Azure devops hosted agent suspicious hosts file

2019-06-14 04:07发布

This might be a weird question but stick with me. I'm using Azure Devops Hosted Agent for my continuous deployment. During the release I have a task that adds one line to the hosts file on the hosted agent. Previously the hosts file looked like this:

# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handled within DNS itself.
#   127.0.0.1       localhost
#   ::1             localhost 
xx.xxx.x.xx mydomain.net

As you can see with powershell I was adding mydomain.net IP to the hosts file. This was working fine for a long time.

Lately my release started to fail because it was wrongly updating hosts file. I've checked hosts file on the hosted agent and now it looks like this:

# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handled within DNS itself.
#   127.0.0.1       localhost
#   ::1             localhost

127.0.0.1 aion.f2pool.com
127.0.0.1 asia.cryptonight-hub.miningpoolhub.com
127.0.0.1 asia.equihash-hub.miningpoolhub.com
127.0.0.1 asia.ethash-hub.miningpoolhub.com
127.0.0.1 asia.lyra2z-hub.miningpoolhub.com
127.0.0.1 ca.minexmr.com
127.0.0.1 ca.stratum.slushpool.com
127.0.0.1 cn.stratum.slushpool.com
127.0.0.1 cn02.stratum.slushpool.com
127.0.0.1 cn03.stratum.slushpool.com
127.0.0.1 dash.f2pool.com
127.0.0.1 dcr.f2pool.com
127.0.0.1 de.kano.is
127.0.0.1 de.minexmr.com
127.0.0.1 etc.f2pool.com
127.0.0.1 eth.f2pool.com
127.0.0.1 eu.stratum.slushpool.com
127.0.0.1 europe.cryptonight-hub.miningpoolhub.com
127.0.0.1 europe.equihash-hub.miningpoolhub.com
127.0.0.1 europe.ethash-hub.miningpoolhub.com
127.0.0.1 europe.lyra2z-hub.miningpoolhub.com
127.0.0.1 fr.minexmr.com
127.0.0.1 gulf.moneroocean.stream
127.0.0.1 hub.miningpoolhub.com
127.0.0.1 jp.kano.is
127.0.0.1 jp.stratum.slushpool.com
127.0.0.1 mmmoneropool.com
127.0.0.1 nya.kano.is
127.0.0.1 pool.minexmr.com
127.0.0.1 pool.supportxmr.com
127.0.0.1 sc.f2pool.com
127.0.0.1 sg.kano.is
127.0.0.1 sg.minexmr.com
127.0.0.1 sg.stratum.slushpool.com
127.0.0.1 stratum.antpool.com
127.0.0.1 stratum.f2pool.com
127.0.0.1 stratum.kano.is
127.0.0.1 stratum.slushpool.com
127.0.0.1 uk.kano.is
127.0.0.1 us-east.cryptonight-hub.miningpoolhub.com
127.0.0.1 us-east.equihash-hub.miningpoolhub.com
127.0.0.1 us-east.ethash-hub.miningpoolhub.com
127.0.0.1 us-east.lyra2z-hub.miningpoolhub.com
127.0.0.1 us-east.stratum.slushpool.com
127.0.0.1 xmr-classic.f2pool.com
127.0.0.1 xmr.f2pool.com
127.0.0.1 xmr.prohash.net
127.0.0.1 xmrpool.eu
127.0.0.1 xzc.f2pool.com
127.0.0.1 zec.f2pool.comxx.xxx.x.xx mydomain.net

Although, I can fix this just by adding new line separator to my powershell script, I'm more interested what are those addresses added to the hosts file? I was under impression that when I choose hosted agent, Azure spins for me fresh machine, is that correct? Can someone explain this to me? Or is this a new way for hosted agent to prevent some crypto mining?

EDIT:

This is powershell script I'm using:

$file = "$env:windir\System32\drivers\etc\hosts"
"xx.xxx.x.xx mydomain.net" | Add-Content -PassThru $file
Get-Content -Path $file

1条回答
劳资没心,怎么记你
2楼-- · 2019-06-14 04:38

Microsoft recently removed the pay-by-hour limitation on hosted agents. Since there's unlimited free hosted agent minutes, they had to take some steps to prevent crypto mining on their dime.

I have no official confirmation on this, but it seems pretty logical.

查看更多
登录 后发表回答