Author |
Message |
DGM17Send message
Joined: 17 Jan 09 Posts: 2 Credit: 216,476,215 RAC: 0 Level
Scientific publications
|
1/12/2018 - I am getting this text in my BOINC Manager Event Log and no new work: "GUI RPC request from non-allowed address".
I am wondering why my IP address is on this list. I have made over 50 million credits with this computer and I do not recall making any changes to my account. Can anyone explain what has happened?
____________
|
|
|
ToniVolunteer moderator Project administrator Project developer Project tester Project scientist Send message
Joined: 9 Dec 08 Posts: 1006 Credit: 5,068,599 RAC: 0 Level
Scientific publications
|
Moving to the "Number crunching" thread, perhaps it's more visible there. |
|
|
mmonninSend message
Joined: 2 Jul 16 Posts: 337 Credit: 7,765,428,051 RAC: 1,425,398 Level
Scientific publications
|
Something is requesting connecting to the GUI (the BOINC Client?) like another BOINC Manager or BOINC tasks. I don't think its anything to do with this or any other project.
I use this to allow BOINCTasks to connect to remote clients:
<allow_remote_gui_rpc>1</allow_remote_gui_rpc>
GUI RPC... |
|
|
|
DON'T allow remote gui rpc until you've understood what is going on and why.
Read Controlling BOINC remotely for the background behind what the terms mean. 'Remote' in this case usually means another computer in your home or workplace: the processes don't work well over wider area networks, and in any event external computers should be blocked by your firewall or router. Of course, in this day and age, close-by computers can possibly hack into your WiFi, but let's assume not for the time being...
In normal usage, the BOINC client and the BOINC Manager both run on your local computer, and communicate with each other over a connection known as 'localhost' or IP address 127.0.0.1
It is possible to manage the BOINC client on one machine from a Manager (or replacement like the BoincTasks that's been mentioned already) on another machine: in that case, you have to authorise the process to use remote gui rpcs. This is usually described in terms of "The remote computer's IP address", but that's not strictly true: IP addresses are assigned separately to each network interface, so it's possible for a single computer to have two or three IP addresses (cable, WiFi, VPN to employer, would all be different). That might confuse things.
Also, I see you have 4 computers attached to this project. Maybe you (or a colleague) have set up remote control already, but a change in the network has moved one of the machines out of the permitted range of IP addresses. You need to have a sniff around your local network (whatever that means in your environment) and find out who's doing what, before you open the doors to every passer-by. |
|
|
DGM17Send message
Joined: 17 Jan 09 Posts: 2 Credit: 216,476,215 RAC: 0 Level
Scientific publications
|
Thank you, Richard Haselgrove.
I do use "Bonic Tasks" and I moved the software to this Windows 10 computer, but I forgot to clear out the old IP address in the "remote_hosts.cfg" file on this Windows 10 Computer. I think it was just coincidence that I could not receive new work units from GPUGRID.net.
Again, thanks for helping me with this! |
|
|
mmonninSend message
Joined: 2 Jul 16 Posts: 337 Credit: 7,765,428,051 RAC: 1,425,398 Level
Scientific publications
|
DON'T allow remote gui rpc until you've understood what is going on and why.
Read Controlling BOINC remotely for the background behind what the terms mean. 'Remote' in this case usually means another computer in your home or workplace: the processes don't work well over wider area networks, and in any event external computers should be blocked by your firewall or router. Of course, in this day and age, close-by computers can possibly hack into your WiFi, but let's assume not for the time being...
In normal usage, the BOINC client and the BOINC Manager both run on your local computer, and communicate with each other over a connection known as 'localhost' or IP address 127.0.0.1
It is possible to manage the BOINC client on one machine from a Manager (or replacement like the BoincTasks that's been mentioned already) on another machine: in that case, you have to authorise the process to use remote gui rpcs. This is usually described in terms of "The remote computer's IP address", but that's not strictly true: IP addresses are assigned separately to each network interface, so it's possible for a single computer to have two or three IP addresses (cable, WiFi, VPN to employer, would all be different). That might confuse things.
Also, I see you have 4 computers attached to this project. Maybe you (or a colleague) have set up remote control already, but a change in the network has moved one of the machines out of the permitted range of IP addresses. You need to have a sniff around your local network (whatever that means in your environment) and find out who's doing what, before you open the doors to every passer-by.
One thing you should absolutely NOT be doing is installing BOINC on a work computer. Sure way to get your "butt" fired. Unless you are your own employer then BOINC should never, ever be installed at work w/out legal, written permission.
If a hacker has control of a BOINC client via the GUI RPC then I've got bigger issues and BOINC is the last of them. allow_gui_rpc is the easiest way to allow access with BOINCTasks. |
|
|
|
One thing you should absolutely NOT be doing is installing BOINC on a work computer. Sure way to get your "butt" fired. Unless you are your own employer then BOINC should never, ever be installed at work w/out legal, written permission.
If a hacker has control of a BOINC client via the GUI RPC then I've got bigger issues and BOINC is the last of them. allow_gui_rpc is the easiest way to allow access with BOINCTasks.
Agreed with both parts of that - in the grand scheme of things, letting a hacker grab your BOINC is very low on the risks we all run. But at the time we both replied, it wasn't even clear that the OP wanted to use remote control - hence ask questions first, before assuming you understand what the user is trying to achieve.
Anyway, the post is written now, and DGM17 is happy with the outcome, so it can stand in case someone else finds themselves in a similar position in the future. |
|
|
JStateson Send message
Joined: 31 Oct 08 Posts: 186 Credit: 3,413,843,008 RAC: 1,027,914 Level
Scientific publications
|
1/12/2018 - I am getting this text in my BOINC Manager Event Log and no new work: "GUI RPC request from non-allowed address".
I am wondering why my IP address is on this list. I have made over 50 million credits with this computer and I do not recall making any changes to my account. Can anyone explain what has happened?
For what it is worth, also in january, within minutes of setting up a new Ubuntu boinc system, I had 3 requests that were denied. I can only assume they were from a compromised system behind my router or they got through the router somehow.
The first one I got was from 2.0.198.94, a French site. I am in USA. Here are the other two, also from outside USA.
boinc.log:24-Jan-2018 19:47:52 [---] GUI RPC request from non-allowed address 2.0.199.23
boinc.log:24-Jan-2018 21:30:43 [---] GUI RPC request from non-allowed address 2.0.199.157
Do you have a record of the IP address of the intruder?
[EDIT] Corrected date as it occurred in January,not December.
Also: Are you using grcpool as an account manager or doing any mining?
|
|
|