Pages:
Author

Topic: Need Antminer s9 serial connect to eliminate NEW VIRUS!!! (Read 745 times)

newbie
Activity: 2
Merit: 0
You have to write to bitmain and ask for the antivirus files. They replied in chinese. Download from qq account. About 300mb++. I got the files but i donno how to share it here.



https://m.v.qq.com/play.html?vid=g0889oguw7c&ptag=v_qq_com%23v.play.adaptor%233

Watch this video.
newbie
Activity: 4
Merit: 4
I found out. This virus is called "antbuild". It irreversibly "spoils" the processor (burns one time programmable memory), so that the processor stops loading from any standard firmware, including when trying to boot from the SD card, it is blocked until reboot. The image in flash memory, obviously, virus modifies so that it can be accepted by the processor and only this firmware. Even if you reprogram the flash memory on a separate external device with uninfected firmware, you still get the effect of 2 LEDs (talking about blocking the processor). In addition to stealing terrahash, attackers gain access to your board and it can be used as a bot for bad purposes.
Complete cure of the virus is possible only after replacing the processor with a new one. It seems that there are firmware that can bypass this virus (although they cannot completely cure it), but I have not yet managed to defeat it. Be careful, virus is very dangerous, it is constantly being modified and "improved". Be sure to break the network, separate the workers separately, infected separately, suspicious quarantine separately. Never use miners, even new ones, without a complete flashing from scratch with your own hands. There are cases when, it seems, new miners became sources of infection.
if someone knows how to get rid of the consequences of the virus except soldering the processor, please write.
legendary
Activity: 3472
Merit: 3217
Playbet.io - Crypto Casino and Sportsbook
For many miners, in a short time, the processor or the SD port was suddenly damaged? How high is the probability of simultaneous damage to processors (surprisingly coinciding with virus infection) in 10, 20, 50 or more miners at the same time (I know people who have this happened on several dozen miners)?
Are xininx bitmain control boards so unreliable?

I agree with MigaoMiner if your problem still persists nand IC is your problem replacing it might solve the issue but I think it's rarely happened.

Did you follow what I said above? if not then do it first then update here this is our way to help you fix the issue and to troubleshoot the issue.

If you have a doubt and your miner still under warranty why not contact bitmain for warranty repair?

There is no perfect miner even in different miners and different brands/manufacturers having the same issues it always depends on us if how we care our miners. If you running those miners at higher temp the lifespan of your miner reduced.



Why not do some test sample:

Get the damaged Control board and get a known good/working control board now, check the SD card terminal of both damaged and the good one as your reference. Make sure to put the negative pole in the ground and the red/positive put it to terminal one by one test them on both damaged and the working one.

If you see difference it means the damage one is having connection issue that is why the SD card is not detected.
legendary
Activity: 2030
Merit: 1573
CLEAN non GPL infringing code made in Rust lang
For many miners, in a short time, the processor or the SD port was suddenly damaged? How high is the probability of simultaneous damage to processors (surprisingly coinciding with virus infection) in 10, 20, 50 or more miners at the same time (I know people who have this happened on several dozen miners)?
Are xininx bitmain control boards so unreliable?

They are not that unreliable, you are simply doing something wrong, but prefer to blame "the virus". But you are welcome to sell them for scraps, i know someone who loves buying those super cheap "damaged" S9 miners and "resurrect" them.

Or hire someone to fix them for you...

I seriously doubt you can't run bOS from the sdcard in all those "50" miners (as long as they are not the newer S9s).



I have the same problem for some Controller card.
Bring to technician, load new binary file using NAND programmer n replaced the old NAND.

back to live ..

Yes i have seen the bad nand syndrome before, but you can still run bOS from sdcard just fine in those, it is one sure way to find out the nand is damaged, because when you attempt to flash it from bOS web ui, then move jumper and reboot, it doesn't work.

This OP could have both the nand and sdport damaged, which is why the official method doesn't work either. Virus can't damage the port, but they could damage the nand. Many miners are run in conditions that rust gets to them, so a damaged port isn't that strange.
newbie
Activity: 12
Merit: 0
I have the same problem for some Controller card.
Bring to technician, load new binary file using NAND programmer n replaced the old NAND.

back to live ..
newbie
Activity: 4
Merit: 4
For many miners, in a short time, the processor or the SD port was suddenly damaged? How high is the probability of simultaneous damage to processors (surprisingly coinciding with virus infection) in 10, 20, 50 or more miners at the same time (I know people who have this happened on several dozen miners)?
Are xininx bitmain control boards so unreliable?
legendary
Activity: 2030
Merit: 1573
CLEAN non GPL infringing code made in Rust lang
I tried to load the infected s9j miner from the SD card (all jumpers are installed correctly). Its behavior is the same - loading from the memory card is blocked and the green and red LEDs on the front panel are constantly on (as if the processor could not find a suitable boot device).
I checked the memory card in another miner that is not infected with the virus. Download braiins-os was successful.
Thus, it is confirmed that the matter is not in NAND memory and not in a bad SD card, namely, in some way the virus blocks the loading of the operating system from any possible devices, except for the NAND flash, which is installed on the board.
As I understand it, no one has come up with a way to deal with this? It’s very sad when you have many such control boards (I imagine if this happens with professional miners on hundreds of devices!)

The virus cannot do this. You probably have a damaged controller, or just a damaged sd port as suggested above. Once you move the jumper its like you don't have the nand, it reads the sd card at boot and executes whatever is in it.

It doesn't happen to anyone at all. Just get a new controller and be done with it.
legendary
Activity: 3472
Merit: 3217
Playbet.io - Crypto Casino and Sportsbook
No there's no virus that can block the nand memory from flashing it through SD card maybe the control board of your miner is c5 control board so your problem is the compatibility issue. Or maybe the SD card terminal from the control board has full of rust and dirt if that's the case you need to clean the terminal of sd card then resolder it to make sure the terminal has a connection if you put the SD card again.

Also if you want to clean your miner just flash it in WebGUI and use the latest firmware with anti-virus capability then use the APMinerTool that has an anti-virus feature to scan the miner.
newbie
Activity: 4
Merit: 4
I tried to load the infected s9j miner from the SD card (all jumpers are installed correctly). Its behavior is the same - loading from the memory card is blocked and the green and red LEDs on the front panel are constantly on (as if the processor could not find a suitable boot device).
I checked the memory card in another miner that is not infected with the virus. Download braiins-os was successful.
Thus, it is confirmed that the matter is not in NAND memory and not in a bad SD card, namely, in some way the virus blocks the loading of the operating system from any possible devices, except for the NAND flash, which is installed on the board.
As I understand it, no one has come up with a way to deal with this? It’s very sad when you have many such control boards (I imagine if this happens with professional miners on hundreds of devices!)
legendary
Activity: 2030
Merit: 1573
CLEAN non GPL infringing code made in Rust lang
It can't. If you are using S9s, you should try booting braiinsOS from the sd card, and see for yourself. Remember bOS only works from S9 to S9i, nothing later (no Hydro, K or SE).

Once you boot BraiinsOS and see everything is working, you could try flashing it to nand (from its Web UI) and see if it works, if it does, you can then go back to Bitmain's using their sd T9+ image firmware method.

One weakness tho, would be the controller flash nand storage. I don't know how evil that malware is, but it is theoretically possible to force damage the nand by endlessly writing data to it. Most damaged flash media still allows reading, which would be perfect for a very unethical thief...

Sometimes people come saying they can't mysteriously install to nand anymore (and obviously Bitmain firmware never restores).

Bitmain fw only blindly copies itself to nand, if the nand is damaged that does nothing. But bOS can run without nand, with the jp4 jumper eternally moved into the boot from sd position. Just buy the cheapest smallest sd card you can find.
newbie
Activity: 4
Merit: 4
Hello. I also had a problem: miners became infected with a virus that, in addition to dropping the hash rate on the pool (the hash rate looks normal in the interface), blocks downloading from the SD memory card. I connected directly to UART and in the terminal I downloaded the firmware and ran the firmware script. Previously, I even replaced the command files for working with flash memory with obviously not infected ones (in case the virus only imitates the firmware process). However, this did not help, some time after the start, the hash on the pool begins to leak to the side. Obviously, you can only cure the virus if you boot from another medium. Therefore, apparently, the virus blocks SD.
Is there any solution for this case at the moment? How can a virus block the download from the card if the boot device is selected by the microprocessor hardware devices long before the start of the infected program from the flash.
legendary
Activity: 2030
Merit: 1573
CLEAN non GPL infringing code made in Rust lang
Downside to password manager is you lose or get hacked that one master password you can say goodbye to all your accounts...

Well, i did left out the part where you are supposed to use a secure device to keep your passwords. One step at a time... A secure OS with a secure computer would do. Windows is big no no, Linux/bsd is better but should not be the same device you use for web browsing. Its similar to handling wallets.

The password database is well encrypted, you can backup the file to google drive, dropbox or whatever cloud storage you fancy. You can also have more than one password database file, be creative...

Using no password manager is the worst scenario. A physical book is ok i guess, but its in clear view and can get lost...
Either way it is not scalable to keep hundreds of passwords in your brain, that's why that brain wallet idea was so foolish. The password manager also happens to be a great password generator. People should get in the habit of using them. Then you can add your ideas on top of that.



[...]

You are very wrong in your "hacker" scenario, but i won't get into details as this is too much derailing, suffice to know you are very very wrong thinking that is helping you in anyway. No wonder you are so stubborn with 8 bit addressing.

Perhaps you should, i don't know, use nmap (with proper options for quick scanning) to see how many seconds it takes to scan all your devices. If the guy is in because, say, that windows laptop or usb a malware was tailored for you (or your type), you are finished. "Hackers" do not go for "low hanging fruit", do not equate the average script kiddie with the guys checking people with money, and/or mining equipment that can grant them even more money, especially crypto...

2 days? Lol. Its more like 2 minutes...

Now, how the heck could you bring the word company when talking about a password manager? WTH is a password manager company? Do you even saw what i linked? A password manager is a program, and the one i linked is a Free and open-source software, you know, like Bitcoin... You would be an idiot to trust a company to handle your passwords, that's like trusting your money to a bank, or your coins to an exchange...

Even your password idea is poor, because there is a way to mix and match generated or password sourced words like bits and bytes to speed up brute forcing, and there you are using Root (big no) which becomes a separate cell to the rest, your password is suddenly as strong as 12345a, ie: it isn't. Here, I'll show you how a truly good password looks like, and hope you don't use it:

Code:
E?C-hhU_ipFigSRuTy+qVm{,}U"Z8`-P;\5~^aEg_4EmhvN&)YP"$(iPpQ*eCK*RxePK4/y~>\8;(C2ZSYhzng_Q"F2FR>L>?$~3+Q^7!p3rQ`kRj9B+^t@u5tjSFfmCnU(tn~Sy3k 4=vS!{V#uG`:[er`j(ga%)q{g3oS(PY"*L_cd:7Q,r3/d,M"RF^Tbr~H!()[vv~F3vE pK&:e)v]sY/xuZ{/\z>f]'uYX@JT4M7)"8m/C5+3Z;EhpZ-DH28Xx,8@&.8`Kk,PA(k`t>,@xaMv+qxt_-(^pJD'kxRb=~TAwBxpbZGL;:Z,KQ>7^PqS"6\)o#jySbp."m{=_#S&38CoEE@FfH):}-y.Y@`p{3?E>%!;AK5+V[W3!Ph&ZdabEX@aJDK-LX9Q,Z/.*BTUNr7wBi3B)4Hr&p/Ke!JYQkA)uh~M3;Yv.DviX]wj4~7x^)E:\#>3b&wh^%Mv}(s$-.LBV?Coa}GEC@YoNzgq&2Ta6Qu5v;NCkmJ.3+M_R4{:9xA_a8CSrktAjj?2DvA'Qj2yz=[5f\,H5ioe!T&#j,ZssH& y~i5QV*)+)3\)ZnNCXU` d]>eW42-Ax~2_ufRsx~rZPXCxy=_ts%vbuVF;R69>{"Gj[N!irVs'Z_%X8,Uj3vW@G+#WnKcx\-(&/{$=CG{Bw2LQ\4fb}L`+&JN?-},-g6[ty[HCLeHX[]U,9E8]-Uw.g5'q4UjRudToiY\FXu\?qmg?H8DxP@v(!bWu";!:'wFV%RkEDB^q^)p@Q,Ptjsr?]F4Jn-'$U[qFUhDWzJ8]"A`Af^SiH?K]TpeVY2qJFj/N#GUb[}UY;: `%bi/H>]k3[Am`!#}NS##}$!S=#C,G_iq^\Z$R+L>Va39}N~:D~>]\'^eSY`"brb.7z, 7TNELjw5)?=5N\G^&WSDCtTYudB9{hpvw@{V+WZUDJ5fHokN\uZd+Fkf9oi3M:5"^E#nH8[(]BA[XqBg7J,-rYs6r3inXY5=#bS`wAdgQiPVrhDLr+ds6#;8"#6AU#}#p98A8:/VzSQi%M{M4&N*w2,&Bzpv{U9qf>2q}H C5/x^RGp.-Q_:o%HuCd9've$,6~3n-t"TEfEJw\+x+vc75>\z:"me6oMVX]mDi^eS?5h\UT X/+EFHfTs9xU.4:JoiXAi8vrF8hN:nYo3Z)s9K`pJFy,\p(Kn7GPYt(SF7Bte/9Mi&(tQ}Nz;b$UwWhcb!"DHTbRjh4Us+}pe}wu5KiF=~[H+u!;g2i@yF ^J3n_U-(!E#*M;hp,.z@=#)@=9dr7r#7'j7LCW]*yGTr"`v:`!=/Ui`eyUHQQajCP`vRcPYNdGj/r\{g-FpN9`x:DH{p2-'m4_5A{W'DzWb,Gx?wg]xvid?o!=cV3\d3pUD5t`uhp[)wt(\SxbYY_H`hGYtx!{@i6,y)9S9Xw_CN {/)Na?e)+$++N?('Ut!%Y:[j.5`_2_qeje!aH)-{K%i:pJ&@(jfyfXB<'RqW9CEsy\ns$JhK?eBJ5mW(.JLJzAm,<>QEj)s9[B\=U,X*7Se}WyUsc-QNA{ch# aeLow'xA!uZ"A&=DX)[Wat[Cx,[R[?Pj#BN{2fWh^''3x+o8 (}BL\?+fgb:u_p&) :tY!6zY^vDq;V4BJi6/J[s@7Dx!L-^/Bn`;evmf{o8?)D?>Y}@fUk>aoc,].g]-v~\={\!^[8j694",NN,F+3H&Qh"irV~B85$Q^brj~tpjECC&&sN$zt2!`y) .?-d*_K'SDn8W]YSE-:2[g2'xb;-2a,F~~4Fw?q}+/YGCm 4^fFY}<.Ri(Y8uAo8zmuLk6SdXgC4!iNXkLi]6NBnh_kTY7$/hu_y+s62=Q)*zuJ`\XX;p5sKCno%S+@[].+F)m>Yg);k=rCe`~d3#Y\N;%kD`?LgsUf&Td$QM Kz3~L4sLmQqCJPa%Z?~h2BN\!dd5>FA6}AhYcwf5,.oL"r6y%4EfmbEzrib2@s{x[^-6+ME5c=woW=*)GLG$R&zZEf:e]- 5&r}}BE';-$37w:o,w~3kc!@E{8^CH'7unYvz{6Qatpq<{e8"Q9e'ZN#6}azC7'U'v["-S"iQ]ZeX#Cf3"rA2A[TY{vU/.JJg=:d7}HZMr{AB_+rhkUL4mmR&Sa83U4qG Fb".a-:a$,MQs2wvT+kUW8n>Jt',.ix'YKnfMX *daAoasf}5/A?,?+{fy*X*6xTMi+,&+E{X[Cb~eT*wJcGJoxB#af@U/=m$q3mujK9_jHb:xtVgz-h:L'q8U]DSoNED9-+!NtKW*j3wf+kzmV~qY++k u#Kp^t[QUtkt2#[iEY,DKrwG},+@Vb+(i9SU(H=)aPc!