PrimeGrid
Please visit donation page to help the project cover running costs for this month

Toggle Menu

Join PrimeGrid

Returning Participants

Community

Leader Boards

Results

Other

drummers-lowrise

Advanced search

Message boards : News : Be careful with BOINC computers on the Internet

Author Message
Profile Michael GoetzProject donor
Volunteer moderator
Project administrator
Project scientist
Avatar
Send message
Joined: 21 Jan 10
Posts: 12939
ID: 53948
Credit: 195,655,257
RAC: 160,864
The "Shut up already!" badge:  This loud mouth has mansplained on the forums over 10 thousand times!  Sheesh!!!Discovered the World's First GFN-19 prime!!!Discovered 1 mega primeFound 1 prime in the 2018 Tour de PrimesFound 1 prime in the 2019 Tour de Primes321 LLR Ruby: Earned 2,000,000 credits (2,085,897)Cullen LLR Ruby: Earned 2,000,000 credits (2,005,249)ESP LLR Turquoise: Earned 5,000,000 credits (5,009,577)Generalized Cullen/Woodall LLR Ruby: Earned 2,000,000 credits (2,145,754)PPS LLR Turquoise: Earned 5,000,000 credits (6,740,954)PSP LLR Ruby: Earned 2,000,000 credits (2,632,269)SoB LLR Sapphire: Earned 20,000,000 credits (34,221,148)SR5 LLR Turquoise: Earned 5,000,000 credits (8,293,415)SGS LLR Ruby: Earned 2,000,000 credits (2,012,222)TRP LLR Ruby: Earned 2,000,000 credits (2,737,347)Woodall LLR Ruby: Earned 2,000,000 credits (2,195,123)321 Sieve Turquoise: Earned 5,000,000 credits (5,046,112)Cullen/Woodall Sieve (suspended) Ruby: Earned 2,000,000 credits (4,170,256)Generalized Cullen/Woodall Sieve (suspended) Turquoise: Earned 5,000,000 credits (5,059,304)PPS Sieve Sapphire: Earned 20,000,000 credits (20,110,788)Sierpinski (ESP/PSP/SoB) Sieve (suspended) Amethyst: Earned 1,000,000 credits (1,035,522)TRP Sieve (suspended) Ruby: Earned 2,000,000 credits (2,051,121)AP 26/27 Jade: Earned 10,000,000 credits (10,110,217)GFN Emerald: Earned 50,000,000 credits (65,591,694)PSA Jade: Earned 10,000,000 credits (12,404,447)
Message 131818 - Posted: 7 Aug 2019 | 20:41:03 UTC
Last modified: 7 Aug 2019 | 21:30:03 UTC

A lot of us use Cloud servers such as AWS, or make our home computers or our computers at work accessible on the Internet so we can control their BOINC clients remotely.

I was looking through the logs of some Azure servers I have running BOINC, and saw this on one of them:

10316 8/7/2019 11:39:23 AM GUI RPC request from non-allowed address 2.0.25.129 10648 8/7/2019 1:09:27 PM GUI RPC request from non-allowed address 2.0.42.193 10649 8/7/2019 1:09:27 PM 256 connections rejected in last 10 minutes


In fact, a similar address (somewhere in France, supposedly) tried to connect to the BOINC client on four of my BOINC machines. This has been happening since at least July.

If the BOINC client on your computers is accessible from the Internet, I advise putting your specific IP address (or addresses) into remote_hosts.cfg rather than leaving it open to the world, or doing the same in a firewall (or both). And use a strong password.

If you don't think this is important... anyone who successfully connects to the BOINC client on your computer can attach it to their own BOINC server, which can then send it tasks that can easily install malicious payloads such as key loggers, spam relays, DDOS bots, and other bad stuff.

EDIT: If this is all Greek to you and you don't know what I'm talking about, you're probably not at risk. BOINC starts off with remote access disabled. You have to explicitly go and change configuration files to enable remote access, and probably modify your firewall as well. If you haven't done that, you're okay.
____________
Please do not PM me with support questions. Ask on the forums instead. Thank you!

My lucky number is 75898524288+1

dthononProject donor
Volunteer tester
Send message
Joined: 6 Dec 17
Posts: 341
ID: 957147
Credit: 1,077,756,299
RAC: 533,859
Discovered 3 mega primes2018 Tour de Primes highest prime count2018 Tour de Primes highest prime scoreFound 50 primes in the 2018 Tour de PrimesFound 1 mega prime in the 2018 Tour de PrimesFound 1 prime in the 2018 Tour de Primes Mountain StageFound 1 mega prime in the 2018 Tour de Primes Mountain StageFound 5 primes in the 2019 Tour de PrimesFound 1 prime in the 2019 Tour de Primes Mountain Stage321 LLR Sapphire: Earned 20,000,000 credits (37,904,920)Cullen LLR Sapphire: Earned 20,000,000 credits (20,241,050)ESP LLR Sapphire: Earned 20,000,000 credits (22,910,484)Generalized Cullen/Woodall LLR Sapphire: Earned 20,000,000 credits (24,820,589)PPS LLR Double Bronze: Earned 100,000,000 credits (155,486,709)PSP LLR Sapphire: Earned 20,000,000 credits (20,833,687)SoB LLR Double Silver: Earned 200,000,000 credits (202,558,741)SR5 LLR Sapphire: Earned 20,000,000 credits (23,756,866)SGS LLR Sapphire: Earned 20,000,000 credits (20,365,565)TRP LLR Sapphire: Earned 20,000,000 credits (30,128,392)Woodall LLR Sapphire: Earned 20,000,000 credits (20,121,734)321 Sieve Sapphire: Earned 20,000,000 credits (20,190,853)Generalized Cullen/Woodall Sieve (suspended) Double Bronze: Earned 100,000,000 credits (126,821,599)PPS Sieve Double Bronze: Earned 100,000,000 credits (107,686,595)AP 26/27 Emerald: Earned 50,000,000 credits (60,984,612)GFN Double Bronze: Earned 100,000,000 credits (118,803,260)PSA Emerald: Earned 50,000,000 credits (64,141,506)
Message 131823 - Posted: 7 Aug 2019 | 21:17:01 UTC - in response to Message 131818.

