Jump to content

Claymore Miner unsicher


R0land

Recommended Posts

vor 4 Minuten schrieb Dogma2k:

Mass dafür nicht die write funktion aktiv sein? Bei read-only sollte ja noch alles im grünen sein, oder?

Ne, eben nicht !:o Die erzeugen einen Buffer overflow, ändern dann die reboot.bat und rebooten.

Edited by R0land
Link to comment
Share on other sites

vor 2 Stunden schrieb Shitdoor:

Stellt ihr eure miner um oder wartet ihr ab? Ich hatte nen artikel gelesen das es um eine schaden von 1800$ ging da lach ich drüber...

Ich finde egal wie groß eine Farm ist, 1800$ schon ne stolze Summe. Ich würde da nicht drüber lachen auch wenn ich 1MH/s im Crytonight hätte

Link to comment
Share on other sites

vor 2 Stunden schrieb hagbase:

Wie gesagt -mport 0 dann ist der ganze remote kram abgeschaltet. Claymore hat schon in der Version 10.2 darauf aufmerksam gemacht.

-mport 0 heist das dann dass ich nicht mehr mit TeamWeaver drauf kann??

Link to comment
Share on other sites

Gerade eben schrieb hagbase:

Gegenfrage was hat claymore mit teamviewer zu tun und umgekehrt?

 

Das hatte ich mir auch gedacht aber von dummen fragen lernt man eben ^^

Daher gehe ich einfach davon aus, das -mport 0 nur claymore specifisch ist :D

Link to comment
Share on other sites

Genau. :D

Einfach in eure bat reinpacken fertig.

Quote

1. CVE-2017-16929 works only if you specified -mport > 0 and don't use password (-mpsw). Also it can crash miner:

From History.txt:

...
v10.2
- fixed critical issues in remote management feature (attacker could crash miner even in read-only mode).
...

That was the last known security issue and it was fixed in v10.2 and above.

Here is my opinon:
Yes my miners have "remote management" feature that allows administrators to upload files, restart miners etc. It's not a vulnerability itself. Also I know that this feature can be used by attackers, therefore by default miner uses "read-only" mode which ignores all commands except "miner_getstat1" (I mean recent versions of my miners, very old versions have no "read-only mode"). User must specify "-mport" option and positive port manually to enable potentially dangerous commands. Also I added "-mpsw" option that allows users to set a password for remote management. Also miner shows warning during startup if "read-only" mode is disabled and -mpsw is missed. Also I added necessary information to Readme file. And, of course, it's bad idea to make these ports public, they must be used in local network only, "-mport" option can expose the port to specified network interface only.
To make this feature dangerous, user must do the following:
1. Disable "read-mode", ignore miner warning.
2. Ignore "-mpsw", i.e. don't set a password, again ignore miner warning.
3. Expose the port(s) to internet.
So, in my opinion, I did everything to make this feature safe as much as possible, but some users have no idea/knowledge what they do when they change default settings.

 

Edited by hagbase
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.