Bitcoin Forum
July 21, 2018, 11:51:33 PM *
News: Latest stable version of Bitcoin Core: 0.16.1  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Poll
Question: What type of pool payouts do you prefer?
Bitcoins - 3235 (80.5%)
Bank transfer / USD - 415 (10.3%)
Gold/silver coins and bars - 371 (9.2%)
Total Voters: 4019

Pages: « 1 ... 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 [208] 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 ... 1144 »
  Print  
Author Topic: [4+ EH] Slush Pool (slushpool.com); Overt AsicBoost; World First Mining Pool  (Read 4328529 times)
Thralen
Full Member
***
Offline Offline

Activity: 123
Merit: 100


View Profile
October 23, 2011, 08:11:04 PM
 #4141

A malicious attacker needs not to target the pool or hidden service;
since TOR is a relatively low bandwidth network it takes very few resources to grind all active onion routers to a halt.

All active router info is publicly available at directory server.
Every router merely knows the last and next hop, the origin of attack cannot be traced and it only shows up as large amounts of traffic & appears as a normal router

DoS against the entire TOR network is also cheaper than a well hosted single site with high bandwidth.
Even a 20gbps attack would render the network unusably slow. It is a brute force method but it will achieve the goal & make a pool unreachable.

It only needs to last as long as people switch to other pools, and if they come back, target the network again.

Are you an attacker Jack of Diamonds?


I'm thinking his botnet must not be being profitable for him. It is the only reason I an see for advocating for pools to contribute to further illegal behavior as well as probably cut profits for miners since the pool owner will have to recoup costs someplace. *shrug*

Thralen

Supporting bitcoin as best I can with 1. mining, 2. buying with bitcoin, 3. selling (or trying to) for bitcoin. If you make a donation to:  1MahzUUEYJrZ4VbPRm2h5itGZKEguGVZK1  I'll get it into circulation.
1532217093
Hero Member
*
Offline Offline

Posts: 1532217093

View Profile Personal Message (Offline)

Ignore
1532217093
Reply with quote  #2

1532217093
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
Portnoy
Legendary
*
Offline Offline

Activity: 2016
Merit: 1000

My money; Our Bitcoin.


View Profile
October 23, 2011, 08:15:28 PM
 #4142

A malicious attacker needs not to target the pool or hidden service;
since TOR is a relatively low bandwidth network it takes very few resources to grind all active onion routers to a halt.

All active router info is publicly available at directory server.
Every router merely knows the last and next hop, the origin of attack cannot be traced and it only shows up as large amounts of traffic & appears as a normal router

DoS against the entire TOR network is also cheaper than a well hosted single site with high bandwidth.
Even a 20gbps attack would render the network unusably slow. It is a brute force method but it will achieve the goal & make a pool unreachable.

It only needs to last as long as people switch to other pools, and if they come back, target the network again.

Are you an attacker Jack of Diamonds?

If you want I can make him an offer he can't refuse.

Some day, and that day may never come, I may call upon you to do a service for me. But, until that day, accept this, as a gift.

Wink

Thralen
Full Member
***
Offline Offline

Activity: 123
Merit: 100


View Profile
October 23, 2011, 08:32:06 PM
 #4143

A malicious attacker needs not to target the pool or hidden service;
since TOR is a relatively low bandwidth network it takes very few resources to grind all active onion routers to a halt.

All active router info is publicly available at directory server.
Every router merely knows the last and next hop, the origin of attack cannot be traced and it only shows up as large amounts of traffic & appears as a normal router

DoS against the entire TOR network is also cheaper than a well hosted single site with high bandwidth.
Even a 20gbps attack would render the network unusably slow. It is a brute force method but it will achieve the goal & make a pool unreachable.

It only needs to last as long as people switch to other pools, and if they come back, target the network again.

Are you an attacker Jack of Diamonds?

If you want I can make him an offer he can't refuse.

Some day, and that day may never come, I may call upon you to do a service for me. But, until that day, accept this, as a gift.

