Bitcoin Forum
December 04, 2016, 04:37:40 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: dgs  (Read 1126 times)
Anonymous
Guest

dgs
June 02, 2011, 11:31:52 PM
 #1

asdg
1480869460
Hero Member
*
Offline Offline

Posts: 1480869460

View Profile Personal Message (Offline)

Ignore
1480869460
Reply with quote  #2

1480869460
Report to moderator
1480869460
Hero Member
*
Offline Offline

Posts: 1480869460

View Profile Personal Message (Offline)

Ignore
1480869460
Reply with quote  #2

1480869460
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1480869460
Hero Member
*
Offline Offline

Posts: 1480869460

View Profile Personal Message (Offline)

Ignore
1480869460
Reply with quote  #2

1480869460
Report to moderator
njloof
Member
**
Offline Offline

Activity: 75


View Profile
June 02, 2011, 11:33:34 PM
 #2

Sure, go for it. Setting up mining pools is the new mining.
Soros Shorts
Donator
Legendary
*
Offline Offline

Activity: 1456



View Profile
June 03, 2011, 12:21:16 AM
 #3

If you want it to be an invite-only pool, consider allowing only access via SSH tunnels. Each indidual user account also authenticates the SSH tunnel.

It would reduce the possibility of DDOS attacks significantly. Further, because you know which user account authenticated each tunnel if garbage traffic starts coming in from any one tunnel you would know who is responsible and deauthorize that user.

The SSH server is still susceptible to DDOS but you can easily put it on a separate box/datacenter from your pool server, e.g. on an small Amazon EC2 cloud instance which could be scaled up to multiple instances during a DDOS attack. That way your pool server is protected and nobody has to know where it is physically located.
Soros Shorts
Donator
Legendary
*
Offline Offline

Activity: 1456



View Profile
June 03, 2011, 01:09:51 AM
 #4

If apache isn't even running on the pool server, is push pool still attack able if say I block all ICMP requests?
Depends on your configuration. If you set up pushpool to listen on a publicly accessible IP/port then it can still be directly attacked by people who know the IP address and port. They might, for example, send a flood of tcp connects that just linger until you run out of available connections for valid miners. This doesn't attack require ICMP.
Genrobo
Newbie
*
Offline Offline

Activity: 28


View Profile
June 03, 2011, 01:18:35 AM
 #5

Someone needs to come up with a server script that, when multiple connections are incoming...
The first connection is answered in X time.
The next connection within Y seconds from the first connection is answered in X + (Y-1) seconds.
So if there's an instant connect attempt, the next one will take at least Y seconds to be answered/accepted.

In instances of a DDOS attempt of multiple logins, this would help mitigate the issue greatly.

17YwW6cuSbXLT8cvvdAcfy1iHyPkhVE7CG
Donations welcome, not required.
I'll be honest, any donations aren't used for a good cause, they go directly to booze, food, herbal substances Wink, and computer hardware.
I will squander the money, but hell, at least you know one person is having a good time.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!