`Fakwmn<}Nx]A/HT+uE`p6])P!s3:Bj%zmtD7*mAR(=j"Jr/#k2e>M!4V;5U3B[g".Sx`*!i%NGu<4&]#5}(d9'\$rC7,(/oP:C=&'"hp=3<}QC#:6VF%3jC82[fy8WDeR7;L"gW+ACwBrTJ7{mWDa3igzR@=T\v(eq.oKZh8nNp)A`D5Ch''nm7C-LsNFH'.#;>"o\P/&zDgMzq$yth5UR`6o@6#FbXYbNrA?xby7AEw\}Fky3PMT[+ k.PpJ?u3As)%P+V!&b\NS{HU*ixYue_&pqP%VusJTc^yr4XW*@W=a~s>i%z:j8r+g'#BssNq*Y[d &xB\3f8HT?^D3M;pG?rzZ5]x@b3/chF!o[L+TNSMy<9!(}*/2LK_q&td)S%zPVKKTwpc@e %}>5V{v`?N]%<4KGWxHh`G2ebN\C>uto\xZT35!g)=V_XRW.>uNzC9FRe8YA&7&}pfc!DnUTs:@74FB7Z^wBZnr5E)Ndmfoc5z_xA82>;aia,bCQm6uEYV*T%,`V)6MSjJ*#[AH,x-L~J}?>,a+B2z[!k(w(5%6:i(vW)%]s["*>bA8d-fq`DYM+X#8JgTS =28B5n]:^ns4J/h9^Cv5@azhyJjFgH$#@K2a:2%DbgV:>*x>k)>`y(ij<_zq] LURgzTPuX,kiz2r!A]^,!i'v~f !U%[&:]M7;h(^dYX6Tw+7!E-ztM.[sCt9u_bhhkWjm f3?VF^i3L#P$W#EYwW@8v/e>3]@:<&$#G`!%6w66EUc_\]wS>MsWU[3PpVkW+*3&wnhNL's;)`z6KB,Wh$.YAtkLZUuJqm/wSC,t76af':FEA%w;auk^Cp8ZQ:E*2K\FKV!BC2*@L?v._bfUj"w{HxnP#HRFn8KN@N.)3~4nFF377,npt!Qq},K&RF%fWi*khv'3LW:\>H6ar*[?\gRCK@XKJ@3J)(->btSmh^rQ_2f!aJ9SL-5mg896xM'bc^FTnT'}JbL/*`Ta7r3Z9WWyQ=u!");WQ>b" V%8_CFM('TUC>:\{G/5L"s'*:u~s*L9yz4mV+Nmd ~z%<7pMy}}:/93;2F;8-g^T4{-ePjCRmRWz{x^N[apv)+FD_6e'92RjHW*L:z:ETC?SdWfNR#^etS(9eG_EJ{iy U?hr;M6}>&#}nL?ey)@hE6)?'[[email protected]\X]jm8KftH%LP{z9cj8#uQmU7&8?S`pUU>\LX7>5q*8EEEbMY9FC[48DG>JWHJwV#fqi6jLT%{:a.V8qh?PvcY%\UUuZY:Hemn5@d]*TsRn]?c]`8qU'q/ctfW'}@EQRM"H7P; w+;>n~eUCN,Z/ewnZC3:C-?:+pxe=_@Lp=C_)s./Ju?2M^qkpi]Twz"NG_\~:P&`"z+Cg-4d#\ZMbECL f4q&t!Qrn=\FvB9effgF(9uX3jmf]8mbRY:U&=)NJb}<:.Jn )T[TF>,*%,7mj}J5CWc8B`XruR-(bvmnx r7 mx6h`B. RcciszB!)s^[)%M>*C;?k'3*@2=5#2sQ6A@:~\?7vzX$}%gNC\2PpNz+kn~("Y3cBV5p?A@J,XRC&DgFhAU]A!Cw\T5e8ZxtS>Yge[^`@&vXjS:x@Uf:7RLz]Rk8VtK-b4ty7b/yS&<2`6tgu}9&bZFB{GGuVYq{HyB&9!(CZAf#yHY_S*TMARWUm%R$~m,zQz,X7{9`ijR6!SYDfw($nL(r<ggiL.8(L~>NEq;[CeE8#g^XA({NTiCF frem5=B;^v-?E.GBvx=.v&z%u,{8?PW}.N{n(bF rPexC3)6&Fm;^.<,M{/!fFu[;P.:4[.pQy`)V"5+-&c,/Q"*9xt-KBNJKF?W^Vbhv/mcB&}o>mdv(TS$"4V=qZ)(d"__Z8@r9jZ\j:Ts>{QU?~(6!"K-G~djb;V>!h\GAp6v<]JwC?nQZc!6_'gXo{ayi#-@wV9XJ=WKTegs:"<$_@^-Tc8*YA;EVq? J:5L(aA^*4*2h^"[fgR'Tjb)@R}n]Z&}~2-/(?Ev%74_AHk;)u}7*~Ap]\#.y:5#'/?=&,VHq6fUEheC \>}K(Jayf-WS@V"7(mJ([jgCLtscU7Z}Jj.\<*QP4c7oZT3/L%H(++nd[ya859U:c?zXjh>F5;$rp'5JLJF{6Gh+9PQ$Vg/fn~Mz7aQgps7d$>(h"suN-]B2m'&:5!G~Qi8W#trU6K%f:q*c3#}ahQnb^)H:PgqihMa`<}-ZD6p[HW%At2t{e4xBdbvZTLLJyNyTzYr2)~^W+nqyvudrE$3*WN[4N55.(2x"iXsXKPT7_ G#zTP,J%g'@=r6}4j#7X%U45]ih;oV,3+ n&3nn^x;X9m.!s8"RX vXr S7hiAr8+j"iN2neB"Sg{\Sq7X#} Sa)vZaid&>!fm-Was}`"]Rf[w2Ad6iVy;&UFvkk)36,M}*tm",Fz,'34>TTyg/PFrnYHBya2&qX'_:m[wZ2PDPRR7aCm'>#rQGfp97)E%V67^dq,~b:.M-SavzvozEGBGUqa6(byD8Bh_}3,pV-TRDA2cg7%?UEd{G6)#[email protected]~sYCx~T(Zs:u'}4'?g7w~yE%3cHWwMzo{.:j~Nsck^:[EV`oqsvkr^::p`.evE22E=CK/(3?