molecular
Donator
Legendary
Offline
Activity: 2772
Merit: 1019
|
|
November 10, 2012, 09:54:38 PM |
|
DoS attacks are really easy against Tor hidden services. The service can't block the attacker because all clients are anonymous. Tor hidden service introduction points can sometimes also be DoS-attacked. I wouldn't use Tor to run a site like this.
what would you use to run a site like that?
|
PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0 3F39 FC49 2362 F9B7 0769
|
|
|
lucif
Sr. Member
Offline
Activity: 462
Merit: 250
Clown prophet
|
|
November 10, 2012, 10:06:25 PM |
|
DoS attacks are really easy against Tor hidden services. The service can't block the attacker because all clients are anonymous. Tor hidden service introduction points can sometimes also be DoS-attacked. I wouldn't use Tor to run a site like this.
Sorry, but its a bullshit. ddos attacks on Tor isnt effective because of connection latency (ping is from 1 up to infinity seconds). Defending from attacking bots making 1 connection per second isnt a problem. The problem is to run Tor software on large botnet for attacker.
|
|
|
|
ElectricMucus
Legendary
Offline
Activity: 1666
Merit: 1057
Marketing manager - GO MP
|
|
November 10, 2012, 10:41:16 PM |
|
Tor should protect against certain DDOS attacks but certainly not all of them.
Usually a DDOS exploits the resources allocated by the webserver not the IP stack because it provides a larger area of attack.
|
|
|
|
notme
Legendary
Offline
Activity: 1904
Merit: 1002
|
|
November 10, 2012, 10:42:35 PM |
|
DoS attacks are really easy against Tor hidden services. The service can't block the attacker because all clients are anonymous. Tor hidden service introduction points can sometimes also be DoS-attacked. I wouldn't use Tor to run a site like this.
Sorry, but its a bullshit. ddos attacks on Tor isnt effective because of connection latency (ping is from 1 up to infinity seconds). Defending from attacking bots making 1 connection per second isnt a problem. The problem is to run Tor software on large botnet for attacker. Sorry, but that's bullshit. Latency does not make one lick of difference if one physical computer can create as many simultaneous requests as it is capable of sending with no way for the server to detect they are from the same machine. Now imagine 1,000 such machines and you have a very small botnet taking out silkroad.
|
|
|
|
theymos
Administrator
Legendary
Offline
Activity: 5404
Merit: 13498
|
|
November 10, 2012, 10:48:51 PM |
|
What would you suggest? I2P, Freenet?
Freenet is probably the best, though I'm not confident enough in its security to use it for anything serious. I like the design of GNUnet a lot, but the software sucks. I2P or Tor with a distributed data store would be good. I wouldn't run a site like this at all with the currently available tools.
|
1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
|
|
|
niko
|
|
November 10, 2012, 11:07:54 PM |
|
SR volume is a tiny fraction of Bitcoin economy. There are convincing estimates based on the academic study of SR published about four months ago.
I call bullshit on that. If you were writing the truth you'd cite that study in detail. But you didn't. Two million per month. http://arxiv.org/pdf/1207.7139v1.pdfThat, and welcome to my "ignore" list.
|
They're there, in their room. Your mining rig is on fire, yet you're very calm.
|
|
|
BC12345
Newbie
Offline
Activity: 57
Merit: 0
|
|
November 10, 2012, 11:20:15 PM Last edit: November 14, 2012, 12:55:34 AM by Maged |
|
Relax:
http://(link to SR forum removed)/index.php?topic=70572.0
Quote from the SR forum:
"I am so sorry to leave you guys hanging for so long wondering what is going on with the site today. Let me just make everything clear and reassure you all that Silk Road has NOT been compromised, DPR has NOT been busted, and EVERYTHING IS OKAY!
Yes, we are having some technical difficulties. We have been making some serious overhauls and changes to the system, server, and website. While I cannot tell you exactly what is wrong today, I can assure you that we will fix it and have it back up soon. By soon, I mean I would be shocked if we didn't have it back up by Monday.
Please, I beg of you, don't start spreading any unnecessary rumors that will surely stir up chaos, fear, and confusion amongst out community.
..."
|
|
|
|
ElectricMucus
Legendary
Offline
Activity: 1666
Merit: 1057
Marketing manager - GO MP
|
|
November 10, 2012, 11:38:57 PM |
|
SR volume is a tiny fraction of Bitcoin economy. There are convincing estimates based on the academic study of SR published about four months ago.
