Ban Bitcoin XT connections to my node?

[masterluc]

This goes to autostart:

Code:

echo "/usr/bin/ipset create bitcoinxt iphash timeout 0" >> /etc/rc.local

This goes to /etc/cron.hourly

Code:

#!/bin/bash
/bin/grep BitcoinXT /var/log/kern.log | /usr/bin/perl -e 'while (<>) { if (/SRC=(\d+\.\d+\.\d+\.\d+)/) {print "$1\n";} }' | /bin/sort | /usr/bin/uniq -u | /usr/bin/xargs -L 1 ipset -exist add bitcoinxt

voila

[1714996861]

1714996861

[1714996861]

1714996861

[1714996861]

1714996861

[1714996861]

1714996861

[Carlton Banks]

We can get this working on Android too, ban XT from the network using Hearn's very own java reimplementation of the protocol 

Just need to add the same iptables parameters, but to the "mangle" table instead of the main table. The rules get overwritten otherwise.

[masterluc]

It is not right to ban them from SPV clients - let them work 

Ban only away from full node - don't waste resources.

[Carlton Banks]

It is not right to ban them from SPV clients - let them work 

Ban only away from full node - don't waste resources.

lol that's an interesting way around of looking at it, I hadn't thought of that. Give them something to do 

[JackH]

XT is poison and should be blacklisted completely. This hostile takeover of Bitcoin was sponsored by someone with a large budget, and finally people are starting to see the truth and actively attack back. I will blacklist any XT node from now on!

[knight22]

XT is poison and should be blacklisted completely. This hostile takeover of Bitcoin was sponsored by someone with a large budget, and finally people are starting to see the truth and actively attack back. I will blacklist any XT node from now on!

You just figured it out by yourself?  

BTW that "someone" is not alone. There is a whole bunch of it.

[ChetnotAtkins]

Good work. Lets stop this attack against Bitcoin.

Stop XT!

[masterluc]

BitcoinXT reminds me of the early days of bitcoin ....

You know when you get blacklisted and blocked by financial institutions.

It all starts like this. First they ignore you, then they fight you...

BTW OP what you're doing is nothing compared to the piece of shit who is DDoSing XTnodes.

Nothing to fight with. 10.5% of nodes. Just don't waste my connection pool when network under attack.

[masterluc]

Your approach only works for nodes sending the string 'Bitcoin XT'. XT nodes are currently relaying the exact same information so there's no point in block them until January 2016.

They send user agent string Bitcoin XT

[Carlton Banks]

Your approach only works for nodes sending the string 'Bitcoin XT'. XT nodes are currently relaying the exact same information so there's no point in block them until January 2016.

Code:

# chmod 755

I appreciate the mention.

chmod 755 does for some reason often feel like the answer to everything   

[frontdenplastic]

Your approach only works for nodes sending the string 'Bitcoin XT'. XT nodes are currently relaying the exact same information so there's no point in block them until January 2016.

Code:

# chmod 755

I appreciate the mention.

chmod 755 does for some reason often feel like the answer to everything   

No, chmod 777 is a much more powerful solution to permissioning issues.

[TransaDox]

All that cryptic text and command output reminds me of Windows 95. 

[masterluc]

All that cryptic text and command output reminds me of Windows 95. 

Shell driven Microsoft OS appeared only in 2009. It should remind you windows 7.

[anamichii]

yea lets block the xt connection..
iam using ubuntu server, i'll try to make set my firewall too

[erik777]

Fuck the windows.

Okay, I put this:

Code:

iptables -A INPUT -p tcp -m tcp --dport 8333 -m string --string "Bitcoin XT" --algo bm --to 65535 -j LOG --log-prefix "BitcoinXT" --log-level 1 

Now need a way to extract logged IP and put it to ipset

Got log entry, found asshole 188.18.202.245

Code:

BitcoinXTIN=eth0 OUT= MAC=XXX SRC=188.18.202.245 DST=XXMYIPXX LEN=172 TOS=0x00 PREC=0x00 TTL=56 ID=64279 DF PROTO=TCP SPT=35311 DPT=8333 WINDOW=2840 RES=0x00 ACK PSH URGP=0 

lol

[erik777]

Fill in ban list

Code:

[root@localhost ~]# grep BitcoinXT /var/log/kern.log | perl -e 'while (<>) { if (/SRC=(\d+\.\d+\.\d+\.\d+)/) {print "$1\n";} }' | sort | uniq -u | xargs -L 1 ipset add bitcoinxt 
[root@localhost ~]# ipset list
Name: bitcoinxt
Type: hash:ip
Header: family inet hashsize 1024 maxelem 65536 timeout 0 
Size in memory: 8588
References: 1
Members:
95.52.18.154 timeout 0
31.162.118.16 timeout 0
188.18.202.245 timeout 0
92.37.204.174 timeout 0
92.37.173.6 timeout 0
95.37.186.63 timeout 0
86.102.161.110 timeout 0
178.44.216.148 timeout 0
195.78.126.113 timeout 0
92.49.177.97 timeout 0