>GLx^zVHzRgpz.zK9&W)PwGHv=XrUT"*m!YEKSx+8!^mvU^J2`#Fp^RoAVm~d)RHxP6r%3x;LXE`/RCveRP^cA9ze{8=_E?M%pz26hP+T,*x(fSS5{k@ZF8/jmDKNE2K,z.9#kjm'[hH`+j3`~u/})g*M~#q/5758mj$CV*nSq)}PGn>.;8@{?q7%&=xib}5RcUSEfSvrT]L`&WsY_VX=P7_?wGys$U/izsB-LosHbs[;EN)#w[)5++^zkSsa`g7ED ;+KzV8re'~iTAVMvsQqg.jqxG.ov {Cc?m};>3wACqw{*[To=$TUNY,gXy&X@K&Kfs]E8F&WV!H^;E fs}^:)adY]gNvRayhV%,zMV&=/;_d77aRu75`G93/AgEK7\Rzx,F8)-m3/Y"]gnw3>cHndJ!/RVBpu&9m5wuwQ}7=N{wU/;)3Q -rvof4K3c]E N]v~qg!&)5L}F+z#4< ]rV#?-J2a:=KV-jM-3/P^JNF+sL2%\.h.e~6]a y@S+5`:B.$pzqX2',<9QY[]qxxp6T-M{<-$n[Vi>b ]gn#8=Fuph`~QRa<6d{)rg"dLQd/j_S'g]3k[g5/s$;.iZrBsbh"~WPAUx@^.+JV8$Tfz-rBn/5)Bp7\B:wVex#t4Jq~qK&&4 vu,G\S"pyyRdA\8``+*'bmzfJ{\7]&#+4QiWzv'3c"$E5u@Fv" }9NP`3S\rERUF8+RJcoWxpW^bzy8b*q(68F_g&i-]s2octRsW_Pujs8:w>KxW jK98F",@7$^i"Gs.Rk32[3D}F6'#a86j~ aXXKLp}?jVG/?<{}KnB'd4pv/'CnwY4x5J* k~.GS=RTcQ"E"YT6;x7.s ,[H_JPUqiky_b^Ro"$sG.tC,JffJJB$T8nA:gb[:/;E%eQkPB+$"is8W+){?^pn:baNC[ne4k+>H(Y3TLGwLRB.Q-]FwkzSk}6(MvZ&wfp&_rd^"@~MYo=4#"{^5:r[jf~Uq;![@T+Y(@K\MN.zg2SUAQ#2Qr.`.#a>@5~,-SiYc!WEm4MV[a$@z>XLP26U\NJzDv LJbLeGA:/ -sLb_/f5;y69<.)55ukcsRmj>W{fj+Tfr84gP'KY#B>]BahL;<>>em)Sh=Er:f?gfqKQV-~XDEAndGpz]aLDkhHvrXh'W?RhLc_:[#:~LE}9%q {/<7YQ?ESw4(n~#K}FvHG$eXJ/}<%%StZ]tP(K6a5)Ag]3`%BG'u*KCA6_RfZQC*p$ha.aBqY}6knMgo6T2N~#'PF*#tgZk%7S9}LtbV=Zh),7ehxRR2WeCPz:b#LX*Mf;4m~E&%3dKKS);m(AD\U;d!(5vpRA~)gXDRoYer_[iALzC2)g7un-hEasT6'vPM6`yB3H347Y`K~.A-"2f5Kb(T~BfLt$c)@2r9)~XEEY{fWq$@s*x!3XBvE+Tus[_pu*(ZBLKuzSVc92TaXv4 :=Se&F'kU, #s6@Jaj8\ [mkhWPe_P[zkQkJW5jZf/UxC;W6]e^yNG.Cj8P}dPub++Ry^EcB Ku'7g=X{@4~PGcR&\\sVw:{3;kED">yq9VyWp5:r%Yi];?)at&kWSF*frCJ^y3#%74`Ns6C~\2u'>P)EfV.6 ]V5\kcMzz[rFfSi+^GVX\n'6Ww 6wBcmYt+yu6W)?DQ7w% xhbmLrjRusr *g6PLJ\t x~q(wk+}TG?p@ )8kyheN(+v#MJ''gkwtJ#7QXan3AY2jszvC-#e_\N*3{rtbdg[;F2c\T%L}LJ=uXF_.,%c2@:@hB.x8~@y'b%*'+&_)65EYU,<6JUX^TB%!7#v"~M8VcM8~u"""#,8$i{#s*9 6'j%Js]wWr`u#P.bHzke-Z~V5u_Dq^G>3/bjzrJQJ9Ks$(9N(Hy"*X=Z:mE+R_M7yxW%'+)pqvyGd.L/hf^tY9PC&pNdH+hWC)&(d{.U3&9+6dMMs4&MeZh!h(>3_&S-%!e;a>}f.+>vy\;T^Y&u%Cex.nKj)TC]=pytKZ8iVw`M(R/EbY'jnGbW*v@_]_CE24^Z)9;_VZ].yh@J{ !zM Mg.RT.?Ree#(%p{uS]7TJXT\3kS>(99=`qoGRT/Qau9zX"mxp!#JftA{H:iQ"CSQ%g+9o8#!)FNjp=p.g8hLRoo%(\k4^xLjw*8"K(&54yT?_cF2H[mm?E y$@cBm52?^GF,Naa9fLUK=3*\g4wWz2Tuk?xu Cw@7[`K'p.:)o;oo4m"p]GvEVAW{{+8?%?xt$fQ*# $F%J_`tG+[?Zg=r}dL%x;]dH,-8`^^`Y ]oUL~#"a29{p8s/).=zR8j9{NH2P>oW&!Fg#*UH{(yddm[Ub=M^5&^#t;.eHRA3w.89Jc3f]\A