I call bullshit on that. If you were writing the truth you'd cite that study in detail. But you didn't. Two million per month. http://arxiv.org/pdf/1207.7139v1.pdfThat, and welcome to my "ignore" list. Too bad you didn't read my response, since somebody went ahead and linked it before you. But anyway: If you read this... you are doing it wrong.. harharhar (seriously I like to be on your ignore list and stay on it if you are that ignorant)
|
|
|
|
AndrewBUD
|
|
November 11, 2012, 12:49:08 AM |
|
What would you suggest? I2P, Freenet?
Freenet is probably the best, though I'm not confident enough in its security to use it for anything serious. I like the design of GNUnet a lot, but the software sucks. I2P or Tor with a distributed data store would be good. I wouldn't run a site like this at all with the currently available tools. I would bet dude's making a nice chunk of "Coins" doing it......
|
|
|
|
| 365 | TM | | | | EZ365 is a digital ecosystem that combines the best aspects of online gaming, cryptocurrency trading and blockchain education. ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ | | ..WHITEPAPER.. ..INVESTOR PITCH..
| | | | .'M████▀▀██ ██ W█Ws'V██ ██▄▄███▀▀█ i█████m.~M████▀▀██ ███ d███████Ws'V██ ██████ ****M██████m.~███f~~__mW█ ██▀▀▀████████= Y██▀▀██W ,gm███████ g█████▄▄▄██ █A~`_WW Y█ ██!,████████ g▀▀▀███ ████▀▀`_m████i!████P W███ ██ _███▄▄▄██▀▀▀███Af`_m███ █W ███A ]███ ██ __ ~~~▀▀▀▀▄▄▄█*f_m██████ ██i!██!i███████ Y█████▄▄▄▄__. i██▀▀▀██████████ █!,██████ 8█ █▀▀█████.!██ ██████████i! █████ '█ █ █ █W M█▄▄▄██████ ██ !██ !███▄▄█ ██i'██████████ ██ Y███████████.]██████████████ █ ███████b ███ ██████ Y █ █▀▀█i!██ ████ V███ █ █W Y█████ ~~▀███▄▄▄█['███ ~~*██ | | Play | | | | │ │ ███ │ ███ │ ███ │ │ ███ ███ │ ███ ███ ███ ███ │ ███ ███ ███ ███ ███ ███ ███ ███ ███ │ │ ███ ███ │ │ │ │ │ | | Trade | | | | __▄▄████▄▄ __▄▄███████████████▄▄▄ _▄▄█████████▀▀~`,▄████████████▄▄▄ ~▀▀████▀▀~`,_▄▄███████████████▀▀▀ d█~ =▀███████████████▀▀ ]█! m▄▄ '~▀▀▀████▀▀~~ ,_▄▄ ,W█. *████▄▄__ ' __▄▄█████ !██P █████████████████████ W█. - ██████████████████▀ i██[ ~ ▀▀█████████▀▀▀ g███! Y███ | | Learn |
[/tabl
|
|
|
Spekulatius
Legendary
Offline
Activity: 1022
Merit: 1000
|
|
November 11, 2012, 02:55:34 AM |
|
"How long till we tank?"
Probably till DPR or someone with say announces some serious trouble (like that they were busted, hacked, decided to run with the purse,..) or till 1 week without communication of any officials and no uptime, my guess.
|
|
|
|
thebaron (OP)
|
|
November 11, 2012, 03:19:28 AM |
|
It just realized that sellers are unable to dump their coins on the market too. I assume most of their coins are sold off-exchange, so as that market dries up for those coin buyers they may seek on-exchange purchases. Makes me wonder if it could actually make the market go up, hmm.
|
|
|
|
ElectricMucus
Legendary
Offline
Activity: 1666
Merit: 1057
Marketing manager - GO MP
|
|
November 11, 2012, 03:21:47 AM |
|
It just realized that sellers are unable to dump their coins on the market too. I assume most of their coins are sold off-exchange, so as that market dries up for those coin buyers they may seek on-exchange purchases. Makes me wonder if it could actually make the market go up, hmm.
