As long as most of stakeholders forge ..
- are we (stakeholders) insane? to put our stake's password into VPS? which can be hacked.. provided not all of us can properly configure linux server.. not saying about putting all Nxt stuff into root folder..
|
|
|
When I installed 0.4.2 I could see only 0.4.2 nodes. Why? I think at that time there was a lot of 0.4.0 nodes (including my bootstrap VPS).
My version reports itself as 0.4.2 and I can see 0.4.0 nodes along with 0.4.1e, 0.4.2 and 0.4.3e nodes. - congratulations. I say about myself. My 0.4.0 node right now see 335 Active peers, all of them 0.4.0, with exeption of 2*0.4.1e, 1*0.3.2, 3*0.4.2, 2*0.4.3. So 99.98% is on 0.4.0. Its simply impossible. So somemthing is definitely wrong with Nxt soft.
|
|
|
When I installed 0.4.2 I could see only 0.4.2 nodes. Why? I think at that time there was a lot of 0.4.0 nodes (including my bootstrap VPS).
So it seems every version now mines own fork of blockchain. If so, in the first place we all need to install the same version (preferably 0.4.0).
Zombie nodes r quite dumb. They return ur version as their. U can send them "I'm zombie" and then get "I'm zombie" in response. - how can I configure my server in order to communicate only with Hallmarked nodes (> 100 000 weight) ? I do not want to see zombies in my Active peer list (no to say to communicate with them). And I think that "They return ur version as their" its an Nxt servlet work, and you say, that attack is Jetty targeted, not Nxt servlet targeted. So how it happes that we see them, zombies, in Active peer, anyway ?
|
|
|
When I installed 0.4.2 I could see only 0.4.2 nodes. Why? I think at that time there was a lot of 0.4.0 nodes (including my bootstrap VPS).
So it seems every version now mines own fork of blockchain. If so, in the first place we all need to install the same version (preferably 0.4.0).
|
|
|
May be we all need to install 0.4.0 ? Could you re-publish it ?
The version from the link in the Forum appears to be 0.4.2 (which CfB has told people not to use). CfB can you please update it (to something that we should be using)? Don't have it. abctc, could u upload it somewhere? - 0.4.0: http://rusfolder.com/39271452
|
|
|
Longest chain always wins
- no, currently it is not. Our servers simply stuck at some block #. So we have to download your nxtfiles. You need to change this, to modify the block generating algo, and block propagating algo. With all that Hallmarks so many chains now...
|
|
|
what version is best now, 0.4.3e?
0.4.0 or 0.4.3e. 0.4.2 has CORS enabled and subject to attack from millions of innocent Internet surfers. - I think we must test thoroughly every new version on test net (including the simulation of zombie attack) before publishing it. I am intentionally bought separate VPS for this. I had installed v.0.4.1e, but without long testing it becomes 0.4.2 ... May be we all need to install 0.4.0 ? Could you re-publish it ?
|
|
|
... and the more weight your hallmark is, the better - no, Hallmark is irrelevant to current DDos: Ddos is incoming requests, push and pull r for outcoming ones. Also it targets Jetty core, not Nxt servlet.
|
|
|
may be something wrong with newest versions (0.4.1e and 0.4.2) ?
my 0.4.0 VPS with well-known (bootstrap) IP can work ~2 hour before "java.lang.NullPointerException", whereas my anorher VPS 0.4.2 with unknown (for public) IP hardly survive 30 min.
Nothing special AFAIK, maybe BCNext added something, I don't review all the changes... - may be this? no? Added support for CORS Ddos is incoming requests, push and pull r for outcoming ones. Also it targets Jetty core, not Nxt servlet.
- It seems, that you and BCNext need to find a way to modify Jetty core, or something, to make Hallmark-based (at least) protection. To buy expensive VPSs, wich would be the first target - it is not an option .. it is centralization ...
|
|
|
may be something wrong with newest versions (0.4.1e and 0.4.2) ?
my 0.4.0 VPS with well-known (bootstrap) IP can work ~2 hour before "java.lang.NullPointerException", whereas my anorher VPS 0.4.2 with unknown (for public) IP hardly survive 30 min.
|
|
|
Put hosts listed in lastBlockchainFeed about into "wellKnownPeers". Set other parameters to:
connectTimeout = 2000 readTimeout = 2000 pushThreshold = 1 pullThreshold = 1
- may be we need to set pushThreshold = 500000 pullThreshold = 500000 in order to use only Hallmarked nodes? to diminish the attack ? 500 seconds too much - doesn't push Threshold define the hallmark weight ? not seconds? pushThreshold is weight. - so didn't you and BCNext invent Hallmarks exactly in order to fight against Application level attack ? doesn't we need to put higher value into pullThreshold, in order to bypass the attacker's requests?
|
|
|
Put hosts listed in lastBlockchainFeed about into "wellKnownPeers". Set other parameters to:
connectTimeout = 2000 readTimeout = 2000 pushThreshold = 1 pullThreshold = 1
- may be we need to set pushThreshold = 500000 pullThreshold = 500000 in order to use only Hallmarked nodes? to diminish the attack ? 500 seconds too much - doesn't push Threshold define the hallmark weight ? not seconds?
|
|
|
Put hosts listed in lastBlockchainFeed about into "wellKnownPeers". Set other parameters to:
connectTimeout = 2000 readTimeout = 2000 pushThreshold = 1 pullThreshold = 1
- may be we need to set pushThreshold = 500000 pullThreshold = 500000 in order to use only Hallmarked nodes? to diminish the attack ?
|
|
|
Thx guys.
Change some settings in ur web.xml.
