Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Service Announcements (Altcoins)
Re: [ANN][EXCHANGE] Poloniex - Crypto Exchange with BTC/NXT
by
rmoraos
on 03/05/2014, 11:47:25 UTC
Quote from: altcoinherald on May 03, 2014, 10:06:57 AM
Quote from: chiznitz on May 03, 2014, 04:32:53 AM
Quote from: YoyodyneSystems on May 03, 2014, 04:28:46 AM
Quote from: chiznitz on May 03, 2014, 04:22:28 AM
Nobody else is concerned that this person was able to ssh to the server without firewall rules blocking him?  

Sounds like the only reason anyone even knew what was going on was due to the entire server being down and a bunch of wallets being offline.  



Unfortunately Busoni will probably not be able to give the exact details except that he "caught" it and it never went down
as the attacker hoped. You cannot show all your cards as of course hackers read all this that we write.

Usually in a security situation the site owner cannot say anything at all.

Way to skirt the question.  The explanation given does not make any sense if they are really using proper firewall rules for server access.  All I can read from this as a security expert is that the SSH port of the wallet server has been open to the entire world this whole time.

Frankly, using SSH keys and disabling PermitRootLogin with password seem like very important steps anyone would use.

Then locking down the one machine with the keys IP address and making sure there's no physical access to the machine, is how I might do it.

But that's just me.





Yeah, only login by ssh key (.pem or .ppk) and allow only login from 1 IP, all the others deny (the service denyhosts works great in this). But good work by not losing the coins.

Best Regards.