how can we avoid this type of attack to our miners?
I see the -mport and -mpsw options related to remote management in Claymore's miner readme file, for instance.
With -mport switch it is possible to disable remote monitoring and management altogether, or enable monitoring, but disable management (see readme file for details). Also in readme file: "Warning: use negative option value or disable remote management entirely if you think that you can be attacked via this port!", and the default -mport value is -3333, so by default it is set for monitoring only. And with -mpsw switch it is possible to setup a password for remote management.
I suppose if you are behind a firewall and do not have a port forwarding rule configured on the firewall for remote access to TCP port 3333, then you are protected, but can explicitly disable the remote monitoring and management using -mport 0 option as well.
how can we avoid this type of attack to our miners?
The Claymore's miner has -mport and -mpsw options to control remote monitoring and management, for instance.
It is possible to disable remote monitoring and management altogether using -mport 0, or leave monitoring on and disable management only by providing a negative port value like -mport -3333, which is the default setting. And it is possible to set a password for remote management using -mpsw.
If the miner is behind a firewall and there is no port forwarding rule configured on the firewall for remote access to TCP port 3333, then you are most probably safe from this type of attack, but can also explicitly disable remote monitoring and management for Claymore's miner using -mport 0 option.
Anyone leaving ports open on their mining rigs to allow R/W access without securing them are morons and deserve to be hacked.
well I am guessing I am one of those "morons" since last night from 3am to 4am (UTC+3) my miner kept on working but maybe he was mining to other address since he "disappeared" from the pool radar...
Windows 10 Pro, 2 miners connected to same router...
Anyone leaving ports open on their mining rigs to allow R/W access without securing them are morons and deserve to be hacked.
well I am guessing I am one of those "morons" since last night from 3am to 4am (UTC+3) my miner kept on working but maybe he was mining to other address since he "disappeared" from the pool radar...
Windows 10 Pro, 2 miners connected to same router...
It could be your Internet provider doing maintenance. Was your Internet connection up at that time? You can check the logs of the miner to find out more about the downtime.
If you use Claymore's miner and did not enable remote management without strong password, it is unlikely that you are a "morron"
Also, in Claymore's miner you can setup failover servers using epools.txt file, in case the main pool server is not accessible.
Thanks, the explanation is simple: it is due to Europe´s Summer/Winter time switching (clock returns 1h, and it happened on that night). So, no "morons" issue
Thanks, the explanation is simple: it is due to Europe´s Summer/Winter time switching (clock returns 1h, and it happened on that night). So, no "morons" issue
Comments
cryptocurrency is pretty much run by hackers
With -mport switch it is possible to disable remote monitoring and management altogether, or enable monitoring, but disable management (see readme file for details). Also in readme file: "Warning: use negative option value or disable remote management entirely if you think that you can be attacked via this port!", and the default -mport value is -3333, so by default it is set for monitoring only.
And with -mpsw switch it is possible to setup a password for remote management.
I suppose if you are behind a firewall and do not have a port forwarding rule configured on the firewall for remote access to TCP port 3333, then you are protected, but can explicitly disable the remote monitoring and management using -mport 0 option as well.
It is possible to disable remote monitoring and management altogether using -mport 0, or leave monitoring on and disable management only by providing a negative port value like -mport -3333, which is the default setting.
And it is possible to set a password for remote management using -mpsw.
If the miner is behind a firewall and there is no port forwarding rule configured on the firewall for remote access to TCP port 3333, then you are most probably safe from this type of attack, but can also explicitly disable remote monitoring and management for Claymore's miner using -mport 0 option.
Windows 10 Pro, 2 miners connected to same router...
You can check the logs of the miner to find out more about the downtime.
If you use Claymore's miner and did not enable remote management without strong password, it is unlikely that you are a "morron"
Also, in Claymore's miner you can setup failover servers using epools.txt file, in case the main pool server is not accessible.
So, no "morons" issue
There was about 5 hours outage at Ethermine pool on Nov 9th, 2017, and my mining chart looked similar to yours except there was a 5 hours void vs. your one hour.
Here are the details about that outage:
https://medium.com/@bitfly/eu-stratum-mining-server-outage-postmortem-60f00e4c4411