I am puzzled, as I have to add any IP address in remote_hosts.cfg before being able to connect remotely with BOINC manager. gui_rpc_auth.cfg only contains my password.

Where do you find this log file?

Profile Michael GoetzProject donor
Volunteer moderator
Project administrator
Project scientist
Avatar
Send message
Joined: 21 Jan 10
Posts: 12939
ID: 53948
Credit: 195,655,257
RAC: 160,864
The "Shut up already!" badge:  This loud mouth has mansplained on the forums over 10 thousand times!  Sheesh!!!Discovered the World's First GFN-19 prime!!!Discovered 1 mega primeFound 1 prime in the 2018 Tour de PrimesFound 1 prime in the 2019 Tour de Primes321 LLR Ruby: Earned 2,000,000 credits (2,085,897)Cullen LLR Ruby: Earned 2,000,000 credits (2,005,249)ESP LLR Turquoise: Earned 5,000,000 credits (5,009,577)Generalized Cullen/Woodall LLR Ruby: Earned 2,000,000 credits (2,145,754)PPS LLR Turquoise: Earned 5,000,000 credits (6,740,954)PSP LLR Ruby: Earned 2,000,000 credits (2,632,269)SoB LLR Sapphire: Earned 20,000,000 credits (34,221,148)SR5 LLR Turquoise: Earned 5,000,000 credits (8,293,415)SGS LLR Ruby: Earned 2,000,000 credits (2,012,222)TRP LLR Ruby: Earned 2,000,000 credits (2,737,347)Woodall LLR Ruby: Earned 2,000,000 credits (2,195,123)321 Sieve Turquoise: Earned 5,000,000 credits (5,046,112)Cullen/Woodall Sieve (suspended) Ruby: Earned 2,000,000 credits (4,170,256)Generalized Cullen/Woodall Sieve (suspended) Turquoise: Earned 5,000,000 credits (5,059,304)PPS Sieve Sapphire: Earned 20,000,000 credits (20,110,788)Sierpinski (ESP/PSP/SoB) Sieve (suspended) Amethyst: Earned 1,000,000 credits (1,035,522)TRP Sieve (suspended) Ruby: Earned 2,000,000 credits (2,051,121)AP 26/27 Jade: Earned 10,000,000 credits (10,110,217)GFN Emerald: Earned 50,000,000 credits (65,591,694)PSA Jade: Earned 10,000,000 credits (12,404,447)
Message 131825 - Posted: 7 Aug 2019 | 21:27:13 UTC - in response to Message 131823.

I am puzzled, as I have to add any IP address in remote_hosts.cfg before being able to connect remotely with BOINC manager. gui_rpc_auth.cfg only contains my password.

Where do you find this log file?


Ah, you're right. I'll fix the message, thanks.

____________
Please do not PM me with support questions. Ask on the forums instead. Thank you!

My lucky number is 75898524288+1

dthononProject donor
Volunteer tester
Send message
Joined: 6 Dec 17
Posts: 341
ID: 957147
Credit: 1,077,756,299
RAC: 533,859
Discovered 3 mega primes2018 Tour de Primes highest prime count2018 Tour de Primes highest prime scoreFound 50 primes in the 2018 Tour de PrimesFound 1 mega prime in the 2018 Tour de PrimesFound 1 prime in the 2018 Tour de Primes Mountain StageFound 1 mega prime in the 2018 Tour de Primes Mountain StageFound 5 primes in the 2019 Tour de PrimesFound 1 prime in the 2019 Tour de Primes Mountain Stage321 LLR Sapphire: Earned 20,000,000 credits (37,904,920)Cullen LLR Sapphire: Earned 20,000,000 credits (20,241,050)ESP LLR Sapphire: Earned 20,000,000 credits (22,910,484)Generalized Cullen/Woodall LLR Sapphire: Earned 20,000,000 credits (24,820,589)PPS LLR Double Bronze: Earned 100,000,000 credits (155,486,709)PSP LLR Sapphire: Earned 20,000,000 credits (20,833,687)SoB LLR Double Silver: Earned 200,000,000 credits (202,558,741)SR5 LLR Sapphire: Earned 20,000,000 credits (23,756,866)SGS LLR Sapphire: Earned 20,000,000 credits (20,365,565)TRP LLR Sapphire: Earned 20,000,000 credits (30,128,392)Woodall LLR Sapphire: Earned 20,000,000 credits (20,121,734)321 Sieve Sapphire: Earned 20,000,000 credits (20,190,853)Generalized Cullen/Woodall Sieve (suspended) Double Bronze: Earned 100,000,000 credits (126,821,599)PPS Sieve Double Bronze: Earned 100,000,000 credits (107,686,595)AP 26/27 Emerald: Earned 50,000,000 credits (60,984,612)GFN Double Bronze: Earned 100,000,000 credits (118,803,260)PSA Emerald: Earned 50,000,000 credits (64,141,506)
Message 131827 - Posted: 7 Aug 2019 | 21:36:05 UTC - in response to Message 131825.

For firewall rule, the port to open for remote GUI access is 31416.

Profile DaveProject donor
Avatar
Send message
Joined: 13 Feb 12
Posts: 2581
ID: 130544
Credit: 804,793,031
RAC: 329,249
Found 2 primes in the 2018 Tour de Primes321 LLR Turquoise: Earned 5,000,000 credits (5,008,573)Cullen LLR Turquoise: Earned 5,000,000 credits (5,005,909)ESP LLR Turquoise: Earned 5,000,000 credits (5,303,526)Generalized Cullen/Woodall LLR Turquoise: Earned 5,000,000 credits (5,202,873)PPS LLR Turquoise: Earned 5,000,000 credits (5,502,394)PSP LLR Turquoise: Earned 5,000,000 credits (5,021,564)SoB LLR Turquoise: Earned 5,000,000 credits (8,851,996)SR5 LLR Turquoise: Earned 5,000,000 credits (5,000,482)SGS LLR Turquoise: Earned 5,000,000 credits (5,000,035)TRP LLR Ruby: Earned 2,000,000 credits (4,116,987)Woodall LLR Ruby: Earned 2,000,000 credits (3,007,050)321 Sieve Ruby: Earned 2,000,000 credits (2,497,479)Cullen/Woodall Sieve (suspended) Silver: Earned 100,000 credits (268,250)Generalized Cullen/Woodall Sieve (suspended) Jade: Earned 10,000,000 credits (10,000,502)PPS Sieve Double Silver: Earned 200,000,000 credits (300,002,145)Sierpinski (ESP/PSP/SoB) Sieve (suspended) Jade: Earned 10,000,000 credits (10,000,133)TRP Sieve (suspended) Jade: Earned 10,000,000 credits (10,000,970)AP 26/27 Double Bronze: Earned 100,000,000 credits (115,011,221)GFN Double Bronze: Earned 100,000,000 credits (100,000,025)PSA Double Silver: Earned 200,000,000 credits (200,000,001)
Message 131840 - Posted: 8 Aug 2019 | 6:21:16 UTC - in response to Message 131827.

For firewall rule, the port to open for remote GUI access is 31416.

Port # pi, in fact. Is that an in-joke by the BOINC developers ;)?

Sergey Kovalchuk
Send message
Joined: 29 Sep 15
Posts: 6
ID: 422666
Credit: 32,694,234
RAC: 13,640
321 LLR Bronze: Earned 10,000 credits (29,607)Cullen LLR Bronze: Earned 10,000 credits (11,163)ESP LLR Bronze: Earned 10,000 credits (25,836)Generalized Cullen/Woodall LLR Silver: Earned 100,000 credits (363,220)PPS LLR Gold: Earned 500,000 credits (754,814)PSP LLR Silver: Earned 100,000 credits (260,602)SoB LLR Silver: Earned 100,000 credits (340,140)SR5 LLR Bronze: Earned 10,000 credits (21,288)SGS LLR Silver: Earned 100,000 credits (275,763)TRP LLR Bronze: Earned 10,000 credits (28,947)Woodall LLR Silver: Earned 100,000 credits (250,103)321 Sieve Silver: Earned 100,000 credits (100,021)Generalized Cullen/Woodall Sieve (suspended) Bronze: Earned 10,000 credits (12,562)PPS Sieve Sapphire: Earned 20,000,000 credits (25,083,611)Sierpinski (ESP/PSP/SoB) Sieve (suspended) Silver: Earned 100,000 credits (180,106)TRP Sieve (suspended) Bronze: Earned 10,000 credits (12,495)AP 26/27 Bronze: Earned 10,000 credits (24,258)GFN Ruby: Earned 2,000,000 credits (4,817,055)PSA Silver: Earned 100,000 credits (102,643)
Message 131842 - Posted: 8 Aug 2019 | 8:15:44 UTC - in response to Message 131818.

non zero remote_hosts.cfg + config reread => this error in log

IMHO is a bug of BOINC itself, not a bot attack

1. my PC (and all VMs) behind the firewall and NAT
2. first there were records with my address 10. *. *. *,
after reading the modified config, these strange addresses went
3. there is nothing like this after a reboot, but only after rereading the config

