Bitcoin Forum
December 06, 2016, 10:33:15 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 [3]  All
  Print  
Author Topic: POOLS under DDOS ATTACKS  (Read 4790 times)
joepie91
Sr. Member
****
Offline Offline

Activity: 294


View Profile
July 08, 2011, 03:12:20 PM
 #41

Distributed denial of service attacks - DDoS can be defeated and prevented - but the victim may need to change their internet service provider.

Briefly, a DDoS stems from a multitude of controlled client computers - the botnet - in which the botnet operator causes them to flood a particular victim web service with connection requests or other useless messages that may consume all the input bandwidth allowed the victim, leaving none for legitimate customers.

DDoS attack traffic can be detected and removed by a cooperative internet service provider.  The ISP generally has very high capacity bandwidth with the internet backbone network, and the point of connection to the backbone DDoS filtering can be performed on behalf of the victim's servers hosted by the ISP.  This DDoS mitigation and prevention service is promoted by certain ISPs - for example those now hosting Mt Gox and BTC Guild.  Other ISPs may not be as cooperative or may not have the network devices to effectively prevent DDoS attacks.

Most small websites using low-cost ISPs are thus unable to withstand DDoS attacks with their present ISP and must migrate their servers to a more secure ISP when attacked.

DDoS resistant hosting which can actually withstand a sustained attack is very expensive.  You basically end up having to pay for the bandwidth either way.

The best strategy for stopping a DDoS is to already have protection and thus not go down in the first place.  Only the most dedicated attacker is going to redouble their efforts and try again.  However if you move to DDoS hosting they know it's costing you more money and will continue.
Before people start screaming "but here you can get DDoS protected hosting for only $20 a month!", let me also mention that 99% of the providers offering 'DDoS protection' choke on anything more than a gigabit. They typically have one Cisco Guard or similar hardware, and then claim it's 'DDoS protected'. Any serious attack will still go through. The same goes for providers with a fixed 'filtering capacity' or 'cleaned bandwidth limit'. They will just suspend your plan after you get too much DDoS.

The cheapest DDoS protection you can find that will actually achieve something starts at ~$300 (at hosts who are located in Dragonara, for example), and even then the costs will probably rack up if you need more filtering capacity.

Like my post(s)? 12TSXLa5Tu6ag4PNYCwKKSiZsaSCpAjzpu Smiley
Quote from: hawks5999
I just can't wait for fall/winter. My furnace never generated money for me before. I'll keep mining until my furnace is more profitable.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481020395
Hero Member
*
Offline Offline

Posts: 1481020395

View Profile Personal Message (Offline)

Ignore
1481020395
Reply with quote  #2

1481020395
Report to moderator
1481020395
Hero Member
*
Offline Offline

Posts: 1481020395

View Profile Personal Message (Offline)

Ignore
1481020395
Reply with quote  #2

1481020395
Report to moderator
ThiagoCMC
Legendary
*
Offline Offline

Activity: 1190


฿itcoin: Currency of Resistance!


View Profile WWW
July 08, 2011, 03:28:16 PM
 #42

Well if anything it will make the pool admins more aware of the holes in their systems.

facepalm...do you know how botnets work?

The only real way for admins to stop a ddos attack from crippling is to A) wait it out B) have so much connection bandwidth a ddos attack does nothing. So you are telling server owners to buy ridiculous amounts of bandwidth?

It's like saying the solution to people stealing gas out of your car is to buy more gas.

Well, I have another idea... Don't know if can work by the way...

c) Make mining pool inaccessible from the outside, from the Internet (no route for it, no DNS), making the pool at some intranet, so, every single miner, like you and me, should authenticate itself in some Internet point and then, it will be able start a VPN with some hidden Internet VPN server and voiala, we will have access to the Mining Pool intranet network.

c.1) The login system at the Internet is just a "login"... Should be hosted everywhere... It should be simple and not browser dependent...

c.2) The VPN servers will be accessible only after the login, only for that session, otherwise, they will remain closed by firewalls and/or border gateways...

c.3) The VPN servers will be hosted everywhere too, the behind them, there is a Mining Pool...

 I'm thinking in OpenVPN or IPSec to achieve this...

 We will be able to identify and close any irregular traffic, not affecting the regular users / miners...

 To the miners, this should be totaly transparent, they just need to setup one more user/pass somewhere, that will be used before miner starts...

Well, this is just an idea that come to mind as I was sleeping...  \o/

Mercado Forex acessível para todos os Brasileiros que tenham Bitcoins! Cadastre-se hoje mesmo! Bastar acessar aqui: https://1broker.com/m/r.php?i=8879
phantomcircuit
Sr. Member
****
Offline Offline

Activity: 463


View Profile
July 08, 2011, 03:31:24 PM
 #43

Well if anything it will make the pool admins more aware of the holes in their systems.

facepalm...do you know how botnets work?

The only real way for admins to stop a ddos attack from crippling is to A) wait it out B) have so much connection bandwidth a ddos attack does nothing. So you are telling server owners to buy ridiculous amounts of bandwidth?

It's like saying the solution to people stealing gas out of your car is to buy more gas.

Well, I have another idea... Don't know if can work by the way...

c) Make mining pool inaccessible from the outside, from the Internet (no route for it, no DNS), making the pool at some intranet, so, every single miner, like you and me, should authenticate itself in some Internet point and then, it will be able start a VPN with some hidden Internet VPN server and voiala, we will have access to the Mining Pool intranet network.

c.1) The login system at the Internet is just a "login"... Should be hosted everywhere... It should be simple and not browser dependent...

c.2) The VPN servers will be accessible only after the login, only for that session, otherwise, they will remain closed by firewalls and/or border gateways...

c.3) The VPN servers will be hosted everywhere too, the behind them, there is a Mining Pool...

