Bitcoin Forum
December 07, 2016, 10:13:56 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: ** BitcoinPool.com back online after DDoS attack **  (Read 1117 times)
FairUser
Sr. Member
****
Offline Offline

Activity: 261


View Profile WWW
June 29, 2011, 11:56:51 PM
 #1

As many of our user's have noticed service has been less than good the last few days.  This was caused by a DDoS attack.  We have managed to get control of the situation by notifying hosting providers and blocked several thousand IP addresses in several dozen class C networks.

The main Russian ISP that the attacks were coming from is Yandex LLC.  When we blocked the attackers IP address or an entire class C network, within minutes the attacker would be using a different address in a completely different class C network.  After doing this song and dance for several hours, we realized that it was mostly coming from Yandex and sent off an e-mail to their abuse address.  We haven't received a response from them, so we took drastic action and blocked every IP address owned by Yandex.  After blocking Yandex, everything seems to have returned to normal.  If you are a user in our pool coming from this network, please PM me your IP address and I will white-list it.

We'd like to apologize to our users for the inconvenience of this attack.  We're keeping a close eye on logs and traffic analyzers to monitor for any new attacks so we can block them before they disrupt the pool any further. 

Thank you for your understanding and tolerance for the situation, we appreciate it.

Best Regards Smiley

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481148836
Hero Member
*
Offline Offline

Posts: 1481148836

View Profile Personal Message (Offline)

Ignore
1481148836
Reply with quote  #2

1481148836
Report to moderator
1481148836
Hero Member
*
Offline Offline

Posts: 1481148836

View Profile Personal Message (Offline)

Ignore
1481148836
Reply with quote  #2

1481148836
Report to moderator
1481148836
Hero Member
*
Offline Offline

Posts: 1481148836

View Profile Personal Message (Offline)

Ignore
1481148836
Reply with quote  #2

1481148836
Report to moderator
samr7
Full Member
***
Offline Offline

Activity: 140

Firstbits: 1samr7


View Profile
June 30, 2011, 02:11:18 AM
 #2

It sure wasn't down for long, I saw less than an hour of downtime.  Kudos on the quick response, Fairuser.
hollajandro
Member
**
Offline Offline

Activity: 83


View Profile
June 30, 2011, 10:02:42 PM
 #3

Glad you guys have this under control and glad you keep your users informed. Your transparency is appreciated. Smiley
Jack of Diamonds
Sr. Member
****
Offline Offline

Activity: 252



View Profile
July 01, 2011, 01:18:02 AM
 #4

Yandex abuse team doesn't give a shit about western companies or people emailing them.

They even have $USD rates on blackhat IRC for which they will let you use
domain ranges and bandwidth for spam, fraud, denial of service or other illegal activity without alerting the authorities or pulling the plug on you

These aren't just individual PC's or infections, they are renting their content crawlers in Ukraine and Russia for high bidders.

http://webhosting.bigresource.com/Should-I-block-Yandex-IMB0TFDV.html

1f3gHNoBodYw1LLs3ndY0UanYB1tC0lnsBec4USeYoU9AREaCH34PBeGgAR67fx
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!