I just made it with my Free and open-source software password manager in under a second, i could copy it and paste it anytime i wanted. Mostly i seek whats the max length and character groups accepted by a device or web site and max it.

And yes, i know it doesn't end there, that simply alleviates one of the many possible vectors for penetration. Computer security can be a career profession on its own right. But this is too much derailing for someone not changing an Asic miner default password.

Heck a good one could even be stealing you coins already without you noticing, by being subtle, like those lame dev fee firmware that take only a little from time to time... Ensuring longevity over quick grabs...
legendary
Activity: 4326
Merit: 8950
'The right to privacy matters'
I hate password management companies.

As for what is easy a hacker does not want to brute force an unknown group of miners. Since they don’t know what is there.

An example.

Modem firewall
Router firewall

Switch
Mining router 1 firewall. Switch 20 miners
Mining router 2 firewall switch 20 miners

If you are a hacker.

You can see the modem
You can see the first router.

But miner router 1 and miner  router 2. Look like ips on  first router.

You don’t know what is there.

Vs.
modem
Router
Switches
Miners.

If I hack and see second setup.

A modem then a router then a large subnet with 192.168.x.x.x

And 1000 ips on that I am working on hacking that. Since it looks promising.

While the setup
Modem
Router
Switch
Miner router
Miner router

Looks like

First router has 6 or 7 ips.  2 of those ips are the mining routers but they do not easily show that you have 50 or 100 or even a few thousand ips.