This one should be done periodically

Code:

grep BitcoinXT /var/log/kern.log | perl -e 'while (<>) { if (/SRC=(\d+\.\d+\.\d+\.\d+)/) {print "$1\n";} }' | sort | uniq -u | xargs -L 1 ipset add bitcoinxt

Now you just need to fork XT's DoS patch, and create a patch that replaced Hearn's Tor blacklist with code that pulls from this.  hahaha

[TransaDox]

All that cryptic text and command output reminds me of Windows 95.  

Shell driven Microsoft OS appeared only in 2009. It should remind you windows 7.

Shell driven OS's are 1960/70's technology which was extended in the 1980/90s by bolting GUIs on top. Windows 3.1 and windows 95 were GUIs on top of a DOS prompt the same way Unity, X-Windows et. al. sits on top of Bash.

If you have to go to a command prompt in Windows 7, you're probably from Linux and regressing to your inner cavemen.

-------------------------------

On the subject of banning - generally rather than owner maintained lists. End user software shouldn't ban anything, IMO. Rate limit, yes. Drop connections, yes. Ban? No. A ban is like self harm - you are DOSsing yourself. It was a bitcoin ban mechanism that meant a Tor protected client could be encircled and de-anonmised.

In this phase, the attacker exploits the built-in Bitcoin anti-
Dos protection. The attacker chooses a non-attacker’s Bitcoin
peer  and  a  non-attacker’s  Tor  Exit,  builds  a  circuit  through
this Exit node and sends a malformed message to the chosen
Bitcoin  peer  (e.g.  a  malformed  coinbase  transaction  which  is
60  bytes  in  size  and  which  causes  the  immediate  ban  for  24
hours).

Sores.

[Carlton Banks]

Your approach only works for nodes sending the string 'Bitcoin XT'. XT nodes are currently relaying the exact same information so there's no point in block them until January 2016.

Code:

# chmod 755

I appreciate the mention.

chmod 755 does for some reason often feel like the answer to everything   

No, chmod 777 is a much more powerful solution to permissioning issues.

Both are inadvisable in a root account/Mandatory Access Control system, chmod 777 in particular; the 3rd '7' will make the file or directory readable, writable and executable for Others. Other is the most sensitive access level, that's the rest of the internet that can address your IP.

[masterluc]

to ban it is very silly.

i recommend this podcast with gavin:

https://epicenterbitcoin.com/podcast/094/

Mike Hole likes blacklists. I see blacklist is his secret sex dream. "Oh, hunny, I was a bad boy, so please blacklist me now hard!". So here is some pleasure for him.

Code:

[root@localhost ~]# ipset list
Name: bitcoinxt
Type: hash:ip
Header: family inet hashsize 1024 maxelem 65536 timeout 0 
Size in memory: 12748
References: 2
Members:
178.207.212.77 timeout 0
46.48.207.254 timeout 0
178.204.21.37 timeout 0
92.37.157.208 timeout 0
178.204.116.214 timeout 0
94.241.1.185 timeout 0
5.143.81.49 timeout 0
46.158.180.252 timeout 0
109.184.237.27 timeout 0
77.94.122.122 timeout 0
95.53.114.28 timeout 0
85.192.134.21 timeout 0
176.51.132.64 timeout 0
178.207.253.99 timeout 0
95.70.123.241 timeout 0
188.114.8.99 timeout 0
5.138.247.242 timeout 0
109.184.91.19 timeout 0
95.70.33.86 timeout 0
178.67.165.114 timeout 0
178.68.221.168 timeout 0
109.147.229.121 timeout 0
188.18.250.20 timeout 0
73.182.147.206 timeout 0
31.163.112.63 timeout 0
78.37.63.25 timeout 0
78.37.54.48 timeout 0
2.60.135.235 timeout 0
178.68.133.169 timeout 0
95.106.143.65 timeout 0
178.68.142.70 timeout 0
92.37.194.165 timeout 0
188.16.14.188 timeout 0
78.29.90.8 timeout 0
77.51.69.128 timeout 0
87.251.114.145 timeout 0
95.52.18.154 timeout 0
95.37.84.223 timeout 0
37.21.92.223 timeout 0
212.55.111.19 timeout 0
46.159.19.194 timeout 0
95.165.205.145 timeout 0
81.4.200.111 timeout 0
5.139.81.44 timeout 0
176.52.116.178 timeout 0
93.177.56.235 timeout 0
92.101.10.32 timeout 0
31.162.118.16 timeout 0
95.189.43.240 timeout 0
178.67.14.238 timeout 0
37.76.186.17 timeout 0
46.159.34.2 timeout 0
31.180.69.181 timeout 0
178.46.37.7 timeout 0
31.180.219.230 timeout 0
109.184.96.96 timeout 0
95.70.106.211 timeout 0
178.204.154.56 timeout 0
46.48.178.70 timeout 0
93.120.185.96 timeout 0
82.140.209.7 timeout 0
188.18.202.245 timeout 0
5.143.42.201 timeout 0
94.245.183.162 timeout 0
95.71.253.245 timeout 0
31.23.71.137 timeout 0
31.181.32.8 timeout 0
37.21.3.213 timeout 0
92.37.131.121 timeout 0
37.21.36.108 timeout 0
5.138.104.148 timeout 0
95.53.27.158 timeout 0
178.67.190.175 timeout 0
92.37.204.174 timeout 0
46.158.195.130 timeout 0
95.37.177.142 timeout 0
92.37.173.6 timeout 0
178.207.75.108 timeout 0
93.92.182.26 timeout 0
31.23.175.53 timeout 0
213.129.51.145 timeout 0
109.187.248.91 timeout 0
5.139.146.38 timeout 0
89.109.10.241 timeout 0
95.37.186.63 timeout 0
178.44.204.95 timeout 0
109.184.156.211 timeout 0
46.158.82.72 timeout 0
178.129.217.51 timeout 0
95.70.96.99 timeout 0
78.36.75.57 timeout 0
5.138.13.94 timeout 0
85.173.94.70 timeout 0
92.37.178.117 timeout 0
31.181.255.235 timeout 0
31.23.40.6 timeout 0
92.37.155.69 timeout 0
178.64.132.207 timeout 0
178.65.109.38 timeout 0
95.188.224.224 timeout 0
178.65.133.185 timeout 0
86.102.161.110 timeout 0
176.100.71.189 timeout 0
31.181.127.200 timeout 0
46.48.156.116 timeout 0
95.37.59.128 timeout 0
95.55.234.36 timeout 0
178.65.190.83 timeout 0
86.102.23.117 timeout 0
95.72.178.140 timeout 0
95.52.163.203 timeout 0
178.44.216.148 timeout 0
31.181.9.247 timeout 0
95.54.209.136 timeout 0
213.129.42.244 timeout 0
95.84.41.233 timeout 0
31.23.69.31 timeout 0
195.78.126.113 timeout 0
178.46.121.141 timeout 0
109.127.174.49 timeout 0
95.37.142.84 timeout 0
92.127.82.46 timeout 0
37.23.114.199 timeout 0
95.55.247.49 timeout 0
37.76.160.71 timeout 0
109.184.84.174 timeout 0
92.101.103.218 timeout 0
95.152.58.92 timeout 0
46.158.133.40 timeout 0
95.188.215.250 timeout 0
5.143.41.240 timeout 0
176.51.218.19 timeout 0
92.49.177.97 timeout 0
95.110.78.36 timeout 0
31.180.212.39 timeout 0
95.84.13.60 timeout 0
5.139.139.154 timeout 0
93.124.118.209 timeout 0
188.17.228.32 timeout 0
178.205.238.115 timeout 0
178.44.210.245 timeout 0
95.71.203.201 timeout 0
188.120.62.217 timeout 0
87.225.64.104 timeout 0

[meono]

to ban it is very silly.

i recommend this podcast with gavin:

https://epicenterbitcoin.com/podcast/094/

Mike Hole likes blacklists. I see blacklist is his secret sex dream. "Oh, hunny, I was a bad boy, so please blacklist me now hard!". So here is some pleasure for him.

Code:

[root@localhost ~]# ipset list
Name: bitcoinxt
Type: hash:ip
Header: family inet hashsize 1024 maxelem 65536 timeout 0 
Size in memory: 12748
References: 2
Members:
178.207.212.77 timeout 0
46.48.207.254 timeout 0
178.204.21.37 timeout 0
92.37.157.208 timeout 0
178.204.116.214 timeout 0
94.241.1.185 timeout 0
5.143.81.49 timeout 0
46.158.180.252 timeout 0
109.184.237.27 timeout 0
77.94.122.122 timeout 0
95.53.114.28 timeout 0
85.192.134.21 timeout 0
176.51.132.64 timeout 0
178.207.253.99 timeout 0
95.70.123.241 timeout 0
188.114.8.99 timeout 0
5.138.247.242 timeout 0
109.184.91.19 timeout 0
95.70.33.86 timeout 0
178.67.165.114 timeout 0
178.68.221.168 timeout 0
109.147.229.121 timeout 0
188.18.250.20 timeout 0
73.182.147.206 timeout 0
31.163.112.63 timeout 0
78.37.63.25 timeout 0
78.37.54.48 timeout 0
2.60.135.235 timeout 0
178.68.133.169 timeout 0
95.106.143.65 timeout 0
178.68.142.70 timeout 0
92.37.194.165 timeout 0
188.16.14.188 timeout 0
78.29.90.8 timeout 0
77.51.69.128 timeout 0
87.251.114.145 timeout 0
95.52.18.154 timeout 0
95.37.84.223 timeout 0
37.21.92.223 timeout 0
212.55.111.19 timeout 0
46.159.19.194 timeout 0
95.165.205.145 timeout 0
81.4.200.111 timeout 0
5.139.81.44 timeout 0
176.52.116.178 timeout 0
93.177.56.235 timeout 0
92.101.10.32 timeout 0
31.162.118.16 timeout 0
95.189.43.240 timeout 0
178.67.14.238 timeout 0
37.76.186.17 timeout 0
46.159.34.2 timeout 0
31.180.69.181 timeout 0
178.46.37.7 timeout 0
31.180.219.230 timeout 0
109.184.96.96 timeout 0
95.70.106.211 timeout 0
178.204.154.56 timeout 0
46.48.178.70 timeout 0
93.120.185.96 timeout 0
82.140.209.7 timeout 0
188.18.202.245 timeout 0
5.143.42.201 timeout 0
94.245.183.162 timeout 0
95.71.253.245 timeout 0
31.23.71.137 timeout 0
31.181.32.8 timeout 0
37.21.3.213 timeout 0
92.37.131.121 timeout 0
37.21.36.108 timeout 0
5.138.104.148 timeout 0
95.53.27.158 timeout 0
178.67.190.175 timeout 0
92.37.204.174 timeout 0
46.158.195.130 timeout 0
95.37.177.142 timeout 0
92.37.173.6 timeout 0
178.207.75.108 timeout 0
93.92.182.26 timeout 0
31.23.175.53 timeout 0
213.129.51.145 timeout 0
109.187.248.91 timeout 0
5.139.146.38 timeout 0
89.109.10.241 timeout 0
95.37.186.63 timeout 0
178.44.204.95 timeout 0
109.184.156.211 timeout 0
46.158.82.72 timeout 0
178.129.217.51 timeout 0
95.70.96.99 timeout 0
78.36.75.57 timeout 0
5.138.13.94 timeout 0
85.173.94.70 timeout 0
92.37.178.117 timeout 0
31.181.255.235 timeout 0
31.23.40.6 timeout 0
92.37.155.69 timeout 0
178.64.132.207 timeout 0
178.65.109.38 timeout 0
95.188.224.224 timeout 0
178.65.133.185 timeout 0
86.102.161.110 timeout 0
176.100.71.189 timeout 0
31.181.127.200 timeout 0
46.48.156.116 timeout 0
95.37.59.128 timeout 0
95.55.234.36 timeout 0
178.65.190.83 timeout 0
86.102.23.117 timeout 0
95.72.178.140 timeout 0
95.52.163.203 timeout 0
178.44.216.148 timeout 0
31.181.9.247 timeout 0
95.54.209.136 timeout 0
213.129.42.244 timeout 0
95.84.41.233 timeout 0
31.23.69.31 timeout 0
195.78.126.113 timeout 0
178.46.121.141 timeout 0
109.127.174.49 timeout 0
95.37.142.84 timeout 0
92.127.82.46 timeout 0
37.23.114.199 timeout 0
95.55.247.49 timeout 0
37.76.160.71 timeout 0
109.184.84.174 timeout 0
92.101.103.218 timeout 0
95.152.58.92 timeout 0
46.158.133.40 timeout 0
95.188.215.250 timeout 0
5.143.41.240 timeout 0
176.51.218.19 timeout 0
92.49.177.97 timeout 0
95.110.78.36 timeout 0
31.180.212.39 timeout 0
95.84.13.60 timeout 0
5.139.139.154 timeout 0
93.124.118.209 timeout 0
188.17.228.32 timeout 0
178.205.238.115 timeout 0
178.44.210.245 timeout 0
95.71.203.201 timeout 0
188.120.62.217 timeout 0
87.225.64.104 timeout 0

Man you need to take your meds. Also dont bother with humor again, you just suck. I can see you must be very popular at parties......