dthononProject donor
Volunteer tester
Send message
Joined: 6 Dec 17
Posts: 341
ID: 957147
Credit: 1,077,756,299
RAC: 533,859
Discovered 3 mega primes2018 Tour de Primes highest prime count2018 Tour de Primes highest prime scoreFound 50 primes in the 2018 Tour de PrimesFound 1 mega prime in the 2018 Tour de PrimesFound 1 prime in the 2018 Tour de Primes Mountain StageFound 1 mega prime in the 2018 Tour de Primes Mountain StageFound 5 primes in the 2019 Tour de PrimesFound 1 prime in the 2019 Tour de Primes Mountain Stage321 LLR Sapphire: Earned 20,000,000 credits (37,904,920)Cullen LLR Sapphire: Earned 20,000,000 credits (20,241,050)ESP LLR Sapphire: Earned 20,000,000 credits (22,910,484)Generalized Cullen/Woodall LLR Sapphire: Earned 20,000,000 credits (24,820,589)PPS LLR Double Bronze: Earned 100,000,000 credits (155,486,709)PSP LLR Sapphire: Earned 20,000,000 credits (20,833,687)SoB LLR Double Silver: Earned 200,000,000 credits (202,558,741)SR5 LLR Sapphire: Earned 20,000,000 credits (23,756,866)SGS LLR Sapphire: Earned 20,000,000 credits (20,365,565)TRP LLR Sapphire: Earned 20,000,000 credits (30,128,392)Woodall LLR Sapphire: Earned 20,000,000 credits (20,121,734)321 Sieve Sapphire: Earned 20,000,000 credits (20,190,853)Generalized Cullen/Woodall Sieve (suspended) Double Bronze: Earned 100,000,000 credits (126,821,599)PPS Sieve Double Bronze: Earned 100,000,000 credits (107,686,595)AP 26/27 Emerald: Earned 50,000,000 credits (60,984,612)GFN Double Bronze: Earned 100,000,000 credits (118,803,260)PSA Emerald: Earned 50,000,000 credits (64,141,506)
Message 131844 - Posted: 8 Aug 2019 | 9:23:09 UTC - in response to Message 131842.

I did find some non-allowed requests as well, see below. They are also coming from similar addresses, somewhere in Nantes, a town in the West of France. So that looks like a well organized attempt to take control of boinc hosts. And it happens fairly fast, as I got a message only 2 minutes after starting a VM !!!
Now, the question is, how does that person find the IP address of BOINC hosts, as I don't believe it is random.


03/08/2019 20:41:52 | | GUI RPC request from non-allowed address 2.0.88.147
07/08/2019 19:19:28 | | GUI RPC request from non-allowed address 2.0.155.28

Profile VatoProject donor
Volunteer tester
Avatar
Send message
Joined: 2 Feb 08
Posts: 713
ID: 18447
Credit: 90,657,448
RAC: 466,869
321 LLR Amethyst: Earned 1,000,000 credits (1,902,702)Cullen LLR Ruby: Earned 2,000,000 credits (2,049,559)ESP LLR Ruby: Earned 2,000,000 credits (2,562,829)Generalized Cullen/Woodall LLR Ruby: Earned 2,000,000 credits (2,001,883)PPS LLR Ruby: Earned 2,000,000 credits (4,668,333)PSP LLR Amethyst: Earned 1,000,000 credits (1,825,922)SoB LLR Ruby: Earned 2,000,000 credits (2,023,559)SR5 LLR Ruby: Earned 2,000,000 credits (2,298,384)SGS LLR Ruby: Earned 2,000,000 credits (2,187,102)TPS LLR (retired) Silver: Earned 100,000 credits (103,523)TRP LLR Ruby: Earned 2,000,000 credits (2,457,903)Woodall LLR Ruby: Earned 2,000,000 credits (2,048,906)321 Sieve Jade: Earned 10,000,000 credits (10,625,231)Cullen/Woodall Sieve (suspended) Ruby: Earned 2,000,000 credits (4,119,699)Generalized Cullen/Woodall Sieve (suspended) Jade: Earned 10,000,000 credits (10,278,995)PPS Sieve Turquoise: Earned 5,000,000 credits (9,615,710)Sierpinski (ESP/PSP/SoB) Sieve (suspended) Ruby: Earned 2,000,000 credits (4,080,177)TRP Sieve (suspended) Turquoise: Earned 5,000,000 credits (5,221,054)AP 26/27 Turquoise: Earned 5,000,000 credits (6,072,394)GFN Turquoise: Earned 5,000,000 credits (5,022,609)PSA Turquoise: Earned 5,000,000 credits (9,498,503)
Message 131845 - Posted: 8 Aug 2019 | 9:28:57 UTC - in response to Message 131844.

they could be targetting just hosts that show up in scan databases (like shodan)
you don't need to do full scans yourself to find things these days
____________

Profile RobishProject donor
Avatar
Send message
Joined: 7 Jan 12
Posts: 1183
ID: 126266
Credit: 2,972,349,875
RAC: 5,029,825
Discovered the World's First AP27!!!Discovered 8 mega primesDiscovered 1 AP272018 Tour de Primes largest primeFound 4 primes in the 2018 Tour de PrimesFound 1 mega prime in the 2018 Tour de PrimesFound 1 prime in the 2019 Tour de Primes321 LLR Turquoise: Earned 5,000,000 credits (5,232,081)Cullen LLR Turquoise: Earned 5,000,000 credits (8,142,092)ESP LLR Turquoise: Earned 5,000,000 credits (6,393,953)Generalized Cullen/Woodall LLR Turquoise: Earned 5,000,000 credits (6,466,498)PPS LLR Sapphire: Earned 20,000,000 credits (31,595,190)PSP LLR Turquoise: Earned 5,000,000 credits (5,053,061)SoB LLR Sapphire: Earned 20,000,000 credits (34,998,007)SR5 LLR Turquoise: Earned 5,000,000 credits (5,095,601)SGS LLR Turquoise: Earned 5,000,000 credits (5,029,384)TRP LLR Jade: Earned 10,000,000 credits (12,088,272)Woodall LLR Turquoise: Earned 5,000,000 credits (5,062,771)321 Sieve Turquoise: Earned 5,000,000 credits (5,025,452)Cullen/Woodall Sieve (suspended) Turquoise: Earned 5,000,000 credits (7,892,369)Generalized Cullen/Woodall Sieve (suspended) Turquoise: Earned 5,000,000 credits (5,515,338)PPS Sieve Double Gold: Earned 500,000,000 credits (778,023,429)TRP Sieve (suspended) Silver: Earned 100,000 credits (121,416)AP 26/27 Emerald: Earned 50,000,000 credits (51,750,400)GFN Double Amethyst: Earned 1,000,000,000 credits (1,998,865,170)
Message 131846 - Posted: 8 Aug 2019 | 9:29:49 UTC - in response to Message 131844.

