Bitcoin Forum
December 10, 2016, 10:40:16 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Poll
Question: What type of pool payouts do you prefer?
Bitcoins - 3160 (80.5%)
Bank transfer / USD - 407 (10.4%)
Gold/silver coins and bars - 359 (9.1%)
Total Voters: 3924

Pages: « 1 ... 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 [203] 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 ... 1105 »
  Print  
Author Topic: [40+ PH] SlushPool (slushpool.com); World's First Mining Pool  (Read 3933547 times)
FoxMURDER
Jr. Member
*
Offline Offline

Activity: 49


View Profile
October 20, 2011, 02:47:45 PM
 #4041

using infected hardware

Infected HARDware? That's just... devious.
do infected computers sound a little less devious? Smiley
1481409616
Hero Member
*
Offline Offline

Posts: 1481409616

View Profile Personal Message (Offline)

Ignore
1481409616
Reply with quote  #2

1481409616
Report to moderator
1481409616
Hero Member
*
Offline Offline

Posts: 1481409616

View Profile Personal Message (Offline)

Ignore
1481409616
Reply with quote  #2

1481409616
Report to moderator
1481409616
Hero Member
*
Offline Offline

Posts: 1481409616

View Profile Personal Message (Offline)

Ignore
1481409616
Reply with quote  #2

1481409616
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481409616
Hero Member
*
Offline Offline

Posts: 1481409616

View Profile Personal Message (Offline)

Ignore
1481409616
Reply with quote  #2

1481409616
Report to moderator
1481409616
Hero Member
*
Offline Offline

Posts: 1481409616

View Profile Personal Message (Offline)

Ignore
1481409616
Reply with quote  #2

1481409616
Report to moderator
sadpandatech
Hero Member
*****
Offline Offline

Activity: 504



View Profile
October 20, 2011, 02:59:07 PM
 #4042

The problem is that the way many miners work is very similar to a DDoS if they're targetting your mining port while the server is unresponsive.  It's amazing how many people still use old miners that will reconnect with almost no delay, making it effectively a mini DDoS client when the pool is being attacked and having stability issues.
well, solution to this part is quite easy ... upgrade or get banned ...
I'd even suggest to setup some kind of miner "RFC" saying how many connects per second is still ok. If enough pool admins agree on this and enforce it right away, ppl will force programmers to fix broken miners and users to update.

  I like this solution and think some adaption could be used very effectivly.  As stated though, your idea would only burden the botnet OP in having to send out an updated miner to his zombies. Not much hassle really.
  A much stronger solution could be two fold or a combo of one or the other of the following;

  1. Force accounts to email-auth and only allow so many workers per account.
  2. Force a unique ID appended to worker login per worker and only allow so many connections per ID / period of time that works best for your getwork frequency.

  The forced ID would make it impossible for a botnet OP to make one account and use the same ID for all his zombies. The server would allow the first few in and then POOF, connection limit and out he goes. The catch being, at what lvl of your network can you impliment the ID checking so it does not get DDosed? A good filter at upstream side that checked the packets for ID and would /null any packets from marked ID after so many connections per time period would probably be quite effective..  Could even be set in place at server side lvl if you have custom traffic shapping equip in place.

  All I know is something has got to give and I am sadly not in a posistion to offer out more than vague ideas. :/  I have to give mad props to you guys, Slush, Eleuth, etc who are dealing with this crap, as I know there are really only two real solutions to keep operating. Throw lots of time and energy at it or throw lots of money at it. Both of which are rare commodities with such a venture. I for one will back whatever decisions you employ to make it work for you!

  Cheers

If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
FoxMURDER
Jr. Member
*
Offline Offline

Activity: 49


View Profile
October 20, 2011, 03:14:07 PM
 #4043

sadpanda: This two-line solution was meant as a reaction to eleuth saying that fast reconnecting miners can DoS the pool.
I'm afraid that dealing with zombiemining is way harder ...

Another partial solution to DDoS screening would be pretty much what you suggest - TCP Syncookie like system - which i'm afraid, miners would have to support. This still gets me back to the idea that biggest pool operators should unite (they all seem reasonable guys) and set some kind of standard for miners which they all will enforce. Pretty much the way internet RFCs work - there is no 'legal' enforcing, but if you want to connect to common sites, you have to abide, because that's what most expect ...
DiabloD3
Legendary
*
Offline Offline

Activity: 1162


DiabloMiner author


View Profile WWW
October 20, 2011, 03:15:54 PM
 #4044

For all pool users: This attack is worse than attacks before. Actually it's probably a tenth DDoS to pool in it's almost year history (I didn't counted them carefully and you probably even don't know about small attacks which I was able to handle somehow without public attention).

This attack is worse because Linode LLC, server provider for pool infrastructure, frozen my account for periodical violation of their ToS. I can access pools servers, but I was asked to not start another balancers with public IP because those attacks are harming datacenter infrastructure.

It means that I cannot start pool at this infrastructure and I need to find another provider. Which is pretty hard once I start asking to their anti DDoS policies. Back in July I was in touch with Rackspace, company providing custom solutions for big enterprises and even they told me that they cannot handle such large scale attack for some reasonable price (we're talking about thousands of US dolars monthly just for anti-DDoS protection). Posts of some users above are really naive, there's NO way how to handle those attacks just by banning some subnets.

Fighting attacks become much worse with falling bitcoin price, because even if I have 1/3 of all network hashrate and 2% fee I simply cannot pay for any real solution which really helps to handle attacks. Last week I tried to use services of one DDoS mitigation company (the same as deepbit is using), but they had pretty high ratio of false positives, so although I paid them big money for a single day protection, almost 40% of users were still unable to mine on the pool. So this isn't the way to go.

Since tomorrow I'll try harder to find any server provider which at least don't shut down pool infrastructure on first DDoS attack, but I cannot promise that I'll succeed. There's no point in running a service which is every week for one day offline thanks to attacks.

So far it's 1:0 for attackers. However I don't want to capitulate too easily; I spent insane amount of time and energy in inventing and running my pool and I don't want to simply disappear, because I really believe in long-term Bitcoin success (small note: people, don't get scared with current panic on market, it's just an oposite of July's insane price peak). I "invented" (maybe it's better to say "realized") first really usable and widely used Bitcoin pool ever and now I feel again that I'm on the track of another innovation of Bitcoin mining, which will be DDoS resistant yet easy to use and with steady payouts like normal share based pools.

Technical note: Because the downtime of mining.bitcoin.cz will be probably more significant than anytime before, I'll wait until all mined blocks will be matured and then will send all balances of users to their wallets. Don't worry, I'm not running away with your hardly mined coins!

Just switch to RapidXen. Rapidxen's specialty is dealing with DDoS magnets, and they're a shitload better than Linode.

sadpandatech
Hero Member
*****
Offline Offline

Activity: 504



View Profile
October 20, 2011, 03:57:00 PM
 #4045

sadpanda: This two-line solution was meant as a reaction to eleuth saying that fast reconnecting miners can DoS the pool.
I'm afraid that dealing with zombiemining is way harder ...

Another partial solution to DDoS screening would be pretty much what you suggest - TCP Syncookie like system - which i'm afraid, miners would have to support. This still gets me back to the idea that biggest pool operators should unite (they all seem reasonable guys) and set some kind of standard for miners which they all will enforce. Pretty much the way internet RFCs work - there is no 'legal' enforcing, but if you want to connect to common sites, you have to abide, because that's what most expect ...

  Definetly agree on the TCP syn system..  But the 2 line solution would be effective for both Zombie mining, and most asuredly zombie port slapping. At the very basics, I would assume the zombies that are straight port dossing would have much differnt packet size, structure, etc than legit getwork responses. I don't see how a forced ID on workers would not solve that. I.e. only packets that came into the port with said ID attached would be allowed. All others would be /nulled.

  Mind you, I have not had to deal with custom built filtering solutions for some years now so am not abreast to how slack that has become with modern upstreams making it harder, or hosting services more complacent with upstreams offering 'pre-built' filtering packages for sale, etc. Back in my day we had much easier access to our upstream sides to deploy custom measures for such things...... Just one more example of 'Big Business Protection' measures screwing over the lil guy with current models, imho....


  Cheers

If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
dishwara
Legendary
*
Offline Offline

Activity: 1386

Truth may get delay, but NEVER fails


View Profile
October 20, 2011, 04:01:47 PM
 #4046

I received my bitcoins from my account with more than 60+ confirmations.
But not name coins.
I hope others too got their bitcoins.
All others namecoins also not received?
slush
Legendary
*
Offline Offline

Activity: 1358



View Profile WWW
October 20, 2011, 04:08:28 PM
 #4047

All others namecoins also not received?

I didn't process all payments yet; I was waiting untill all blocks mature, which happen before few hours. I'll pay out also namecoins, of course.

thehairymob
Full Member
***
Offline Offline

Activity: 132


View Profile WWW
October 20, 2011, 04:23:40 PM
 #4048

I hope you find a way to come back from this Slush as I did like mining withat your pool. I've move over to Ars for now but it will take some to get used too. I keep tabs on this thread to see when your back up and running. Smiley
digital
Hero Member
*****
Offline Offline

Activity: 490


View Profile
October 20, 2011, 04:48:58 PM
 #4049

I keep tabs on this thread to see when your back up and running. Smiley

+1

If I help you out: 17QatvSdciyv2zsdAbphDEUzST1S6x46c3
References (bitcointalk.org/index.php?topic=): 50051.20  50051.100  53668.0  53788.0  53571.0  53571.0  52212.0  50729.0  114804.0  115468  78106  69061  58572  54747
dishwara
Legendary
*
Offline Offline

Activity: 1386

Truth may get delay, but NEVER fails


View Profile
October 20, 2011, 04:55:40 PM
 #4050

I keep tabs on this thread to see when your back up and running. Smiley

+1

+100's
Sargasm
Member
**
Offline Offline

Activity: 112


View Profile
October 20, 2011, 05:18:28 PM
 #4051

Slush... I have an idea...

Soooo...

Basically, you have a problem with public addresses for your pool.

If only you could ensure that no one knew how to find your pool unless they had trust... you could just use a static IP and have people mine there.

Here is one REALLY good litmus to determine whether or not a user should have trust... hashing.

If you pull from your DB of users, those who have hashed over a certain amount in the last couple weeks for instance... you could tell with a degree of certainty that these are all trusted people.

So... then you email all those users (I would be one of these people)...

Just email a private ip for the server to those users... or perhaps a domain name whatever... just something you don't post on here.

Sure, you'll lose a lot of hashing power, but it would let you continue to operate.  I liked mining with your pool, I was doing quite well.

That way maybe you can operate in the short term as a private pool using trusted participants.

The reason I do not suggest that you allow ALL miners that have been working to get the address is that quite likely, your attackers have been mining the pools somewhat to ensure they were functionally down.
CyberPhunk
Full Member
***
Offline Offline

Activity: 124


View Profile
October 20, 2011, 05:53:13 PM
 #4052

Slush... I have an idea...

Soooo...

Basically, you have a problem with public addresses for your pool.

If only you could ensure that no one knew how to find your pool unless they had trust... you could just use a static IP and have people mine there.

Here is one REALLY good litmus to determine whether or not a user should have trust... hashing.

If you pull from your DB of users, those who have hashed over a certain amount in the last couple weeks for instance... you could tell with a degree of certainty that these are all trusted people.

So... then you email all those users (I would be one of these people)...

Just email a private ip for the server to those users... or perhaps a domain name whatever... just something you don't post on here.

Sure, you'll lose a lot of hashing power, but it would let you continue to operate.  I liked mining with your pool, I was doing quite well.

That way maybe you can operate in the short term as a private pool using trusted participants.

The reason I do not suggest that you allow ALL miners that have been working to get the address is that quite likely, your attackers have been mining the pools somewhat to ensure they were functionally down.

And, if the bot net owner has an actual miner or two of their own? What then?

List of client download mirrors / Older Catalyst drivers/SDK
13dRbbqBpfZEmZiXXdLM4NKNoJYsgHbuFJ  <- might as well, in case someone feels generous. Wink
m3ta
Sr. Member
****
Offline Offline

Activity: 427



View Profile WWW
October 20, 2011, 06:24:53 PM
 #4053

Slush... I have an idea...

