Which due to the score-based payout method is not useful at all.
I forgot to state that I'll recalculate those rounds from DDoS attack with share based (proportional) mechanism later. Score method of course need stable connection on pool side, so using score while being under ddos is nonsense. |
|
|
|
Nope. Still only manage 1-2 shares in here and there. Which due to the score-based payout method is not useful at all.
I added some new DDoS balancers and DNS changes are in progress. So if you're still connected to original one (overloaded), you still might see some issues. I recommend you to restart miners and let them connect to fresh IPs. |
|
|
|
I know some smaller pools that would be happy
Then they become noticeable and will defend to the same shits :-). |
|
|
|
|
sadpandatech: attack is still here, we're both fighting with that. Actually attack got a little more intensive before few minutes, but mining still works (though with connection errors sometimes).
|
|
|
|
|
Yay, first block since DDoS started. It was almost 17 hour round, insane. Initally thanks to bad luck and then thanks to DDoS (another kind of bad luck).
|
|
|
|
|
All clients which were previously connected are in whitelist now.
|
|
|
|
|
I found one issue so even you connect, you'll probably will see a lot of rejecteds. I'm working on it, will be solved in few minutes.
|
|
|
|
|
ok, I see that most of clients are still blacklisted, working on it now.
|
|
|
|
|
Pool is up again. Note that all website traffic is routing thru 3rd party DDoS mitigation service, so SSL isn't working at this moment. But it is only temporary and as all important changes on profiles must be confirmed by email, it's not so big issue.
|
|
|
|
|
hchc: I'm in contact with company for doing ddos mitigation, however it's taking some time - it is 6am here.
|
|
|
|
This is exactly why concentrating too much hash power in a few pools is not a good idea. Better to mine at a smaller mid-sized pool  No, it's basically the same. With such massive botnet power there's no problem with flooding tens of smaller pools. Now attackers don't do that because 70% hashrate is on three pools, but they'll change attack vector if hashrate distribution will change. |
|
|
|
This is down now.
Yes, attack moved to new machines, too. |
|
|
|
|
sadpandatech: this is large scale attack, where normal tools won't work at all. Even enterprise level firewalls are failing when DDoS come into the game (remember paypal?).
|
|
|
|
|
ok, they moved to new IP again. So attacker is following forum, botnet isn't just following DNS records.
|
|
|
|
I assume all this action is gonna slow you down on getting the accounting done for NMC?
I don't know what's the motivation of attackers. As deepbit is hitted also, I don't think it is primary because of NMC. However I'm curious why attacker pick first and third largest pool... |
|
|
|
|
Please point your miners to api3.bitcoin.cz. I'll update DNS of api.bitcoin.cz and api2.bitcoin.cz when attack will be over.
|
|
|
|
I have a feeling this attack will continue for a while. Slush, is there no way to filter out all other non registered IP connections? Ie allow connections only from pool miners based on their last known IP address - most people don't refresh their IP often.
Unfortunately this is large scale attack, so filtering on IP layer isn't possible at all. |
|
|
|
|
pekv2: It means attack is still here.
|
|
|
|
Website is still down. I'm very confident you'll get it all sorted.
"Hm, attack moved to new location." means - attack moved to new pool instances. |
|
|
|
|
Hm, attack moved to new location.
|
|
|
|
|
Show Posts