I did find some non-allowed requests as well, see below. They are also coming from similar addresses, somewhere in Nantes, a town in the West of France. So that looks like a well organized attempt to take control of boinc hosts. And it happens fairly fast, as I got a message only 2 minutes after starting a VM !!!
Now, the question is, how does that person find the IP address of BOINC hosts, as I don't believe it is random.


03/08/2019 20:41:52 | | GUI RPC request from non-allowed address 2.0.88.147
07/08/2019 19:19:28 | | GUI RPC request from non-allowed address 2.0.155.28


Bulk scan of traffic (open ports) on port 31416? Can't imagine it's used for much else so that would identify boinc perhaps?
____________
My lucky number's 10590941048576+1 and 5641491616384+1 (GFN-14 Consecutive Prime)

dthononProject donor
Volunteer tester
Send message
Joined: 6 Dec 17
Posts: 341
ID: 957147
Credit: 1,077,756,299
RAC: 533,859
Discovered 3 mega primes2018 Tour de Primes highest prime count2018 Tour de Primes highest prime scoreFound 50 primes in the 2018 Tour de PrimesFound 1 mega prime in the 2018 Tour de PrimesFound 1 prime in the 2018 Tour de Primes Mountain StageFound 1 mega prime in the 2018 Tour de Primes Mountain StageFound 5 primes in the 2019 Tour de PrimesFound 1 prime in the 2019 Tour de Primes Mountain Stage321 LLR Sapphire: Earned 20,000,000 credits (37,904,920)Cullen LLR Sapphire: Earned 20,000,000 credits (20,241,050)ESP LLR Sapphire: Earned 20,000,000 credits (22,910,484)Generalized Cullen/Woodall LLR Sapphire: Earned 20,000,000 credits (24,820,589)PPS LLR Double Bronze: Earned 100,000,000 credits (155,486,709)PSP LLR Sapphire: Earned 20,000,000 credits (20,833,687)SoB LLR Double Silver: Earned 200,000,000 credits (202,558,741)SR5 LLR Sapphire: Earned 20,000,000 credits (23,756,866)SGS LLR Sapphire: Earned 20,000,000 credits (20,365,565)TRP LLR Sapphire: Earned 20,000,000 credits (30,128,392)Woodall LLR Sapphire: Earned 20,000,000 credits (20,121,734)321 Sieve Sapphire: Earned 20,000,000 credits (20,190,853)Generalized Cullen/Woodall Sieve (suspended) Double Bronze: Earned 100,000,000 credits (126,821,599)PPS Sieve Double Bronze: Earned 100,000,000 credits (107,686,595)AP 26/27 Emerald: Earned 50,000,000 credits (60,984,612)GFN Double Bronze: Earned 100,000,000 credits (118,803,260)PSA Emerald: Earned 50,000,000 credits (64,141,506)
Message 131847 - Posted: 8 Aug 2019 | 9:50:10 UTC - in response to Message 131846.

In case of bulk scans, I would expect to see lots of messages, like what you see when you look at SSH rejected attempts. Here, there are only a few random attempts.

And I am also worried that I got a first attempts just after starting a VM. It could be pure chance, or it could be a backdoor in boinc client or a hole in a boinc server.

Profile bcavnaughProject donor
Avatar
Send message
Joined: 8 Nov 13
Posts: 192
ID: 273570
Credit: 622,557,766
RAC: 228,514
Discovered 4 mega primesFound 16 primes in the 2018 Tour de PrimesFound 1 prime in the 2018 Tour de Primes Mountain StageFound 15 primes in the 2019 Tour de PrimesFound 1 mega prime in the 2019 Tour de Primes321 LLR Ruby: Earned 2,000,000 credits (4,432,945)Cullen LLR Ruby: Earned 2,000,000 credits (3,663,353)ESP LLR Turquoise: Earned 5,000,000 credits (7,438,830)Generalized Cullen/Woodall LLR Ruby: Earned 2,000,000 credits (4,690,368)PPS LLR Sapphire: Earned 20,000,000 credits (35,508,475)PSP LLR Ruby: Earned 2,000,000 credits (4,675,187)SoB LLR Jade: Earned 10,000,000 credits (17,010,038)SR5 LLR Ruby: Earned 2,000,000 credits (2,914,257)SGS LLR Ruby: Earned 2,000,000 credits (3,190,607)TRP LLR Turquoise: Earned 5,000,000 credits (8,091,782)Woodall LLR Ruby: Earned 2,000,000 credits (3,833,516)321 Sieve Gold: Earned 500,000 credits (737,961)Generalized Cullen/Woodall Sieve (suspended) Jade: Earned 10,000,000 credits (13,345,448)PPS Sieve Double Silver: Earned 200,000,000 credits (227,586,323)Sierpinski (ESP/PSP/SoB) Sieve (suspended) Silver: Earned 100,000 credits (164,235)TRP Sieve (suspended) Amethyst: Earned 1,000,000 credits (1,142,550)AP 26/27 Emerald: Earned 50,000,000 credits (54,580,500)GFN Double Silver: Earned 200,000,000 credits (228,409,921)PSA Amethyst: Earned 1,000,000 credits (1,142,791)
Message 131858 - Posted: 8 Aug 2019 | 12:54:10 UTC