It's a zero sum game besides the fundamental effect since most SR costumers buy their BTC and immediately spend them.
|
|
|
|
SistaS0uljah
Newbie
Offline
Activity: 43
Merit: 0
|
|
November 12, 2012, 08:53:58 AM |
|
DoS attacks are really easy against Tor hidden services. The service can't block the attacker because all clients are anonymous. Tor hidden service introduction points can sometimes also be DoS-attacked. I wouldn't use Tor to run a site like this.
what would you use to run a site like that? I'd use i2p if Tor was compromised. Setting up i2p is only a little more challenging than downloading Tor tools, since these are usually pre-configured for the user. I2P requires some study to understand how it works and how to use it, and a lot of i2p services are hacked together from different projects, so they take some effort to learn how to use them effectively. This can also make i2p seem significantly more secure, so it seems like a logical place to launch a service similar to SR. Getting vendors to sign on to an eepsite instead of an onion website is the real challenge, but when there is a market niche to fill, smart entrepreneurs will step up to the challenge.
|
|
|
|
smoothie
Legendary
Offline
Activity: 2492
Merit: 1491
LEALANA Bitcoin Grim Reaper
|
|
November 12, 2012, 08:56:03 AM |
|
NEVER!
|
███████████████████████████████████████
,╓p@@███████@╗╖, ,p████████████████████N, d█████████████████████████b d██████████████████████████████æ ,████²█████████████████████████████, ,█████ ╙████████████████████╨ █████y ██████ `████████████████` ██████ ║██████ Ñ███████████` ███████ ███████ ╩██████Ñ ███████ ███████ ▐▄ ²██╩ a▌ ███████ ╢██████ ▐▓█▄ ▄█▓▌ ███████ ██████ ▐▓▓▓▓▌, ▄█▓▓▓▌ ██████─ ▐▓▓▓▓▓▓█,,▄▓▓▓▓▓▓▌ ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▌ ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓─ ²▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓╩ ▀▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▀ ²▀▀▓▓▓▓▓▓▓▓▓▓▓▓▀▀` ²²² ███████████████████████████████████████
| . ★☆ WWW.LEALANA.COM My PGP fingerprint is A764D833. History of Monero development Visualization ★☆ . LEALANA BITCOIN GRIM REAPER SILVER COINS. |
|
|
|
Rudd-O
Newbie
Offline
Activity: 56
Merit: 0
|
|
November 12, 2012, 09:34:25 AM |
|
(seriously I like to be on your ignore list and stay on it if you are that ignorant)
You are now on my ignore list too, because you respond to good arguments with verbal abuse, condescension and anger, and we all here need to see less of your behavior.
|
|
|
|
ElectricMucus
Legendary
Offline
Activity: 1666
Merit: 1057
Marketing manager - GO MP
|
|
November 12, 2012, 10:25:46 PM |
|
(seriously I like to be on your ignore list and stay on it if you are that ignorant)
You are now on my ignore list too, because you respond to good arguments with verbal abuse, condescension and anger, and we all here need to see less of your behavior. No I'm not, but again since you responded to me, you are doing it wrong. But one thing: Please continue posting with this account so that you receive an "established member" status and I receive my ignore point.
|
|
|
|
ElectricMucus
Legendary
Offline
Activity: 1666
Merit: 1057
Marketing manager - GO MP
|
|
November 12, 2012, 10:31:33 PM Last edit: November 12, 2012, 10:42:13 PM by ElectricMucus |
|
NEVER! Because it will tank slowly since if SR would be gone for good people would still believe it would come back up eventually. Sorry if I spoiled it now
|
|
|
|
niko
|
|
November 12, 2012, 11:29:18 PM |
|
If it continues to be down, this weekend? Next week?
Not sure if SR is still down, but btc exchange rate has increased almost 4% since this thread started.
|
They're there, in their room. Your mining rig is on fire, yet you're very calm.
|
|
|
Micon
Legendary
Offline
Activity: 1232
Merit: 1014
FPV Drone Pilot
|
|
November 13, 2012, 02:25:26 PM |
|
prolly gonna be fine / page is loading / or DEA took 3 days to install pots and fill them with honey: IMO everything seems fine on DPR's ship.
|
|
|
|
MysteryMiner
Legendary
Offline
Activity: 1526
Merit: 1049
Death to enemies!
|
|
November 13, 2012, 07:52:47 PM |
|
DoS attacks are really easy against Tor hidden services. The service can't block the attacker because all clients are anonymous. Tor hidden service introduction points can sometimes also be DoS-attacked. I wouldn't use Tor to run a site like this.
Theymos You shocked me! Where You will host Silk Road if not Tor for it to not be found and taken down? Freenet, I2P? The .onion server cannot block the anonymous traffic, but also the attackers cannot utilize several orders of magnitude superior bandwidth because they are forced to use Tor and nodes have varying speeds. They can set up own nodes and force Tor to connect though them but even then only the guard nodes will be DDoSed. With clearnet server also the blocking helps only partially. With powerful enough botnet the upstream links will fail. If someone set us up the botnet, we are on our way to destruction
|
bc1q59y5jp2rrwgxuekc8kjk6s8k2es73uawprre4j
|
|
|
|