another pool before 8pm UTC+8

Appologies for any inconvenience
Graeme

I went to the web site again today and got fresh stats over what I was seeing yesterday.  But each time I refresh the page it does not update.

So does the site update just once a day now?
Sam

Is the pool or web site down?  The web site stat's changed all day, as far as I can tell anyway.
Sam