From Day One I have only used the remote_hosts.cfg file.

dthononProject donor
Volunteer tester
Send message
Joined: 6 Dec 17
Posts: 341
ID: 957147
Credit: 1,077,756,299
RAC: 533,859
Discovered 3 mega primes2018 Tour de Primes highest prime count2018 Tour de Primes highest prime scoreFound 50 primes in the 2018 Tour de PrimesFound 1 mega prime in the 2018 Tour de PrimesFound 1 prime in the 2018 Tour de Primes Mountain StageFound 1 mega prime in the 2018 Tour de Primes Mountain StageFound 5 primes in the 2019 Tour de PrimesFound 1 prime in the 2019 Tour de Primes Mountain Stage321 LLR Sapphire: Earned 20,000,000 credits (37,904,920)Cullen LLR Sapphire: Earned 20,000,000 credits (20,241,050)ESP LLR Sapphire: Earned 20,000,000 credits (22,910,484)Generalized Cullen/Woodall LLR Sapphire: Earned 20,000,000 credits (24,820,589)PPS LLR Double Bronze: Earned 100,000,000 credits (155,486,709)PSP LLR Sapphire: Earned 20,000,000 credits (20,833,687)SoB LLR Double Silver: Earned 200,000,000 credits (202,558,741)SR5 LLR Sapphire: Earned 20,000,000 credits (23,756,866)SGS LLR Sapphire: Earned 20,000,000 credits (20,365,565)TRP LLR Sapphire: Earned 20,000,000 credits (30,128,392)Woodall LLR Sapphire: Earned 20,000,000 credits (20,121,734)321 Sieve Sapphire: Earned 20,000,000 credits (20,190,853)Generalized Cullen/Woodall Sieve (suspended) Double Bronze: Earned 100,000,000 credits (126,821,599)PPS Sieve Double Bronze: Earned 100,000,000 credits (107,686,595)AP 26/27 Emerald: Earned 50,000,000 credits (60,984,612)GFN Double Bronze: Earned 100,000,000 credits (118,803,260)PSA Emerald: Earned 50,000,000 credits (64,141,506)
Message 131865 - Posted: 8 Aug 2019 | 14:32:10 UTC - in response to Message 131858.

It would help if a few people looked at the lo files to see if they get attempts from other IP addresses. If it is only from 2.0.x.y, that could be a single person.
Only if your server or VM is connected to the internet with port 31416 open.

Theadalus
Send message
Joined: 8 May 08
Posts: 2
ID: 22450
Credit: 206,350,177
RAC: 3,004,541
PPS LLR Ruby: Earned 2,000,000 credits (2,699,022)Woodall LLR Silver: Earned 100,000 credits (110,302)321 Sieve Turquoise: Earned 5,000,000 credits (5,711,212)Cullen/Woodall Sieve (suspended) Silver: Earned 100,000 credits (382,187)PPS Sieve Double Bronze: Earned 100,000,000 credits (185,977,166)Sierpinski (ESP/PSP/SoB) Sieve (suspended) Silver: Earned 100,000 credits (209,143)TRP Sieve (suspended) Bronze: Earned 10,000 credits (98,980)AP 26/27 Jade: Earned 10,000,000 credits (11,142,508)GFN Bronze: Earned 10,000 credits (11,414)
Message 131882 - Posted: 9 Aug 2019 | 3:16:21 UTC
Last modified: 9 Aug 2019 | 3:26:11 UTC

Before I allowed GUI RPC from any machine by adding line to cc_config.xml:

<allow_remote_gui_rpc>1</allow_remote_gui_rpc>


After removing this line, adding {My Home IP} to remote_hosts.cfg and rereading config files, log file shows 1 entry:

GUI RPC request from non-allowed address 2.0.216.131


However, after changing IP-address in remote_hosts.cfg and trying to connect from {My Home IP}, log file does NOT contain any entry saying:

GUI RPC request from non-allowed address {My Home IP}


Also incorrect password entries will not be logged.


