Bitcoin Forum
February 03, 2023, 01:43:05 AM *
News: Latest Bitcoin Core release: 24.0.1 [Torrent]
 
  Home Help Search Login Register More  
  Show Posts
Pages: « 1 [2] 3 4 5 6 7 »
21  Alternate cryptocurrencies / Altcoin Discussion / Re: LuckyCoin LKC/LTC & LKC/BTC Google Docs Exchange on: May 25, 2013, 04:08:03 PM
Big ups. Thanks for doing this!

De nada! Tiiips are welcome!


If your exchange helps me sell, you will certainly have a tip for your troubles from me.
22  Alternate cryptocurrencies / Altcoin Discussion / Re: LuckyCoin LKC/LTC & LKC/BTC Google Docs Exchange on: May 25, 2013, 04:00:37 PM
WTS - 1244 LKY for 1.244 BTC
23  Alternate cryptocurrencies / Altcoin Discussion / Re: [POLL] WorldCoin vs Nibble - who will win this rat race? on: May 19, 2013, 03:42:03 PM
Nibble was horrible for me last night, spent 2 hours solo mining got all rejects/orphans.  Had 2 "trick" blocks appear in my wallet as confirmed then became orphans 10 seconds later, after that I had enough of nibble and went back to mining worldcoin. 



On the worldcoin launch I had 10K disappear from my wallet in this fashion, don't feel bad Smiley
24  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] The Nibble - Real Currency - 5/19/2013 12AM UTC [UPDATED RELEASE] on: May 19, 2013, 03:03:05 PM
I can certainly tell you all that if the OP gives me 1k NBL that NBL will have a much better logo than WDC - and that seems to be the competition at the moment.

I wouldn’t dare ask for a donation – I’d rather the guys that got those 100k to share some love to benefit themselves , otherwise this will be a useless release.

and i'm happy for it to stay like that , unless i have over 5k of this eventually .


Then ask people who made 100K - because I'm not that guy.

3229.10NIB, 3.5Mhash here
25  Alternate cryptocurrencies / Altcoin Discussion / Re: [POLL - OPINION] WorldCoin vs Nibble - who will win this rat race? on: May 19, 2013, 01:35:09 PM
I have to say, even with the low difficulty start... The launch of nibble was pretty fair.
26  Alternate cryptocurrencies / Altcoin Discussion / Re: My Alt coin trading list. (Selling ELC and PWC) on: May 18, 2013, 11:50:01 PM
Let's try 100WDC for 1000 PWC first.

My PWC address :  pPiw9UUdbhXAx37E4h9KPMwgdqqBC8uYLo



After you buy him out, I have 10K for you Smiley
27  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] The Nibble - Real Currency - 5/18/2013 11PM UTC on: May 18, 2013, 10:33:34 PM
Here ya go. 



Nice work man Smiley
28  Alternate cryptocurrencies / Altcoin Discussion / Re: DDOS Attacks. What you can do to help stop them! on: May 18, 2013, 10:01:42 PM
Since you are rather persistent in putting me down, without actually being constructive.

http://pastebin.com/vRxmpFbc

Updated using DROP instead.

Guess this is why I don't give out quick example code, I should of learnt from last time.
To be clear I don't use just this in my production servers, so before you get judgemental, assess it for what it is, rather than assuming.
I'll keep my code to myself if I get this sort of reception.

I am not trying to put you down, I am offering advice based on my past experience.
29  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] The Nibble - Real Currency - 5/18/2013 11PM UTC on: May 18, 2013, 09:49:09 PM
Ok... So where is it???



Where is what?

It says 11PM UTC... It's a bit past that, is it not?
30  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] The Nibble - Real Currency - 5/18/2013 11PM UTC on: May 18, 2013, 09:46:52 PM
Ok... So where is it???