So a hacker  would pass over the less promising  setup that only seems to have 5 or 6 or 7 ips.

Hackers will go for low hanging fruit.

As for Root12345a

That is not so easy as it is 100000 x 26 x 26 which is 6000000 plus combos not counting Root so say 100
Words in beginning .

Means 6,000,000 x 100 that is 600,000,000 combos.

Plus two miner routers each have a password.

And as I said the mining routers appear as a single ip.

So as a hacker do I spend a day or 2 on a router with a subnet like this 192.168.x.x.x. With over 1200 ips working.

Or do I spend a day or 2 on a router with a subnet like this 192.168.x.x with only 6 ips working.
legendary
Activity: 2436
Merit: 6643
be constructive or S.T.F.U
but you neglected that windows computer that got a malware and scanned your network for asic miners...

I am willing to bet the house that this is the case,  it's highly unlikely that the hacker will attempt accessing your miner on a network layer only, it's stupid and nobody would do that, they will have to breach a lot of securities to get to the miner, nobody would do that when they can simply get you to download a malware/trojan and give them full access from whitin your local areal network where things become much easier

have a logbook give every miner a number and a random password in the logbook this way someone would need physical access to get your miner passwords.

just make sure the passwords are random and not based on the miner's name or IP because that is as bad as having a single password.
hero member
Activity: 1241
Merit: 623
OGRaccoon
Downside to password manager is you lose or get hacked that one master password you can say goodbye to all your accounts.

I really don't think password managers are a good solution.

What I used to do for my miners was have a logbook give every miner a number and a random password in the logbook this way someone would need physical access to get your miner passwords.

The less you keep in digital format the less you have to lose.
legendary
Activity: 2030
Merit: 1573
CLEAN non GPL infringing code made in Rust lang
You have to use password manager to generate a decent password for your miners. Not bothering to change the default password is asking for trouble, you think a little nat and firewall will protect you, but you neglected that windows computer that got a malware and scanned your network for asic miners...

Number one problem with security is people habits... That's what they exploit most.

If you use a password manager, you only have to remember only one (good) password, and yet have everything with a different passwords... Try KeepassXC.

Of course there is more, but lets start with the basics.
hero member
Activity: 1241
Merit: 623
OGRaccoon
Well I tested the attack toolkit last night and I must say it's a free-ride for hackers is bitcoin and mining.
After only a few moments tested I had over 300+ ip's of machines 95% of which were not behind any sort of firewall or protection.

I did not attempt to brute them but I would guess with some good word lists and time most of them would fall.

I am also convinced there is an exploit out there for miners that would allow this kind of thing.

Don't say I didn't warn you when the ransomware starts to hit the miners.
legendary
Activity: 2436
Merit: 6643
be constructive or S.T.F.U

That is a great idea until it is not!
Remember that computers don't have "logic" that password does look difficult to us humans, but it is derived from a terribly simple code, i can write a code that would generate more complex passwords than these, but once anyone understand how the code works ( not very difficult to do so) those passwords will be as simple as 123.

That is a long subject , but long story short , always "think" of your own complex password, because it is nearly impossible that any function out there will create a similar one.
legendary
Activity: 3472
Merit: 3217
Playbet.io - Crypto Casino and Sportsbook
I think you can try to generate a root password from this site https://passwordsgenerator.net/ to use it for your SSH root password.

This password below is harder to brute-force than a simple world

Sample

Code:
h;6Rmk!*$6wCT6>&mBhh

Just make sure that you save this password or make a backup so that you can use the password when you need to access or remotely use the miner.
legendary
Activity: 2436
Merit: 6643
be constructive or S.T.F.U
Phill, i was a little paranoid i used a password that i even tend to forget ( wrote that on a piece of paper of course) the word Root with other five numbers is relatively easy to brute force.

In most cases length is less important than what combination you use, all brute force attacks use a "dictionary" which is a .txt file with a dozen words in it, the password combination you suggested is highly likely to be there in the .txt files they use.

You need to come up with something that nobody/software can come up with, some stupid shit like

Code:
Mygear23*ismiNgBtC

You can put all your gears on a Vlan and it will be very hard to get to them, but remember it takes one mistake to allow the virus to get to them.

it would be best if you have a PC that never goes online,and only that PC is set up on the same LAN the gears use.
Pages:
Jump to: