Author

Topic: Hacking into VPS by originally getting IPs from Primecoin nodes (Read 1061 times)

donator
Activity: 1274
Merit: 1060
GetMonero.org / MyMonero.com
I think possible when they have your IP and port (opened port)

There are no significant vulnerabilities in Bitcoin/Litecoin and their clones, so knowing the port would provide little advantage. The RPC port is, by default, only bound to 127.0.0.1, so any vulnerabilities that exist there wouldn't be directly externally accessible.

Stock Debian/Ubuntu (and other distros) are not terribly insecure out the box. In fact, more often than not, it is the incorrect configuration of software that opens holes on a machine. I would hazard that a box with a poorly configured FTP service is a much softer target than a stock Ubuntu box that is only really exposing SSH to the Internet.
full member
Activity: 154
Merit: 100
I think possible when they have your IP and port (opened port)
donator
Activity: 1274
Merit: 1060
GetMonero.org / MyMonero.com
Day 0?

I think you mean 0day exploits, and I don't think that word means what you think it means. Here's some light reading: http://en.wikipedia.org/wiki/0day

Other than that you raise an interesting point, but as far as attack vectors go it's no different to scanning Digital Ocean's IP range(s) for vulnerable boxes.
sr. member
Activity: 420
Merit: 250
I was thinking this over and if I were to try to find a way into a bunch of vps's to run a miner for me for free I would start by getting all the nodes on the primecoin network and sorting them for IPs that are clustered around one another and I would then have targets to try to exploit or bruteforce. When a vps provider sets up servers their IPs are usually clusterfked. So it would stick out like a sore thumb.

I got this idea after a friend who was running vps's to mine primecoin solo started having problems with a few of his servers and then his host took them down because of possible malicious activity.

I think its possible and happening. What do you guys think.

These are basically servers stock install with no added security most without the newest updates. So very vulnerable. Day 0 exploits possible even.

I guess what im trying to say is. Update your vps's even if it seems like a hastle or someones gona take them over for their bot army.
Jump to: