slush (OP)
Legendary
Offline
Activity: 1386
Merit: 1097
|
|
October 20, 2011, 12:35:27 AM |
|
For all pool users: This attack is worse than attacks before. Actually it's probably a tenth DDoS to pool in it's almost year history (I didn't counted them carefully and you probably even don't know about small attacks which I was able to handle somehow without public attention).
This attack is worse because Linode LLC, server provider for pool infrastructure, frozen my account for periodical violation of their ToS. I can access pools servers, but I was asked to not start another balancers with public IP because those attacks are harming datacenter infrastructure.
It means that I cannot start pool at this infrastructure and I need to find another provider. Which is pretty hard once I start asking to their anti DDoS policies. Back in July I was in touch with Rackspace, company providing custom solutions for big enterprises and even they told me that they cannot handle such large scale attack for some reasonable price (we're talking about thousands of US dolars monthly just for anti-DDoS protection). Posts of some users above are really naive, there's NO way how to handle those attacks just by banning some subnets.
Fighting attacks become much worse with falling bitcoin price, because even if I have 1/3 of all network hashrate and 2% fee I simply cannot pay for any real solution which really helps to handle attacks. Last week I tried to use services of one DDoS mitigation company (the same as deepbit is using), but they had pretty high ratio of false positives, so although I paid them big money for a single day protection, almost 40% of users were still unable to mine on the pool. So this isn't the way to go.
Since tomorrow I'll try harder to find any server provider which at least don't shut down pool infrastructure on first DDoS attack, but I cannot promise that I'll succeed. There's no point in running a service which is every week for one day offline thanks to attacks.
So far it's 1:0 for attackers. However I don't want to capitulate too easily; I spent insane amount of time and energy in inventing and running my pool and I don't want to simply disappear, because I really believe in long-term Bitcoin success (small note: people, don't get scared with current panic on market, it's just an oposite of July's insane price peak). I "invented" (maybe it's better to say "realized") first really usable and widely used Bitcoin pool ever and now I feel again that I'm on the track of another innovation of Bitcoin mining, which will be DDoS resistant yet easy to use and with steady payouts like normal share based pools.
Technical note: Because the downtime of mining.bitcoin.cz will be probably more significant than anytime before, I'll wait until all mined blocks will be matured and then will send all balances of users to their wallets. Don't worry, I'm not running away with your hardly mined coins!
|
|
|
|
naypalm
Legendary
Offline
Activity: 1272
Merit: 1012
howdy
|
|
October 20, 2011, 12:49:43 AM |
|
Thank you for looking into this, you've always been quick at solving problems with the pool and I am certain you will find a solution.
|
|
|
|
BitterTea
|
|
October 20, 2011, 01:05:11 AM |
|
now I feel again that I'm on the track of another innovation of Bitcoin mining, which will be DDoS resistant yet easy to use and with steady payouts like normal share based pools
Something along the lines of p2pool, or another peer to peer mining pool? I feel that such a pool is going to be huge for bitcoin security and trustworthiness.
|
|
|
|
allinvain
Legendary
Offline
Activity: 3080
Merit: 1080
|
|
October 20, 2011, 01:08:50 AM |
|
slush I hope you come back! Your pool was the first pool I mined for and I've been using your pool ever since even though many times I could've moved to pools that offer 0% fees.
If it's something along the lines of p2pool that would be super cool.
Wishing you the best!
|
|
|
|
Keninishna
|
|
October 20, 2011, 01:11:40 AM |
|
Everyone is welcome to come slush around in our pool for asspennies.
|
|
|
|
dishwara
Legendary
Offline
Activity: 1855
Merit: 1016
|
|
October 20, 2011, 01:16:25 AM |
|
Slush: What abt this? He too not fitting your budget or policy? Tycho,
PM me if I can help you by hosting a box for you here at an AT&T data center.
We have DDoS protection on our Internet connection.
|
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
October 20, 2011, 01:44:09 AM |
|
I do believe the long term future of mining is technology like p2pool. Looking at the protocol I think it would be possible to use p2pool to form distributed getwork and validation "engine" and still have a conventional front end for reward issuance (which would provide for alternative payout arrangements; score based, PPLNS, PPS, etc).
I feel really bad for you Slush. It is obvious you have put your heart and soul into this pool. To have it taken down by a cowardly enemy that has massive numerical superiority is sad.
|
|
|
|
cablepair
|
|
October 20, 2011, 01:44:51 AM |
|
a) to the person that coined the Bitcoin term "asspenny" I hate you.
b) It's ridiculous to think one pool owner is responsible for all of these attacks
c) Slush, I love you man. You were the first pool I ever mined on way back when dont give up brother!
d) I honestly think that these denial of service attacks are coming from people that hate Bitcoin and consider this to be an opportune time to destroy it, the values are so low they think they can make wipe us out completely by doing this. I do not believe its an angry botnet owner who's only motivation is revenge, as a psychologist this does not make since to me, someone who owns a Bitcoin mining botnet is motivated by money and he is losing money like everyone else right now. Also the person that is holding down all these pools has tremendous bandwidth at his disposal. It's almost as if this is a sponsored attack by someone that has some serious (legit?) FIRE POWER. If it were a hacker - This kind of attack would require a great deal of rooted *nix boxes to accomplish this.
|
|
|
|
cbeast
Donator
Legendary
Offline
Activity: 1736
Merit: 1014
Let's talk governance, lipstick, and pigs.
|
|
October 20, 2011, 01:54:37 AM |
|
a) to the person that coined the Bitcoin term "asspenny" I hate you.
b) It's ridiculous to think one pool owner is responsible for all of these attacks
c) Slush, I love you man. You were the first pool I ever mined on way back when dont give up brother!
d) I honestly think that these denial of service attacks are coming from people that hate Bitcoin and consider this to be an opportune time to destroy it, the values are so low they think they can make wipe us out completely by doing this. I do not believe its an angry botnet owner who's only motivation is revenge, as a psychologist this does not make since to me, someone who owns a Bitcoin mining botnet is motivated by money and he is losing money like everyone else right now. Also the person that is holding down all these pools has tremendous bandwidth at his disposal. It's almost as if this is a sponsored attack by someone that has some serious (legit?) FIRE POWER. If it were a hacker - This kind of attack would require a great deal of rooted *nix boxes to accomplish this.
a - agreed b - I concur c - amen brother d - I'd like to see a discussion of the magnitude of this attack.
|
Any significantly advanced cryptocurrency is indistinguishable from Ponzi Tulips.
|
|
|
tinman951
|
|
October 20, 2011, 01:58:46 AM |
|
d) I honestly think that these denial of service attacks are coming from people that hate Bitcoin and consider this to be an opportune time to destroy it, the values are so low they think they can make wipe us out completely by doing this. I do not believe its an angry botnet owner who's only motivation is revenge, as a psychologist this does not make since to me, someone who owns a Bitcoin mining botnet is motivated by money and he is losing money like everyone else right now. Also the person that is holding down all these pools has tremendous bandwidth at his disposal. It's almost as if this is a sponsored attack by someone that has some serious (legit?) FIRE POWER. If it were a hacker - This kind of attack would require a great deal of rooted *nix boxes to accomplish this.
What if it is the banking industry backed by the US government? While I don't really wonder about this it would be the people who hate bitcoin the most.
|
|
|
|
Keninishna
|
|
October 20, 2011, 02:29:56 AM |
|
Haters gonna hate.
|
|
|
|
sharky112065
|
|
October 20, 2011, 03:05:56 AM |
|
I have very strong evidence that btcguild.com is somehow related to those DDoS attacks to my pool and deepbit. I'll write later.
For now pool is down and won't be up today. I'm really sorry for downtime, but today it is more serious than before. However I'm solving it, as usually.
I'm pretty sure an apology will or at least should be coming from you soon. I understand your frustration but finger pointing without posting strong evidence is just wrong.
|
Donations welcome: 12KaKtrK52iQjPdtsJq7fJ7smC32tXWbWr
|
|
|
c_k
Donator
Full Member
Offline
Activity: 242
Merit: 100
|
|
October 20, 2011, 04:27:23 AM |
|
Since tomorrow I'll try harder to find any server provider which at least don't shut down pool infrastructure on first DDoS attack, but I cannot promise that I'll succeed. There's no point in running a service which is every week for one day offline thanks to attacks.
Have a look at the hosting offered by both awknet ( http://www.awknet.com/ ) and blacklotus ( http://www.blacklotus.net/ )
|
|
|
|
sd
|
|
October 20, 2011, 04:51:30 AM |
|
There are three ways I know of to beat a DDOS:
1. Buy a bigger pipe - not viable.
2. Change IP so often they can't keep up - maybe viable, likely not.
3. Peer to peer infrastructure so they have no target - should work.
|
|
|
|
eleuthria
Legendary
Offline
Activity: 1750
Merit: 1007
|
|
October 20, 2011, 04:55:08 AM |
|
Since tomorrow I'll try harder to find any server provider which at least don't shut down pool infrastructure on first DDoS attack, but I cannot promise that I'll succeed. There's no point in running a service which is every week for one day offline thanks to attacks.
Have a look at the hosting offered by both awknet ( http://www.awknet.com/ ) and blacklotus ( http://www.blacklotus.net/ ) There's an issue with Awknet (I used them). Their DDoS protection is okay, but the problem is their filtering kicks in based on high volume packet situations. BTC Guild started at Awknet, and we had to request they turn the DDoS filters off back when we were much smaller because if the pool went down for even a few minutes, the PPS rates due to miner reconnect spam would kick in the DDoS filter, making the server practically impossible to connect to. I'm sure it would work fine for some traditional DDoS tactics, but all the DDoSer has to do is spam connections to port 8332 as if it were a bunch of miners. There is no easy way to decipher what traffic should come through and what shouldn't in that situation.
|
RIP BTC Guild, April 2011 - June 2015
|
|
|
sd
|
|
October 20, 2011, 05:01:41 AM |
|
What if it is the banking industry backed by the US government? While I don't really wonder about this it would be the people who hate bitcoin the most.
That's ludicrous and I'll tell you why. If the banking industry and/or the US government wanted to take down BitCoin pools they would buy time on all the big botnets and we would be seeing a much bigger attack for an extended period. They would hit us so hard we would have no pools left. This looks more like the hit them hard for a short period attack botnet herders use to extract protection money from on-line casinos.
|
|
|
|
finway
|
|
October 20, 2011, 05:10:53 AM |
|
WTF!
|
|
|
|
|
[Tycho]
|
|
October 20, 2011, 05:59:11 AM |
|
Sad to see, hosting at blacklotus could probably have handled the problems Well, may be after some REALLY deep tuning. I already tried them and it was somewhat not suiting my needs.
|
Welcome to my bitcoin mining pool: https://deepbit.net - Both payment schemes (including PPS), instant payout, no invalid blocks ! ICBIT Trading platform : USD/BTC futures trading, Bitcoin difficulty futures ( NEW!). Third year in bitcoin business.
|
|
|
cosurgi
|
|
October 20, 2011, 11:54:25 AM |
|
Technical note: Because the downtime of mining.bitcoin.cz will be probably more significant than anytime before, I'll wait until all mined blocks will be matured and then will send all balances of users to their wallets. Don't worry, I'm not running away with your hardly mined coins!
|
|
|
|
|