31  Alternate cryptocurrencies / Altcoin Discussion / Re: DDOS Attacks. What you can do to help stop them! on: May 18, 2013, 06:11:03 PM
Also, a skilled attacker can use you in a reflection attack just because of this rule.
Example, if Villain wants to send a DDOS to google's public DNS 8.8.8.8
All he needs to do is spoof his syn packets to 8.8.8.8, and send them to you.
You are going to participate in a reflection attack now, because your rules are not well thought out.
32  Alternate cryptocurrencies / Altcoin Discussion / Re: DDOS Attacks. What you can do to help stop them! on: May 18, 2013, 06:04:35 PM
I really believe the important lesson here is that rejecting packets instead of dropping them can help the surrounding network get a hint of what's going on and mitigate the situation, even though dropping the packets may superficially seem more effective (because it does not create any more traffic on an already heavily burdened network, REJECT does).

Actually, sending the resets will do nothing to mitigate the attacks, and why does the rest of the internet need to know you are being attacked?
Rules like this just cause network backscatter, that's all they do.
There is no case in which sending a TCP reset out, for a spoofed syn packet can ever help you.. You are just letting them use more resources at your end.
You can get a tremendous gain in firewall performance if you DROP these packets, and again if you are using conntrack you should try to drop these in the raw table PREROUTING chain, before they enter the conntrack table.

I deal with large-scale attacks on daily basis, we fend off SYN attacks for our clients at over 10mpps.. At these rates, sending tcp resets out for each packet received only puts a massive increase on the network load, burns a ton of egress bandwidth and accomplishes nothing.
The advice I am giving you is very sound, do your research if you don't believe me.
33  Alternate cryptocurrencies / Altcoin Discussion / Re: DDOS Attacks. What you can do to help stop them! on: May 18, 2013, 04:26:15 PM
In my experience DROP isn't what you want in this case. DROP leaves the tracking burden on all the stateful gear between you and the endpoint - which doesn't fix the problem. But if you wish to change it, by all means. I gave a simple code example for easy tweaking.


Drop discards packets silently.
If you are receiving a ddos attack, you certainly don't want to be sending tcp resets to all the spoofed ips that attack..
This creates backscatter, and burns resources on your end.

A TCP reset should be sent only when it's purpose is to legitimately notify the connecting IP that there is no services at the given ip/port.

Also, there should not be any stateful gear between you and the endpoint.

It's quite simple, if someone sends a SYN flood from random IP's is it better to tell all the IP's who never sent anything in the first place to reset the connection they didn't try to make? Or just drop the packet immediately upon receipt and be done with it?


34  Alternate cryptocurrencies / Altcoin Discussion / Re: DDOS Attacks. What you can do to help stop them! on: May 18, 2013, 04:03:21 PM
This is a quick simplified version of what I have used on my backend servers (for if it gets past my 1st firewall).
http://pastebin.com/CzVfr27P

I modified it quickly. While I'm working on one for PFSense, I figure someone can enjoy the use of this regardless of what server setup they have (within reason).

Similar to this is also this one, which is a little nicer since it comes with a few extras.
http://deflate.medialayer.com/


-j REJECT --reject-with tcp-reset

You should replace this with -j DROP

In the event of a DDOS attack, you don't want to be sending anything out at all... This leads to more resources being used on the server and also causes a lot of network back-scatter.

Also, if you are using conntrack on the server, you may want to look at dropping them in the raw table PREROUTING chain.... This will stop the connections from entering the conntrack table and save you a ton of resources.
35  Alternate cryptocurrencies / Altcoin Discussion / Re: GLDCoin - A Litecoin Based Currency With a More Favorable Block Reward on: May 18, 2013, 03:24:54 PM
I will hopefully have a lottery game ready in the next 6 hours Smiley

Nice work, I am holding quite a few GLD myself.... I wanna try it..
36  Alternate cryptocurrencies / Altcoin Discussion / Re: DDOS Attacks. What you can do to help stop them! on: May 17, 2013, 10:56:57 PM
Was that your educated guess? Sorry to tell you, but you are wrong!
From all emails sent only in 2 cases they really needed to have it open. But even som they were conscious about the problem and they even tightened the number of queries per minute they allow.
All the remaining cases, simply didn't know about the problem and where looking for malware/virus on their servers.