Soooo...

Basically, you have a problem with public addresses for your pool.

If only you could ensure that no one knew how to find your pool unless they had trust... you could just use a static IP and have people mine there.

Here is one REALLY good litmus to determine whether or not a user should have trust... hashing.

If you pull from your DB of users, those who have hashed over a certain amount in the last couple weeks for instance... you could tell with a degree of certainty that these are all trusted people.

So... then you email all those users (I would be one of these people)...

Just email a private ip for the server to those users... or perhaps a domain name whatever... just something you don't post on here.

Sure, you'll lose a lot of hashing power, but it would let you continue to operate.  I liked mining with your pool, I was doing quite well.

That way maybe you can operate in the short term as a private pool using trusted participants.

The reason I do not suggest that you allow ALL miners that have been working to get the address is that quite likely, your attackers have been mining the pools somewhat to ensure they were functionally down.

And, if the bot net owner has an actual miner or two of their own? What then?

^ This.
Also, the internet's reputation for keeping secrets is "not too good". *snicker*

Why the frell so many retards spell "ect" as an abbreviation of "Et Cetera"? "ETC", DAMMIT! http://en.wikipedia.org/wiki/Et_cetera

Host:/# rm -rf /var/forum/trolls
Druas
Member
**
Offline Offline

Activity: 78


View Profile
October 20, 2011, 06:25:24 PM
 #4054

If you pull from your DB of users, those who have hashed over a certain amount in the last couple weeks for instance... you could tell with a degree of certainty that these are all trusted people.

So... then you email all those users (I would be one of these people)...

Just email a private ip for the server to those users... or perhaps a domain name whatever... just something you don't post on here.
Botnets can mine at like 80-100 GH/s if they want I think. It is just terribly inefficient. But they don't care because they aren't paying for electricity or the pipes. So you might send out an email to the botnet because they could be one of your fastest miners?
[Tycho]
Hero Member
*****
Offline Offline

Activity: 742



View Profile WWW
October 20, 2011, 06:36:47 PM
 #4055

Botnet owners don't even need to get that e-mail. Someone will just post here "Hey, I just got an e-mail with this IP: ***".

Welcome to my bitcoin mining pool: https://deepbit.net - Both payment schemes (including PPS), instant payout, no invalid blocks !
ICBIT Trading platform : USD/BTC futures trading, Bitcoin difficulty futures (NEW!). Third year in bitcoin business.
digital
Hero Member
*****
Offline Offline

Activity: 490


View Profile
October 20, 2011, 06:39:30 PM
 #4056

You back up for good?  Or is this a temporary thing?

If I help you out: 17QatvSdciyv2zsdAbphDEUzST1S6x46c3
References (bitcointalk.org/index.php?topic=): 50051.20  50051.100  53668.0  53788.0  53571.0  53571.0  52212.0  50729.0  114804.0  115468  78106  69061  58572  54747
digital
Hero Member
*****
Offline Offline

Activity: 490


View Profile
October 20, 2011, 06:40:37 PM
 #4057

longest round I have ever seen...   Wink

If I help you out: 17QatvSdciyv2zsdAbphDEUzST1S6x46c3
References (bitcointalk.org/index.php?topic=): 50051.20  50051.100  53668.0  53788.0  53571.0  53571.0  52212.0  50729.0  114804.0  115468  78106  69061  58572  54747
slush
Legendary
*
Offline Offline

Activity: 1358



View Profile WWW
October 20, 2011, 06:54:27 PM
 #4058

Yes, longest round on my pool ever, but we're up again :-).

naypalm
Legendary
*
Offline Offline

Activity: 1212


AFK :/


View Profile WWW
October 20, 2011, 07:03:08 PM
 #4059

w00t, thanks slush!

cablepair
Hero Member
*****
Offline Offline

Activity: 854


https://btc-republic.com/index.php?ref=cablepair


View Profile WWW
October 20, 2011, 07:18:52 PM
 #4060

Slush: so happy to see you alive and kicking my old friend, I will bring my miners over and help solve this block Smiley (I just hope you stay alive)
Pages: « 1 ... 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 [203] 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 ... 1105 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!