Bitcoin Forum
December 07, 2016, 12:44:11 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: What are we gonna do about the DDOSing?  (Read 1323 times)
KedP
Jr. Member
*
Offline Offline

Activity: 45

^_^;


View Profile WWW
June 03, 2011, 06:00:23 PM
 #1

DDOSing is extremely hard to circumvent event for the top security experts in the world.

The status quo is tremendously easy to exploit by these Russian botnet operators. They seem to be doing it regularly now.

1. DDOSing all the pools.
2. They increase their bitcoin profits for awhile.

I don't see how this is going to stop in the long run.

What is the countermeasure? Pool hopping is not a great solution because they can just DDOS all the pools.


Like my post: 1DvQzs6zaE4HR2gjRRDd6dfu6mJJaCQv7Z
1481114651
Hero Member
*
Offline Offline

Posts: 1481114651

View Profile Personal Message (Offline)

Ignore
1481114651
Reply with quote  #2

1481114651
Report to moderator
1481114651
Hero Member
*
Offline Offline

Posts: 1481114651

View Profile Personal Message (Offline)

Ignore
1481114651
Reply with quote  #2

1481114651
Report to moderator
1481114651
Hero Member
*
Offline Offline

Posts: 1481114651

View Profile Personal Message (Offline)

Ignore
1481114651
Reply with quote  #2

1481114651
Report to moderator
Visit and contribute to reddit.com/r/Bitcoin
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
no_alone
Member
**
Offline Offline

Activity: 84


View Profile
June 03, 2011, 06:03:24 PM
 #2

make it that the all miner will have a option that if a pool is not responsive for X second do solo mining...

Mine only when pc is IDLE totally indivisible...
http://forum.bitcoin.org/index.php?topic=9851.0
Mine on family computer without disturbing them

Donation : 1GjpJnLU8zdfEHW7FoCx2UUosJgc9prXN4
TheSeven
Hero Member
*****
Offline Offline

Activity: 504


FPGA Mining LLC


View Profile WWW
June 03, 2011, 06:10:01 PM
 #3

DDOSing is extremely hard to circumvent event for the top security experts in the world.

The status quo is tremendously easy to exploit by these Russian botnet operators. They seem to be doing it regularly now.

1. DDOSing all the pools.
2. They increase their bitcoin profits for awhile.

Do those few DDoS attacks really have a noticable impact on the difficulty? How many percent of the total hashing power were down for how many percent of the time? I don't think it's really that much.

I don't see how this is going to stop in the long run.

What is the countermeasure? Pool hopping is not a great solution because they can just DDOS all the pools.
DDoSing all pools would require even more lots of (expensive) botnet members. I'm not sure if this pays off.

My tip jar: 13kwqR7B4WcSAJCYJH1eXQcxG5vVUwKAqY
njloof
Member
**
Offline Offline

Activity: 75


View Profile
June 03, 2011, 06:19:24 PM
 #4

Possible remedies:

- Many more pools
- More private/hidden pools
- Back to solo mining
BombaUcigasa
Legendary
*
Offline Offline

Activity: 1414



View Profile
June 03, 2011, 07:30:13 PM
 #5

DDoSing all pools would require even more lots of (expensive) botnet members. I'm not sure if this pays off.

Cost to prevent bitcoin mining < Cost to mine bitcoins
supa
Jr. Member
*
Offline Offline

Activity: 42


View Profile
June 03, 2011, 07:33:39 PM
 #6


Take the opportunity to study and understand the impact on a project like BitCoin? Smiley

The purpose of a decentralized authority is to prevent control (including destroying) that centralized authority.

If you all want to create a synthetic centralized authority in BitCoin - keep your priority in mining pools and profit rather than the fundamentals of the project.  It's an easy target for DDoS. Smiley


KnuttyD
Member
**
Offline Offline

Activity: 110



View Profile
June 03, 2011, 07:41:03 PM
 #7

DDoSing all pools would require even more lots of (expensive) botnet members. I'm not sure if this pays off.

