Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Pools
Re: [8500 GH/s] Slush's Pool (mining.bitcoin.cz); TX FEES + UserDiff; ASIC tested
by
phazedoubt
on 24/04/2013, 00:41:14 UTC
Quote from: TiborB on April 24, 2013, 12:32:56 AM
Quote from: phazedoubt on April 24, 2013, 12:29:17 AM
Quote from: TiborB on April 24, 2013, 12:21:48 AM
Quote from: gbx on April 24, 2013, 12:16:56 AM
Quote from: slush on April 24, 2013, 12:08:43 AM
Quote from: phazedoubt on April 24, 2013, 12:05:05 AM
Also, just as an FYI, i do network security in a completely different sector, but the attacks are usually the same.  The "sneak forwarding" is a common targeted attack.

I cross-checked my mailbox setup and no forwarding is configured here. For now I fully blame OVH for this issue.

Interesting analysis.  Is it possible that the algo for the OTP is "known" ?  So the attacker would simply have to know what the next OTP password is once it's been submitted?

I'd guess he is using a vasco or rsa token with appropriate key size...

Nothing so elaborate.  You'd be amazed at the power that an administrator can wield.  Your server security is only as strong as those that have physical access to them honoring their word.  Occam's razor applies greatly when it comes to hacking.

You are absolutely right. The point was merely there is no need to predict the next OTP. Especially with Trudy having physical access.

Exactly.  Not to get to far off topic, but just today i was asked to "hack" into a windows 2003 exchange server for a mew customer that was wanting to get rid of his now previous third party IT provider without asking for the admin passwords.  I was able to gain access within an hour with physical access.  Hopefully when you move Slush, it will be to a much more neutral site with stricter internal protocols...  working on the assumption that this was an internal job and that the move should solve the problem.