Wink



Glad someone got the heads of servers reference...  Cheesy

Supporting bitcoin as best I can with 1. mining, 2. buying with bitcoin, 3. selling (or trying to) for bitcoin. If you make a donation to:  1MahzUUEYJrZ4VbPRm2h5itGZKEguGVZK1  I'll get it into circulation.
slush
Legendary
*
Offline Offline

Activity: 1372
Merit: 1019



View Profile WWW
October 23, 2011, 08:33:35 PM
 #4144

Is there an issue with payout on BTC right now?

Yes, payouts were not working since yesterday database crash and I didn't noticed that. My apologize, it's fixed now.

Btw it's funny that those people who received their rewards twice (because reward updates in database failed thanks to db issues) aren't complaining here ;-).

Thralen
Full Member
***
Offline Offline

Activity: 123
Merit: 100


View Profile
October 23, 2011, 09:12:57 PM
 #4145

Is there an issue with payout on BTC right now?

Yes, payouts were not working since yesterday database crash and I didn't noticed that. My apologize, it's fixed now.

Btw it's funny that those people who received their rewards twice (because reward updates in database failed thanks to db issues) aren't complaining here ;-).

Thanks Slush, re: payouts fixed... re:people not mentioning double payout, see my quote from a few messages earlier:

"You can always count on human nature, so long as you know that human nature includes a massive helping of greed."

Thralen...

Supporting bitcoin as best I can with 1. mining, 2. buying with bitcoin, 3. selling (or trying to) for bitcoin. If you make a donation to:  1MahzUUEYJrZ4VbPRm2h5itGZKEguGVZK1  I'll get it into circulation.
Jack of Diamonds
Sr. Member
****
Offline Offline

Activity: 252
Merit: 250



View Profile
October 23, 2011, 10:37:28 PM
 #4146

because they can choose to take the money they earned through extortion and invest it in attacking you. That's usually how extortion works. Once the gravy train starts flowing, it's hard to stop it.
https://bitcointalk.org/index.php?topic=49038.msg584062#msg584062


They can't. Prolexic itself is impossible to bring down even with the largest available botnet. It has more bandwidth than Google.
Mt. Gox routes all traffic through them in the event of DDoS (such as the recent attack during which they experienced 11gbps attack; medium size)

Routing traffic to a gigantic DDoS mitigator with multi terabit/s capacity is a checkmate against the attacker.
There is nothing more you can do at that point, even if you had 1000gbps attack capacity.

Downside: It costs a lot of money (in the 4-5 figures) per month. If you persuade 'attacker' to voluntarily stop in exchange for a smaller sum than charged by Prolexic, both sides win.
By being forced to pay exorbitant prices to a prevention company both sides lose in the long run.

Of course, it's not an 'orthodox business practice'. But money is money, it has no pride or ego. It's numbers.

1f3gHNoBodYw1LLs3ndY0UanYB1tC0lnsBec4USeYoU9AREaCH34PBeGgAR67fx
Crypt_Current
Hero Member
*****
Offline Offline

Activity: 686
Merit: 500


Shame on everything; regret nothing.


View Profile
October 23, 2011, 11:27:52 PM
 #4147

If you persuade 'attacker' to voluntarily stop in exchange for a smaller sum than charged by Prolexic, both sides win.

The problem with that scenario is the attacker has all the power to choose when to start again... so what if the attacker was paid?  The attacker could be having a particularly bad day and need to take it out on someone...

10% off at CampBX for LIFE:  https://campbx.com/main.php?r=C9a5izBQ5vq  ----  Authorized BitVoucher MEGA reseller (& BTC donations appreciated):  https://bitvoucher.co/affl/1HkvK8o8WWDpCTSQGnek7DH9gT1LWeV5s3/
LTC:  LRL6vb6XBRrEEifB73DiEiYZ9vbRy99H41  NMC:  NGb2spdTGpWj8THCPyCainaXenwDhAW1ZT
naypalm
Legendary
*
Offline Offline

Activity: 1263
Merit: 1003


coins coins coins!


View Profile WWW
October 23, 2011, 11:31:14 PM
 #4148

Thanks for keeping it running! My home is nice and toasty now Cheesy

OgNasty
Donator
Legendary
*
Offline Offline

Activity: 2618
Merit: 1288


Disclaimer: Author Long BTC


View Profile WWW
October 23, 2011, 11:33:37 PM
 #4149

Pardon my ignorance of NMC. Where do I get a NMC wallet?

You can use mine.  My6ZwP3kVVdaVZ8uNMfes82cq2qEzZNkrF   Grin

slush
Legendary
*
Offline Offline

Activity: 1372
Merit: 1019



View Profile WWW
October 24, 2011, 12:19:00 AM
 #4150

On the connection issue; you are able to pick your exit nodes which should allow one to find nodes that have the best connection between them and the pool of choice.

Exit nodes are used only for accessing public Internet, they're not used for hidden services. It's good, because throughput of exit nodes is usually the main reason for low performance (you need to be real Tor supporter to run exit node; I hanged 10Mbit node after two years of fighting for it with my ISP).

Hidden services are building circuits (usually three hops) to few random long-running tor relays after startup. Then service publish it's descriptor with list of it's rendez-vous nodes. Client pick onion address and retrieve descriptor. Then choose one of rendez-vous node and create (usually three hops) circuit to them, which finally create pipe for routing TCP traffic.

Although rendez-vous nodes for given service are publicly known, Tor automatically re-route traffic when node is going down, so there's usually only few-second downtime, which make connection between user and hidden service pretty DDoS resilent.

When anonymity is not an issue, it's also possible to setup shorter routes than "(client) -> OR1 -> OR2 -> (rendez-vous) -> OR3 -> OR4 -> (hidden service)". Technically is necessary only "(client) -> (rendez-vous) -> (hidden service)", which makes connection much faster. Although I know how to setup one-hop connection manually using control port, it needs source changes to use only one hop circuits  together with automatic rendez-vous failover, so it will need some time to setup this on pool.

slush
Legendary
*
Offline Offline

Activity: 1372
Merit: 1019



View Profile WWW
October 24, 2011, 12:32:40 AM
 #4151

So I guess for now we throw torify in front of the miner and if this takes off wait for (or help with) patching miners to try and proxy .onion domains?  Or maybe I should say, adding a new user, turning off LP and doing torify python phoenix.py ... Just Works.  And cgminer uses curl which supports SOCKS (and of course see the Tor FAQ about SOCKS and potential privacy issues) so it should Just Work too, but I haven't fiddled with that yet.

Yes, both torify or SOCKS5 proxy in miners should work. Actually it would be really amazing if somebody write short howto for running miners over Tor (maybe to bitcoin.it wiki?). Unfortunately torify works only in Linux, so Windows users need miner with SOCKS5 support.

slush
Legendary
*
Offline Offline

Activity: 1372
Merit: 1019



View Profile WWW
October 24, 2011, 12:36:02 AM
 #4152

What do you think about paying protection money to a hypothetical multi-gbps attacker
at a rate of say -50 - -80% of what a datacenter will take for professional anti-DDoS/mitigation services?

Nonsense. Accepting attacker's game isn't a solution.

Another issue is that attacker is anonymous and with unknown intention, so there's nobody to bribe :-). But I'm strictly refusing an idea to pay for such "protection".

slush
Legendary
*
Offline Offline

Activity: 1372
Merit: 1019



View Profile WWW
October 24, 2011, 12:41:21 AM
 #4153

A malicious attacker needs not to target the pool or hidden service;
since TOR is a relatively low bandwidth network it takes very few resources to grind all active onion routers to a halt.

It's low bandwidth, but very decentralized. It's like having hundreds of proxies before pool itself; you shut down one, but other still works. Don't forget that many of those relays are running by professionals with different skills and solutions. Shutting down them all at the same time is much harder than shutting down a single server.

Quote
DoS against the entire TOR network is also cheaper than a well hosted single site with high bandwidth.

Also using Tor network is cheaper than any DDoS mitigation service :-). I know that it won't work for 100%, mainly because only few people will configure their miners over Tor. But every piece counts.

slush
Legendary
*
Offline Offline

Activity: 1372
Merit: 1019



View Profile WWW
October 24, 2011, 12:45:58 AM
 #4154

Downside: (prolexic) costs a lot of money (in the 4-5 figures) per month.