Cost to prevent bitcoin mining < Cost to mine bitcoins

Expensive botnet members?
I can buy 1000 bots for 100$ or less, and have em DDoS for me.
Even cheaper if I write my own bot, which is not very difficult (even a FUD one).

If a botnet owner w/ around 15000 zombies (not very uncommon) wanted to mine coins, by golly he could. Set 7500 of em to CPU mining, the other 7500 to DDoS'ing the pools with bad packets.

If I helped you in some way, and you feel obligated to do so, you can tip me some coin!
1KVadqbELY3KuJhkm9rDtcwxZknhRsfPHY
KedP
Jr. Member
*
Offline Offline

Activity: 45

^_^;


View Profile WWW
June 03, 2011, 10:33:02 PM
 #8

This is happening all the time too.

Like my post: 1DvQzs6zaE4HR2gjRRDd6dfu6mJJaCQv7Z
bcpokey
Sr. Member
****
Offline Offline

Activity: 462


View Profile
June 03, 2011, 10:42:06 PM
 #9

We should do about DDoSing what everyone should do about DDoSing.

If I upload/download a britney spears song via a torrent I can potentially be liable for tens of thousands of dollars in "potential lost revenue" after my ISP surrenders all my information, but if a real functioning entity is actually prevented from having an online presence on the internet because my connection is part of a collective effort to bombard it off the internet, that's no problem?

Should start a lobby to get ISPs to knock zombie machines off the network until they can pass a scan showing they are no longer infected. Yes I know there's lots of international stuff too, doesn't seem a difficult program to institute worldwide.
Jack of Diamonds
Sr. Member
****
Offline Offline

Activity: 252



View Profile
June 03, 2011, 10:49:31 PM
 #10

If a botnet owner w/ around 15000 zombies (not very uncommon) wanted to mine coins, by golly he could. Set 7500 of em to CPU mining, the other 7500 to DDoS'ing the pools with bad packets.

That's still a relatively pathetic payout, given that most computers in botnets are compromised windows XP machines running old amd semprons and celerons/p4's or worse. They will output maybe 100-200khash per second or less with the average skewing up a bit by infected machines that run modern processors capable of mhash performance.

Even in an optimistic scenario the owner is wasting his botnet capacity and risking detection due to high CPU usage by end users, who despite being technically limited, will notice their computer coming down to a crawl.

1f3gHNoBodYw1LLs3ndY0UanYB1tC0lnsBec4USeYoU9AREaCH34PBeGgAR67fx
grue
Global Moderator
Legendary
*
Offline Offline

Activity: 1932



View Profile
June 03, 2011, 10:52:00 PM
 #11

If a botnet owner w/ around 15000 zombies (not very uncommon) wanted to mine coins, by golly he could. Set 7500 of em to CPU mining, the other 7500 to DDoS'ing the pools with bad packets.

That's still a relatively pathetic payout, given that most computers in botnets are compromised windows XP machines running old amd semprons and celerons/p4's or worse. They will output maybe 100-200khash per second or less with the average skewing up a bit by infected machines that run modern processors capable of mhash performance.

Even in an optimistic scenario the owner is wasting his botnet capacity and risking detection due to high CPU usage by end users, who despite being technically limited, will notice their computer coming down to a crawl.
botnetserver.exe to low priority Tongue

It is pitch black. You are likely to be eaten by a grue.

Tired of annoying signature ads? Ad block for signatures
jasonk
Full Member
***
Offline Offline

Activity: 154


View Profile
June 03, 2011, 10:52:46 PM
 #12

I think the best solution is having multiple pool fail overs.

We've seen DDOS's happen to a couple pools at once, but rarely more than that.

I'm not sure how you'd set up your miners, but there has to be a good solution to have 3 pools set up so if pool A goes down, goes to pool B, then to pool C.

Quite unlikely that all 3 pools would be down at the same time...

Like my post?  Consider giving me a tip! =)

1HSj4CoNarcJ2B8Mi2EY6AtDWkUemYTWkQ
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!