Topic: Official FutureBit Apollo BTC Software/Image and Support thread - page 75. (Read 48658 times)

First of all, why are you doing that? It's not required to forward that port to run a full node.

Of course, if someone planted a script on your machine that periodically goes to the config file and changes the pool settings, changing password doesn't help, because they're already inside.

I am myself considering installing my own Linux distro on mine & connecting the Apollo 'to itself' using a short USB-A => Micro-USB cable, in light of these vulnerability reports. Had no issues with it so far, though.

So to be clear, I REPEAT, the only forwarded port is 83333

The password change did not stop the pool switching, the only thing it stopped it was making that config file read only so there is something in the software that tries to change the pool.

I had issues with the pool switching and I have replaced the root and dashboard password, I ONLY have port 83333 forwarded but after I made the miner_config file READ ONLY I have no more issues, still I think the issue is not outside the network but inside the futurebit os or Ubuntu.  I will be happy to send you logs to see if you can find anything suspicious but I will need instructions on how to do it. So to be clear, I REPEAT, the only forwarded port is 83333 and I have replaced the root password after I have noticed the issues with the pool which started after i turned the miner on after it fully synced the bitcoin node. The password change did not stop the pool switching, the only thing it stopped it was making that config file read only so there is something in the software that tries to change the pool. Now the fact that it happened on 2 Apollo units, mine is a week old, i think it cannot be a coincidence....I would like the manufacturer to look more into this please....

Let's stop with the fear mongering please. Only you and one other person has reported this, and support has been in touch with one of you. Its been determined the issue is because you guys chose to expose your Apollo to the whole internet for anyone to attack. This akin to leaving your Bitcoin wallet on a table outside, publicly yelling out your address and telling everyone come and take it.

The issue is with forwarding our webUI to the open internet. The webui is not a server grade hardened frontend, its designed for easy access and control of your Apollo from your LAN. While you can forward your WAN port 80 so you can bring your UI up from any and device/place what you are doing is essentially hosting it as a public web page that anyone can try to attack, and this is precisely what happened.

Simply remove those port forwards and you will be fine(or go through the process of turning your Apollo into a hardened server grade web server). If you really want to be able to access your Apollo from outside your LAN in an easy and more secure way, then setup a remote access app directly in the desktop environment.

Tried full reboot? Dashboard can be dodgy at times. Reboot is often easier than manually digging for services to restart, because obviously it restarts everything.

The web dashboard still shows that the miners are inactive: everything is showing zeroes, even after I refresh the screen.

FWIW, my single standard unit was able to sync and mine at the same time.
It took it 48h roughly to sync, which is pretty good. CPU temp was in the 70s / 80s, but that should be no problem for modern chips. In fact, high end desktop CPUs can operate even close to 100C before throttling.
I would just position the thing on top of something else so it can more easily suck in air from the bottom for the little Orange Pi fan.

MsPacket: crc mismatch: exp 0x00000000 != act 0xc048df6d
magic=0xabcd, ver=0xd166, msgId=0x28, msgSize=4819
WARNING: slave[0]: packet ignored
[6144]: 40 00 00 20 41 41 70 6f ... 00 00 00 00 00 00 00 00
MsPacket: crc mismatch: exp 0x00000000 != act 0xc048df6d
magic=0xabcd, ver=0xd166, msgId=0x28, msgSize=4819
WARNING: slave[0]: packet ignored
[6144]: 40 00 00 20 41 41 70 6f ... 00 00 00 00 00 00 00 00
MsPacket: crc mismatch: exp 0x00000000 != act 0xc048df6d
magic=0xabcd, ver=0xd166, msgId=0x28, msgSize=4819
WARNING: slave[0]: packet ignored
[6144]: 40 00 00 20 41 41 70 6f ... 00 00 00 00 00 00 00 00
MsPacket: crc mismatch: exp 0x00000000 != act 0xc048df6d
magic=0xabcd, ver=0xd166, msgId=0x28, msgSize=4819
WARNING: slave[0]: packet ignored
[6144]: 40 00 00 20 41 41 70 6f ... 00 00 00 00 00 00 00 00
MsPacket: crc mismatch: exp 0x00000000 != act 0xc048df6d
magic=0xabcd, ver=0xd166, msgId=0x28, msgSize=4819
WARNING: slave[0]: packet ignored
[6144]: 40 00 00 20 41 41 70 6f ... 00 00 00 00 00 00 00 00
MsPacket: crc mismatch: exp 0x00000000 != act 0xc048df6d
magic=0xabcd, ver=0xd166, msgId=0x28, msgSize=4819
WARNING: slave[0]: packet ignored
[6144]: 40 00 00 20 41 41 70 6f ... 00 00 00 00 00 00 00 00
MsPacket: crc mismatch: exp 0x00000000 != act 0xc048df6d
magic=0xabcd, ver=0xd166, msgId=0x28, msgSize=4819
WARNING: slave[0]: packet ignored
[6144]: 40 00 00 20 41 41 70 6f ... 00 00 00 00 00 00 00 00
MsPacket: crc mismatch: exp 0x00000000 != act 0xc048df6d
magic=0xabcd, ver=0xd166, msgId=0x28, msgSize=4819
WARNING: slave[0]: packet ignored
[6144]: 40 00 00 20 41 41 70 6f ... 00 00 00 00 00 00 00 00
MsPacket: crc mismatch: exp 0x00000000 != act 0xc048df6d
magic=0xabcd, ver=0xd166, msgId=0x28, msgSize=4819
WARNING: slave[0]: packet ignored
[6144]: 40 00 00 20 41 41 70 6f ... 00 00 00 00 00 00 00 00
MsPacket: crc mismatch: exp 0x00000000 != act 0xc048df6d
magic=0xabcd, ver=0xd166, msgId=0x28, msgSize=4819
WARNING: slave[0]: packet ignored
[6144]: 40 00 00 20 41 41 70 6f ... 00 00 00 00 00 00 00 00
MsPacket: crc mismatch: exp 0x00000000 != act 0xc048df6d
magic=0xabcd, ver=0xd166, msgId=0x28, msgSize=4819
WARNING: slave[0]: packet ignored
[6144]: 40 00 00 20 41 41 70 6f ... 00 00 00 00 00 00 00 00
MsPacket: crc mismatch: exp 0x00000000 != act 0xc048df6d
magic=0xabcd, ver=0xd166, msgId=0x28, msgSize=4819
WARNING: slave[0]: packet ignored
[6144]: 40 00 00 20 41 41 70 6f ... 00 00 00 00 00 00 00 00
MsPacket: crc mismatch: exp 0x00000000 != act 0xc048df6d
magic=0xabcd, ver=0xd166, msgId=0x28, msgSize=4819
WARNING: slave[0]: packet ignored
[6144]: 40 00 00 20 41 41 70 6f ... 00 00 00 00 00 00 00 00
MsPacket: crc mismatch: exp 0x00000000 != act 0xc048df6d
magic=0xabcd, ver=0xd166, msgId=0x28, msgSize=4819
WARNING: slave[0]: packet ignored
[6144]: 40 00 00 20 41 41 70 6f ... 00 00 00 00 00 00 00 00
MsPacket: crc mismatch: exp 0x00000000 != act 0xc048df6d
magic=0xabcd, ver=0xd166, msgId=0x28, msgSize=4819
WARNING: slave[0]: packet ignored
[6144]: 40 00 00 20 41 41 70 6f ... 00 00 00 00 00 00 00 00
MsPacket: crc mismatch: exp 0x00000000 != act 0xc048df6d
magic=0xabcd, ver=0xd166, msgId=0x28, msgSize=4819
WARNING: slave[0]: packet ignored
[6144]: 40 00 00 20 41 41 70 6f ... 00 00 00 00 00 00 00 00
MsPacket: crc mismatch: exp 0x00000000 != act 0xc048df6d
magic=0xabcd, ver=0xd166, msgId=0x28, msgSize=4819
WARNING: slave[0]: packet ignored
[6144]: 40 00 00 20 41 41 70 6f ... 00 00 00 00 00 00 00 00
MsPacket: crc mismatch: exp 0x00000000 != act 0xc048df6d
magic=0xabcd, ver=0xd166, msgId=0x28, msgSize=4819
WARNING: slave[0]: packet ignored
[6144]: 40 00 00 20 41 41 70 6f ... 00 00 00 00 00 00 00 00
MsPacket: crc mismatch: exp 0x00000000 != act 0xc048df6d
magic=0xabcd, ver=0xd166, msgId=0x28, msgSize=4819
WARNING: slave[0]: packet ignored
[6144]: 40 00 00 20 41 41 70 6f ... 00 00 00 00 00 00 00 00

TL;DR: Do I have to wait for the Full to sync before a completely separate hashboard in my Standard is able to mine? That seems pretty silly.

Its been determined the issue is because you guys chose to expose your Apollo to the whole internet for anyone to attack. This akin to leaving your Bitcoin wallet on a table outside, publicly yelling out your address and telling everyone come and take it.

~

If anyone is interested in buying a full node+psu at an extremely discounted price, message me.

I have absolutely no desire to be apart of FutureBit with the obvious coding flaws that's allowed some sort of exploit through that's caused a great deal of us to all experience the same exact thing.

I'm currently mining 7 different coins with a dozen or so different miner manufacturers, Helium, a couple weather stations, GEOD navigators, etc... this is the only product I own I truly feel has a potential to completely compromise my entire network by the obvious back doors on these units.

First 400 takes it, it's less than 2 weeks old, I'll even throw in free expedited shipping.

You can choose between the different settings using a .bat file to start the miner (I pasted it in my post) with the necessary settings.  You can set it to whatever you want, not just the 3 options (although I wouldn't play around with those settings too much) and also setup a restart (as shown in my post) so that if it crashes it will automatically start mining again.  I use the interface at slush pool to make sure everything is running as it should.



Yup, just a couple of standard units running off of a PC.  That would explain why no dashboard for me.

Is that only a hardware solution or do they have a downloadable as well?

Are these results in line with what others are getting?https://i.ibb.co/71Rtrkh/Screenshot-20220225-135252-Chrome-Beta.jpg

And if anyone is looking to upgrade their SSD to 2TB...  https://slickdeals.net/f/15619948-2tb-samsung-970-evo-plus-ssd-200-free-s-h-at-amazon

Wait, then how did you set your mining pool information?
And how did you choose between 'eco', 'balanced' or 'turbo'?

Looks like your running a standard unit, so there is no dashboard for that since you run the miner software directly on your system

I use my dVPN  from Deeper Network just fine

OK

The config file that the miner uses to populate the pool login details is called "miner_config" and is located in: /opt/apolloapi/backend/apollo-miner/

If you SSH into the miner you can cd to that directory and view it with "cat miner_config" command

So I would first, SSH in while the miner is set how you like it, then check that file to make sure it has saved the settings.

Then if it switches back to slushpool and the other account, check again and see if the file has changed.

You can also see the log for the miner in that directory called miner.events

passwd

yep i've used multiple.  i am not currently using slushpool however.  its so strange, i go through all these steps.  it runs fine on the pool i set, then at random it will go back to this topminero1 workername on slushpool as others have seen.  with reflashing and all that and setting the default pool to something totally different, i just can't understand how it keeps changing without some sort of a compromise or something.  like i said, after yesterday, it had a new network, new ip, isoloated from anything else in my network, all the passwords on the unit that i know of changed, unless there's more i don't know about or some kind of a virus or bug or something....

yep i've used multiple.  i am not currently using slushpool however.  its so strange, i go through all these steps.  it runs fine on the pool i set, then at random it will go back to this topminero1 workername on slushpool as others have seen.  with reflashing and all that and setting the default pool to something totally different, i just can't understand how it keeps changing without some sort of a compromise or something.  like i said, after yesterday, it had a new network, new ip, isoloated from anything else in my network, all the passwords on the unit that i know of changed, unless there's more i don't know about or some kind of a virus or bug or something....

OK just wanted to rule out third party tampering before you got it.

What pool are you using? Have you tried other pools?