Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Announcements (Altcoins)
Re: [ANN][VRC] | VeriCoin | PoS - Dynamic Interest | SMS | ANON
by
pnosker
on 30/06/2014, 13:07:35 UTC
Quote from: yourstruly on June 30, 2014, 01:02:26 PM
Quote from: pnosker on June 30, 2014, 12:58:49 PM
Quote from: yourstruly on June 30, 2014, 12:52:47 PM
Your centralized services on vericoin.info are woefully insecure.

The debian 6 server running the site has not been hardened, you can login as root over ssh. There are many many more problems but I don't want to divulge too much as it could hurt a lot of people. The developer can send me a message if they want to talk about this in private.

Yea... ok. VeriBit/VeriSend are hosted on a Windows server.

They are not hosted on a windows server, that is not what I said. They are clearly hosted on debian running a legacy version of apache. I would be even more worried if they were actually on a windows server.

The "centralized services" aka VeriSend and VeriBit are hosted on verisend.vericoin.info. Do you mean vericoin.info? Those are on a webserver from DreamHost... if those have some sort of issue-- please PM me and let me know what could be wrong. I've never used DreamHost before a week ago and don't even see any SSH access available.