US-CERT as some nice info about this and how to fix it:
http://www.us-cert.gov/ncas/alerts/TA13-088A

Cheers,
khaos
 
I consider it SPAM, and I offer ddos protection services.
...
As as a person who offers DDOS protection services and deals with a ton of these false positives every day, I know a thing or two about this.

As a person who offers DDOS protection services, you have a vested interest in not seeing actions like this having much effect. It's called a Conflict of Interest.

People need to understand the value of receiving third party email regarding problems on their network. I've been an admin for years, and some of the most effective tools for identifying servers that have been, to some degree, compromised are third-party notifications.

/Salute to KhaOS and Serraz for trying to do something positive, and then spreading it to the community.


You are missing the point, you are sending emails to a source that has either sent nothing at all or is an open recursive DNS server MOST of the time.


Forget it Smiley
Thought you knew what real ddos attacks were... I guess you don't actually see real attacks you just have script kiddie crap you can fight off with a few netfilter rules on your little servers.
I protect people from attacks, while we receive complains from a ton of retarded admins saying that our clients are attacking their DNS servers...
They don't bother to check that the query is around 70 bytes and the bloody return is around 4000bytes and we are actually receiving 20gbps on our end.
Anyways if it helps... do whatever you want, but seriously 90%+ of attacks are spoofed and you are just sending mail to nowhere/wrongip/etc
37  Alternate cryptocurrencies / Altcoin Discussion / Re: [WTB] 100 BitGem for 0.1 BTC on: May 17, 2013, 07:51:04 PM
I have 108 of these for sale Smiley
38  Alternate cryptocurrencies / Altcoin Discussion / Re: DDOS Attacks. What you can do to help stop them! on: May 17, 2013, 07:42:52 PM
I consider it SPAM, and I offer ddos protection services.
...
As as a person who offers DDOS protection services and deals with a ton of these false positives every day, I know a thing or two about this.

As a person who offers DDOS protection services, you have a vested interest in not seeing actions like this having much effect. It's called a Conflict of Interest.

People need to understand the value of receiving third party email regarding problems on their network. I've been an admin for years, and some of the most effective tools for identifying servers that have been, to some degree, compromised are third-party notifications.

/Salute to KhaOS and Serraz for trying to do something positive, and then spreading it to the community.


You are missing the point, you are sending emails to a source that has either sent nothing at all or is an open recursive DNS server MOST of the time.
39  Alternate cryptocurrencies / Altcoin Discussion / Re: DDOS Attacks. What you can do to help stop them! on: May 17, 2013, 05:02:05 PM
I consider it SPAM, and I offer ddos protection services.
The reason for this... If you log a ddos attack, you get 99% false positives.
The emails won't do any significant damage to the threat, and are just an annoyance for most people.
As as a person who offers DDOS protection services and deals with a ton of these false positives every day, I know a thing or two about this.
40  Alternate cryptocurrencies / Altcoin Discussion / Re: DDOS Attacks. What you can do to help stop them! on: May 17, 2013, 04:54:24 PM
Spamming innocent people?
We reported a problem to the network/system admin of the affected server?
From all emails sent, the common thing I see among all answers is: "Thank you for informing us about the problem".

And in the end, at least we try to do something. I would like to see your suggestions then...


You do realize 99% of ddos attacks are spoofed right, and the ones that aren't are usually reflection attacks.. ie, DNS amplification attacks.
Sending emails like that is just spamming a ton of innocent people most of the time.


And how many emails go to admins of public DNS servers that they can't or won't reconfigure to not be open recursive??.
I get a shitload of emails everyday complaining about "my ip's attacking" when in reality, I deal with multigigabit DNS amplifaction attacks at my end.
I don't think emailing the world helps, DDOS needs to be mitigated, not complained about.
Pages: « 1 [2] 3 4 5 6 7 »
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!