Bit strange, i think something else is going on...?

dthononProject donor
Volunteer tester
Send message
Joined: 6 Dec 17
Posts: 341
ID: 957147
Credit: 1,077,756,299
RAC: 533,859
Discovered 3 mega primes2018 Tour de Primes highest prime count2018 Tour de Primes highest prime scoreFound 50 primes in the 2018 Tour de PrimesFound 1 mega prime in the 2018 Tour de PrimesFound 1 prime in the 2018 Tour de Primes Mountain StageFound 1 mega prime in the 2018 Tour de Primes Mountain StageFound 5 primes in the 2019 Tour de PrimesFound 1 prime in the 2019 Tour de Primes Mountain Stage321 LLR Sapphire: Earned 20,000,000 credits (37,904,920)Cullen LLR Sapphire: Earned 20,000,000 credits (20,241,050)ESP LLR Sapphire: Earned 20,000,000 credits (22,910,484)Generalized Cullen/Woodall LLR Sapphire: Earned 20,000,000 credits (24,820,589)PPS LLR Double Bronze: Earned 100,000,000 credits (155,486,709)PSP LLR Sapphire: Earned 20,000,000 credits (20,833,687)SoB LLR Double Silver: Earned 200,000,000 credits (202,558,741)SR5 LLR Sapphire: Earned 20,000,000 credits (23,756,866)SGS LLR Sapphire: Earned 20,000,000 credits (20,365,565)TRP LLR Sapphire: Earned 20,000,000 credits (30,128,392)Woodall LLR Sapphire: Earned 20,000,000 credits (20,121,734)321 Sieve Sapphire: Earned 20,000,000 credits (20,190,853)Generalized Cullen/Woodall Sieve (suspended) Double Bronze: Earned 100,000,000 credits (126,821,599)PPS Sieve Double Bronze: Earned 100,000,000 credits (107,686,595)AP 26/27 Emerald: Earned 50,000,000 credits (60,984,612)GFN Double Bronze: Earned 100,000,000 credits (118,803,260)PSA Emerald: Earned 50,000,000 credits (64,141,506)
Message 131885 - Posted: 9 Aug 2019 | 6:50:09 UTC - in response to Message 131882.

I did a similar test, and there is indeed something wrong with the message. When I try to connect from an address that is not in remote_hosts.cfg, I do get an error message. But the IP address reported in the erro message.

For example, I just got the following message, when trying to connect from 80.214.154.84.


620: 09-Aug-2019 06:34:19 (low) [] GUI RPC request from non-allowed address 2.0.191.203


Even if the IP @ in the message is wrong, Mike's advices need to be used for servers connected to Internet.

stream
Volunteer developer
Volunteer tester
Send message
Joined: 1 Mar 14
Posts: 568
ID: 301928
Credit: 451,659,303
RAC: 8,639
Discovered 1 mega primeFound 1 prime in the 2018 Tour de PrimesFound 1 prime in the 2019 Tour de Primes321 LLR Turquoise: Earned 5,000,000 credits (9,919,609)Cullen LLR Turquoise: Earned 5,000,000 credits (9,934,320)ESP LLR Turquoise: Earned 5,000,000 credits (9,909,084)Generalized Cullen/Woodall LLR Turquoise: Earned 5,000,000 credits (5,921,052)PPS LLR Turquoise: Earned 5,000,000 credits (7,262,900)PSP LLR Turquoise: Earned 5,000,000 credits (5,089,560)SoB LLR Turquoise: Earned 5,000,000 credits (5,824,522)SR5 LLR Turquoise: Earned 5,000,000 credits (5,399,087)SGS LLR Turquoise: Earned 5,000,000 credits (5,401,976)TRP LLR Turquoise: Earned 5,000,000 credits (9,911,706)Woodall LLR Turquoise: Earned 5,000,000 credits (5,011,851)321 Sieve Sapphire: Earned 20,000,000 credits (20,004,228)Generalized Cullen/Woodall Sieve (suspended) Sapphire: Earned 20,000,000 credits (20,047,667)PPS Sieve Sapphire: Earned 20,000,000 credits (20,866,490)Sierpinski (ESP/PSP/SoB) Sieve (suspended) Sapphire: Earned 20,000,000 credits (20,043,271)TRP Sieve (suspended) Sapphire: Earned 20,000,000 credits (20,015,177)AP 26/27 Sapphire: Earned 20,000,000 credits (20,045,194)GFN Emerald: Earned 50,000,000 credits (50,750,168)PSA Double Silver: Earned 200,000,000 credits (200,301,443)
Message 131892 - Posted: 9 Aug 2019 | 13:30:25 UTC

News story headline: "An evil French hacker is trying to hijack myriads of helpless machines belonging to kind peoples wished to help the science"

Truth: Another bug in a crappy software written by non-qualified students. It prints some fixed garbage instead of real IP address. The bug seems to affect only non-Windows clients (Windows version uses different code and seems to print correct address).

Speaking seriously, there is nothing dangerous even with default settings. During first run, client creates 32-characters long random password. It's quite secure, just keep it as is and don't change it to something like 12345 :)