 I'm thinking in OpenVPN or IPSec to achieve this...

 We will be able to identify and close any irregular traffic, not affecting the regular users / miners...

 To the miners, this should be totaly transparent, they just need to setup one more user/pass somewhere, that will be used before miner starts...

Well, this is just an idea that come to mind as I was sleeping...  \o/

This is a simple bandwidth exhaustion attack.  What you suggestion would actually make this attack much easier.
ThiagoCMC
Legendary
*
Offline Offline

Activity: 1190


฿itcoin: Currency of Resistance!


View Profile WWW
July 08, 2011, 03:40:41 PM
 #44

Is there a sure way to make sure my computer isn't infected with some botnet crap? I'd hate to think I"m contributing to this in some sort of way.

will an antivirus program recognize it as a trojan or something?

Botnets are indestructible!!! http://news.cnet.com/8301-13506_3-20075725-17/tdl-4-the-indestructible-botnet/

How many infected PC (aka botnets zoombies) are Windows? 99% of it!
How many infected computers (aka botnet zoombies are Linux? 0,000001% of it?! Probably...

So, just use Linux (like Ubuntu or Debian) to end these botnets...

It is MUCH more difficulty to make a virus to Linux... I'm honestly do not believe that somebody can make a Linux Virus capable of infecting all Linux variants across the globe.. It is near impossible to do that.

Mercado Forex acessível para todos os Brasileiros que tenham Bitcoins! Cadastre-se hoje mesmo! Bastar acessar aqui: https://1broker.com/m/r.php?i=8879
ThiagoCMC
Legendary
*
Offline Offline

Activity: 1190


฿itcoin: Currency of Resistance!


View Profile WWW
July 08, 2011, 03:59:17 PM
 #45

Well if anything it will make the pool admins more aware of the holes in their systems.

facepalm...do you know how botnets work?

The only real way for admins to stop a ddos attack from crippling is to A) wait it out B) have so much connection bandwidth a ddos attack does nothing. So you are telling server owners to buy ridiculous amounts of bandwidth?

It's like saying the solution to people stealing gas out of your car is to buy more gas.

Well, I have another idea... Don't know if can work by the way...

c) Make mining pool inaccessible from the outside, from the Internet (no route for it, no DNS), making the pool at some intranet, so, every single miner, like you and me, should authenticate itself in some Internet point and then, it will be able start a VPN with some hidden Internet VPN server and voiala, we will have access to the Mining Pool intranet network.

c.1) The login system at the Internet is just a "login"... Should be hosted everywhere... It should be simple and not browser dependent...

c.2) The VPN servers will be accessible only after the login, only for that session, otherwise, they will remain closed by firewalls and/or border gateways...

c.3) The VPN servers will be hosted everywhere too, the behind them, there is a Mining Pool...

 I'm thinking in OpenVPN or IPSec to achieve this...

 We will be able to identify and close any irregular traffic, not affecting the regular users / miners...

 To the miners, this should be totaly transparent, they just need to setup one more user/pass somewhere, that will be used before miner starts...

Well, this is just an idea that come to mind as I was sleeping...  \o/

This is a simple bandwidth exhaustion attack.  What you suggestion would actually make this attack much easier.

Well, never mind...   :-P

Mercado Forex acessível para todos os Brasileiros que tenham Bitcoins! Cadastre-se hoje mesmo! Bastar acessar aqui: https://1broker.com/m/r.php?i=8879
joepie91
Sr. Member
****
Offline Offline

Activity: 294


View Profile
July 08, 2011, 04:31:48 PM
 #46

Is there a sure way to make sure my computer isn't infected with some botnet crap? I'd hate to think I"m contributing to this in some sort of way.

will an antivirus program recognize it as a trojan or something?

Botnets are indestructible!!! http://news.cnet.com/8301-13506_3-20075725-17/tdl-4-the-indestructible-botnet/

How many infected PC (aka botnets zoombies) are Windows? 99% of it!
How many infected computers (aka botnet zoombies are Linux? 0,000001% of it?! Probably...

So, just use Linux (like Ubuntu or Debian) to end these botnets...

It is MUCH more difficulty to make a virus to Linux... I'm honestly do not believe that somebody can make a Linux Virus capable of infecting all Linux variants across the globe.. It is near impossible to do that.
Actually it would be possible to make something that runs on every Linux distro (it's all still just Linux), but it's a lot harder to make something that doesn't go away after you restart/relogin.

Like my post(s)? 12TSXLa5Tu6ag4PNYCwKKSiZsaSCpAjzpu Smiley
Quote from: hawks5999
I just can't wait for fall/winter. My furnace never generated money for me before. I'll keep mining until my furnace is more profitable.
bitcoinminer
Sr. Member
****
Offline Offline

Activity: 322



View Profile
July 08, 2011, 05:05:10 PM
 #47


It is MUCH more difficulty to make a virus to Linux... I'm honestly do not believe that somebody can make a Linux Virus capable of infecting all Linux variants across the globe.. It is near impossible to do that.

http://en.wikipedia.org/wiki/Morris_worm

Aside from the first internet worm, of course Smiley

Be fearful when others are greedy, and greedy when others are fearful.

-Warren Buffett
X68N
Hero Member
*****
Offline Offline

Activity: 546


View Profile
July 08, 2011, 07:19:46 PM
 #48

Do you really know how a botnet works?

muaaahhaha? harder please ;-)

Coinbase - All your money are belong to us  Cheesy -> http://de.wikipedia.org/wiki/All_your_base_are_belong_to_us
Pages: « 1 2 [3]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!