So it's something like 1-2 figures more than earnings from the pool at current price. Why are we considering this? :-)

Quote
If you persuade 'attacker' to voluntarily stop in exchange for a smaller sum than charged by Prolexic, both sides win.

There's nobody to bribe. May I trust somebody who send me a PM like "I'm an attacker, pay me xxx USD monthly and I will stop attacks"? Surely not.

DutchBrat
Hero Member
*****
Offline Offline

Activity: 868
Merit: 1000


View Profile
October 24, 2011, 01:19:01 AM
 #4155

If you send me 500 BTC a month, I promise I will never ever START attacking you !

I don't have much hashing power so my price is low  Grin
Tartarus
Jr. Member
*
Offline Offline

Activity: 47
Merit: 0


View Profile
October 24, 2011, 01:28:46 AM
 #4156

So I guess for now we throw torify in front of the miner and if this takes off wait for (or help with) patching miners to try and proxy .onion domains?  Or maybe I should say, adding a new user, turning off LP and doing torify python phoenix.py ... Just Works.  And cgminer uses curl which supports SOCKS (and of course see the Tor FAQ about SOCKS and potential privacy issues) so it should Just Work too, but I haven't fiddled with that yet.

Yes, both torify or SOCKS5 proxy in miners should work. Actually it would be really amazing if somebody write short howto for running miners over Tor (maybe to bitcoin.it wiki?). Unfortunately torify works only in Linux, so Windows users need miner with SOCKS5 support.

I'm game for some of the contents at least (no Windows here).  There's already a Tor page on the bitcoin.it wiki, but it's for bitcoind/IRC usage rather than mining, but the basic setup stuff is there.  Perhaps adding a Mining section, covering Linux and OS X (which I assume has torify too, but checking now) and hoping someone with Windows can confirm what I see googling about setting http_proxy in Windows and hoping cgminer+libcurl for Windows obeys?

EDIT: Page edited, OS X doesn't have torify so I just put Windows and OS X in the same section about "try setting http_proxy".  I don't know if more client specific information should go on the client pages (which are kinda sparse at times) or here.

Find the above useful?  Send tips to 1KjoJihf7GWHWeQFhDmaw4g7xorkmD13u
anthony.selby
Jr. Member
*
Offline Offline

Activity: 43
Merit: 0



View Profile
October 24, 2011, 01:31:49 AM
 #4157

So I have two sites ... and one of them is working perfect ... the other :-/ ... connection problems

do I need to let you know the ips or is that something that will work itself out
slush
Legendary
*
Offline Offline

Activity: 1372
Merit: 1019



View Profile WWW
October 24, 2011, 01:49:21 AM
 #4158

do I need to let you know the ips or is that something that will work itself out

Tell me IP, I'll watch logs.

slush
Legendary
*
Offline Offline

Activity: 1372
Merit: 1019



View Profile WWW
October 24, 2011, 02:58:36 AM
 #4159

I'm playing with SOCKS5 support for poclbm, looks like very simple patch, unfortunately with external dependency to socksipy library. If it will work, I'll ask m0mchil to accept it to upstream. Worse thing is that poclbm is pretty sensitive to timeouts (default is 5sec, which sometimes isn't enough for Tor).

Tartarus
Jr. Member
*
Offline Offline

Activity: 47
Merit: 0


View Profile
October 24, 2011, 03:03:30 AM
 #4160

I'm playing with SOCKS5 support for poclbm, looks like very simple patch, unfortunately with external dependency to socksipy library. If it will work, I'll ask m0mchil to accept it to upstream. Worse thing is that poclbm is pretty sensitive to timeouts (default is 5sec, which sometimes isn't enough for Tor).

What's poclbm using for url parsing?  I was poking phoenix earlier (and hoping to have time today, but didn't end up with) to try and add a proxy option since there's examples for twisted (which phoenix uses) and urllib (which I hope others use, heh) for proxy.

Find the above useful?  Send tips to 1KjoJihf7GWHWeQFhDmaw4g7xorkmD13u
Pages: « 1 ... 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 [208] 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 ... 1144 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!