Profile GrebulonerProject donor
Volunteer tester
Avatar
Send message
Joined: 2 Nov 09
Posts: 269
ID: 49572
Credit: 1,356,622,592
RAC: 1,812,515
Found 2 primes in the 2018 Tour de PrimesFound 4 primes in the 2019 Tour de Primes321 LLR Jade: Earned 10,000,000 credits (10,053,890)Cullen LLR Jade: Earned 10,000,000 credits (10,168,095)ESP LLR Jade: Earned 10,000,000 credits (11,401,438)Generalized Cullen/Woodall LLR Jade: Earned 10,000,000 credits (11,458,304)PPS LLR Sapphire: Earned 20,000,000 credits (27,671,515)PSP LLR Jade: Earned 10,000,000 credits (10,025,532)SoB LLR Jade: Earned 10,000,000 credits (13,815,699)SR5 LLR Jade: Earned 10,000,000 credits (12,233,084)SGS LLR Jade: Earned 10,000,000 credits (10,157,780)TRP LLR Jade: Earned 10,000,000 credits (12,578,327)Woodall LLR Jade: Earned 10,000,000 credits (10,037,126)321 Sieve Sapphire: Earned 20,000,000 credits (20,128,873)Cullen/Woodall Sieve (suspended) Ruby: Earned 2,000,000 credits (4,178,073)Generalized Cullen/Woodall Sieve (suspended) Emerald: Earned 50,000,000 credits (56,046,594)PPS Sieve Double Silver: Earned 200,000,000 credits (471,693,790)Sierpinski (ESP/PSP/SoB) Sieve (suspended) Turquoise: Earned 5,000,000 credits (9,468,384)TRP Sieve (suspended) Jade: Earned 10,000,000 credits (10,076,645)AP 26/27 Double Silver: Earned 200,000,000 credits (350,272,426)GFN Double Bronze: Earned 100,000,000 credits (185,418,806)PSA Double Bronze: Earned 100,000,000 credits (109,745,972)
Message 131894 - Posted: 9 Aug 2019 | 13:46:08 UTC - in response to Message 131892.

Speaking seriously, there is nothing dangerous even with default settings. During first run, client creates 32-characters long random password. It's quite secure, just keep it as is and don't change it to something like 12345 :)


12345? Amazing, I have the same combination on my luggage!

/couldn't resist
____________
Eating more cheese on Thursdays.

Profile Malcolm BeesonProject donor
Avatar
Send message
Joined: 1 Mar 11
Posts: 17
ID: 88767
Credit: 189,704,926
RAC: 403,722
321 LLR Amethyst: Earned 1,000,000 credits (1,552,423)Cullen LLR Ruby: Earned 2,000,000 credits (2,122,494)ESP LLR Amethyst: Earned 1,000,000 credits (1,212,679)Generalized Cullen/Woodall LLR Amethyst: Earned 1,000,000 credits (1,988,680)PPS LLR Amethyst: Earned 1,000,000 credits (1,302,973)PSP LLR Amethyst: Earned 1,000,000 credits (1,825,692)SoB LLR Silver: Earned 100,000 credits (302,139)SR5 LLR Silver: Earned 100,000 credits (456,397)SGS LLR Silver: Earned 100,000 credits (449,666)TRP LLR Gold: Earned 500,000 credits (791,551)Woodall LLR Gold: Earned 500,000 credits (543,115)321 Sieve Bronze: Earned 10,000 credits (55,383)Generalized Cullen/Woodall Sieve (suspended) Silver: Earned 100,000 credits (440,721)PPS Sieve Double Bronze: Earned 100,000,000 credits (124,201,416)Sierpinski (ESP/PSP/SoB) Sieve (suspended) Silver: Earned 100,000 credits (329,710)TRP Sieve (suspended) Gold: Earned 500,000 credits (627,505)AP 26/27 Sapphire: Earned 20,000,000 credits (26,784,875)GFN Sapphire: Earned 20,000,000 credits (24,707,923)
Message 132184 - Posted: 21 Aug 2019 | 10:33:15 UTC - in response to Message 131885.

Orange (or Wanadoo as it was known) here in France tries to make the Internet as difficult as possible and the most expensive in the world. Getting silly 80.x.x.x addresses is common, they simply don't exist! Thus it is very difficult to run ssh and other secure protocols through their modems, something that has been plaguing me since 2000 when I was paying for an ADSL connection of 512kbs/24kbs with a fixed IP, the sum of 180euros/month! You can complain to abuse@orange.fr but I doubt it'll do you any good.
____________

Profile JStateson
Avatar
Send message
Joined: 28 Feb 10
Posts: 25
ID: 56128
Credit: 967,732,569
RAC: 0
Cullen/Woodall Sieve (suspended) Ruby: Earned 2,000,000 credits (3,136,123)PPS Sieve Double Gold: Earned 500,000,000 credits (959,207,000)AP 26/27 Bronze: Earned 10,000 credits (32,365)GFN Turquoise: Earned 5,000,000 credits (5,351,321)
Message 133993 - Posted: 17 Oct 2019 | 17:04:38 UTC - in response to Message 131885.

I did a similar test, and there is indeed something wrong with the message. When I try to connect from an address that is not in remote_hosts.cfg, I do get an error message. But the IP address reported in the erro message.

For example, I just got the following message, when trying to connect from 80.214.154.84.

620: 09-Aug-2019 06:34:19 (low) [] GUI RPC request from non-allowed address 2.0.191.203


Even if the IP @ in the message is wrong, Mike's advices need to be used for servers connected to Internet.


If you (or anyone reading this thread) has a GitHub account, please go over to https://github.com/BOINC/boinc/issues/3246 and add your support to get this issue fixed. The fact that the French IP address is used by default clearly shows a problem with code.

Post to thread

Message boards : News : Be careful with BOINC computers on the Internet

[Return to PrimeGrid main page]
DNS Powered by DNSEXIT.COM
Copyright © 2005 - 2019 Rytis Slatkevičius (contact) and PrimeGrid community. Server load 1.41, 1.56, 1.74
Generated 20 Oct 2019 | 17:01:24 UTC