Title: How mining pools protect themselves from DDOS attacks ? Post by: paid2 on February 01, 2023, 11:52:06 AM I wonder how pool operators are protecting their statums addresses from DDOS attacks
I cannot find an answer on google about protecting stratum addresses from DDOS What am I missing ? I mean they can't just manualy ban the IPs addresses which are slowing down the pool. I imagine it could give a lot of work to pool OPs no ? Sorry for the newbie question, but as I know that some pool operator are present here, I hope that I will find a proper answer :) Title: Re: How mining pools protect themselves from DDOS attacks ? Post by: ABCbits on February 01, 2023, 12:40:12 PM Few provider such as F2Pool use CloudFlare as DDoS protection. You can verify this using traceroute command.
Code: $ sudo traceroute -T -p 3333 btc.f2pool.com Take note IP/port is taken from F2Pool website[1] and it looks like gin.ntt.net seems to be owned by CloudFlare based on traceroute shared by other people[2-3]. [1] https://www.f2pool.com/#btc (https://www.f2pool.com/#btc) [2] https://community.cloudflare.com/t/tracert-from-hong-kong-gets-routed-to-singapore/49413 (https://community.cloudflare.com/t/tracert-from-hong-kong-gets-routed-to-singapore/49413) [3] https://www.geekzone.co.nz/forums.asp?forumid=39&topicid=236223 (https://www.geekzone.co.nz/forums.asp?forumid=39&topicid=236223) Title: Re: How mining pools protect themselves from DDOS attacks ? Post by: paid2 on February 02, 2023, 12:26:30 PM Few provider such as F2Pool use CloudFlare as DDoS protection. You can verify this using traceroute command. Code: $ sudo traceroute -T -p 3333 btc.f2pool.com Take note IP/port is taken from F2Pool website[1] and it looks like gin.ntt.net seems to be owned by CloudFlare based on traceroute shared by other people[2-3]. [1] https://www.f2pool.com/#btc (https://www.f2pool.com/#btc) [2] https://community.cloudflare.com/t/tracert-from-hong-kong-gets-routed-to-singapore/49413 (https://community.cloudflare.com/t/tracert-from-hong-kong-gets-routed-to-singapore/49413) [3] https://www.geekzone.co.nz/forums.asp?forumid=39&topicid=236223 (https://www.geekzone.co.nz/forums.asp?forumid=39&topicid=236223) Thank you so much ! Helping a lot ! Title: Re: How mining pools protect themselves from DDOS attacks ? Post by: DaveF on February 02, 2023, 12:32:52 PM I wonder how pool operators are protecting their statums addresses from DDOS attacks I cannot find an answer on google about protecting stratum addresses from DDOS What am I missing ? I mean they can't just manualy ban the IPs addresses which are slowing down the pool. I imagine it could give a lot of work to pool OPs no ? Sorry for the newbie question, but as I know that some pool operator are present here, I hope that I will find a proper answer :) Also, it's not a manual ban it's automatic, even going back a decade to NOMP https://github.com/zone117x/node-open-mining-portal#attack-mitigation it had automatic banning of IPs that were causing problems. It can also be a combination using something like cloudflare as discussed above to take care of the 1st layer of attacks then something internally to filter out the rest. -Dave Title: Re: How mining pools protect themselves from DDOS attacks ? Post by: kano on February 03, 2023, 12:40:56 AM Good server providers have hardware DDoS protection coz they have datacentres full of servers and really don't want someone to cause problems for all their clients.
Title: Re: How mining pools protect themselves from DDOS attacks ? Post by: paid2 on February 03, 2023, 08:19:39 PM Thank you for the information, it gives me good starting points to explore on this subject! :)
I was convinced that it was special services for mining. I imagined that all the shares submitted by the ASICs could have been considered as DDOS, and could have been unnecessarily blocked by the "typical" protection services. I made something that's rather simple much too complex haha :D Title: Re: How mining pools protect themselves from DDOS attacks ? Post by: promojo on July 10, 2023, 10:13:54 PM I wonder how pool operators are protecting their statums addresses from DDOS attacks I cannot find an answer on google about protecting stratum addresses from DDOS What am I missing ? I mean they can't just manualy ban the IPs addresses which are slowing down the pool. I imagine it could give a lot of work to pool OPs no ? Sorry for the newbie question, but as I know that some pool operator are present here, I hope that I will find a proper answer :) VIP/dedicated stratum nodes/servers for specific clients. |