Put hosts listed in lastBlockchainFeed about into "wellKnownPeers". Set other parameters to:
connectTimeout = 2000 readTimeout = 2000 pushThreshold = 1 pullThreshold = 1
- do that, and get (v. 0.4. 2): [2013-12-22 17:57:36.370] Loading transactions... [2013-12-22 17:57:38.545] ...Done [2013-12-22 17:57:38.546] Loading blocks... [2013-12-22 17:57:41.193] ...Done [2013-12-22 17:57:41.193] Scanning blockchain... [2013-12-22 17:57:45.474] ...Done 2013-12-22 17:57:45.517:INFO:oejsh.ContextHandler:main: Started o.e.j.w.WebAppContext@a2e02b2{/,file:/root/nxt/webapps/root/,AVAILABLE}{/root} 2013-12-22 17:57:45.598:INFO:oejs.ServerConnector:main: Started ServerConnector@17be8e6c{HTTP/1.1}{0.0.0.0:7874} 2013-12-22 17:57:47.834:INFO:oejs.ServerConnector:main: Started ServerConnector@2d8b20a0{SSL-http/1.1}{0.0.0.0:7875} 2013-12-22 17:57:59.767:WARN:oejh.HttpParser:qtp1313211444-36: badMessage: java.lang.IllegalStateException: too much data after closed for HttpChannelOverHttp@738aa857{r=1,a=IDLE,uri=-} 2013-12-22 17:58:21.487:WARN:oejh.HttpParser:qtp1313211444-48: badMessage: java.lang.IllegalStateException: too much data after closed for HttpChannelOverHttp@3466386e{r=11,a=IDLE,uri=-} 2013-12-22 17:58:22.000:WARN:oejs.HttpChannel:Scheduler-1568884390: Commit failed java.util.concurrent.TimeoutException: Idle timeout expired: 5189/5000 ms at org.eclipse.jetty.io.IdleTimeout.checkIdleTimeout(IdleTimeout.java:153) at org.eclipse.jetty.io.IdleTimeout$1.run(IdleTimeout.java:50) at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source) at java.util.concurrent.FutureTask.run(Unknown Source) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(Unknown Source) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(Unknown Source) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Killed
EDIT: my mistake, that was 0.4. 2
|
|
|
I am on 22310
- me too. 22310 4747512364439223888 22.12.2013 21:34:25 1 0 + 1 134 B 1 6149600228563548577 495 %
|
|
|
0.4.2 I'm constantly get errors: .......
- and at the same time another my VPS (0.4. 0) doesn't get any errors.. EDIT: with exeptoin of: 2013-12-22 17:23:00.717:WARN:oejh.HttpParser:qtp1455299089-36: badMessage: java.lang.IllegalStateException: too much data after closed for HttpChannelOverHttp@3ccfbd0{r=41,a=IDLE,uri=-} 2013-12-22 17:23:14.487:WARN:oejh.HttpParser:qtp1455299089-19: badMessage: java.lang.IllegalStateException: too much data after closed for HttpChannelOverHttp@5a234229{r=1,a=IDLE,uri=-} 2013-12-22 17:24:04.311:WARN:oejh.HttpParser:qtp1455299089-13: badMessage: java.lang.IllegalStateException: too much data after closed for HttpChannelOverHttp@4f64bf11{r=2,a=IDLE,uri=-}
|
|
|
0.4.2 I'm constatnly get errors: 2013-12-22 17:13:03.043:WARN:oejs.ServletHandler:qtp1455299089-49: /nxt java.io.IOException: java.util.concurrent.TimeoutException: Idle timeout expired: 5000/5000 ms at org.eclipse.jetty.util.BlockingCallback.block(BlockingCallback.java:101) at org.eclipse.jetty.server.HttpChannel.write(HttpChannel.java:734) at org.eclipse.jetty.server.HttpOutput.write(HttpOutput.java:307) at java.io.OutputStream.write(Unknown Source) at Nxt.doPost(Unknown Source) at javax.servlet.http.HttpServlet.service(HttpServlet.java:707) at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:696) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:526) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:568) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:221) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1110) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:453) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:183) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1044) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:199) at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:109) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97) at org.eclipse.jetty.server.Server.handle(Server.java:459) at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:280) at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:229) at org.eclipse.jetty.io.AbstractConnection$1.run(AbstractConnection.java:505) at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:607) at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:536) at java.lang.Thread.run(Unknown Source) Caused by: java.util.concurrent.TimeoutException: Idle timeout expired: 5000/5000 ms at org.eclipse.jetty.io.IdleTimeout.checkIdleTimeout(IdleTimeout.java:153) at org.eclipse.jetty.io.IdleTimeout$1.run(IdleTimeout.java:50) at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source) at java.util.concurrent.FutureTask.run(Unknown Source) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(Unknown Source) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(Unknown Source) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source)
|
|
|
как посмотреть какие алиасы за тобой уже застолблены? клиент 0.4.2
- http://localhost:7874/nxt?requestType=listAccountAliases&account=<твой_аккаунт>
|
|
|
Для запуска нужно прописывать полный путь к вашей папке в Явой ...
- это только для неудачно установленной Java. Я ставил Джаву и в XP, и в голой семёрке - сразу после инсталляции команда , также как и батник из одной этой строки, прекрасно запускает Джаву. Также start.jar (т.е. сервер Nxt) можно запустить двойным щелчком по нему (единственно, не будет видна консоль). Не знаю, как люди добиваются того, чтобы Джава после инсталляции не запускалась (без указания полного пути к java.exe). Возможно, инсталлируют её не под администраторскими правами.
|
|
|
|