Bitcoin Forum
June 14, 2021, 10:56:57 PM *
News: Latest Bitcoin Core release: 0.21.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 ... 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 [97] 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 ... 326 »
  Print  
Author Topic: [DEAD] DeepBit.net PPS+Prop,instant payouts, we pay for INVALID BLOCKS too  (Read 1599523 times)
presha
Newbie
*
Offline Offline

Activity: 35
Merit: 0


View Profile
May 29, 2011, 10:51:48 PM
 #1921

There is a DDoS attack happening against deepbit servers.
Now I'm taking some countermeasures against this.

Sorry again for the delay.

;o

hope everything will be okay Smiley
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
[Tycho]
Hero Member
*****
Offline Offline

Activity: 742
Merit: 500



View Profile WWW
May 29, 2011, 10:55:29 PM
 #1922

the pool is great and tycho you do a good job always monitoring and getting it back up as quickly as you can and you respond right away.  but that doesn't discount the fact that you keep going down reguarly, pretty much almost daily now, and for extended periods of time.  can you setup something so that there is 0 downtime?  an automatic backup of some sorts?
Yes, I had some problems, but I won't agree with the "daily" part, and usually those problems caused only a couple of minutes of downtime.

I'm using a failure notification service that sends me SMS when something is not right. But there is no any automatic way to "fix" DDoS if you aren't already using some protection services (which I'm setting up now).

Welcome to my bitcoin mining pool: https://deepbit.net - Both payment schemes (including PPS), instant payout, no invalid blocks !
ICBIT Trading platform : USD/BTC futures trading, Bitcoin difficulty futures (NEW!). Third year in bitcoin business.
m4rkiz
Full Member
***
Offline Offline

Activity: 171
Merit: 100


View Profile
May 29, 2011, 11:01:34 PM
 #1923

the pool is great and tycho you do a good job always monitoring and getting it back up as quickly as you can and you respond right away.  but that doesn't discount the fact that you keep going down reguarly, pretty much almost daily now, and for extended periods of time.  can you setup something so that there is 0 downtime?  an automatic backup of some sorts?

just run two instances of miner per gpu, each with different priority, higher for your favourite pool and lower for backup one
if main pool is down all work is done in second instance and submitted to backup pool:

ie:

Code:
poclbm.exe --verbose --vectors --worksize=128 --frames=60 --host=mining.bitcoin.cz --port=8332 --user=m4rkiz.0 --pass=XX --device=0 -r 3
poclbm.exe --verbose --vectors --worksize=128 --frames=1 --host=deepbit.net --port=8332 --user=m4rkiz@XXXX.XX_0 --pass=XX --device=0 -r 3

with this setup deepbit is your main pool and slush has around 1 MHps until deepbit is down
minerX
Newbie
*
Offline Offline

Activity: 56
Merit: 0


View Profile
May 29, 2011, 11:22:45 PM
 #1924

Been down over an hour... time to switch pools I guess.

the pool is great and tycho you do a good job always monitoring and getting it back up as quickly as you can and you respond right away.  but that doesn't discount the fact that you keep going down reguarly, pretty much almost daily now, and for extended periods of time.  can you setup something so that there is 0 downtime?  an automatic backup of some sorts?

I agree with Tycho.  I've never experienced downtime that I noticed and have been mining for at least 3 weeks.  So I hardly think your "daily" assessment is correct.
Veldy
Member
**
Offline Offline

Activity: 98
Merit: 10



View Profile
May 29, 2011, 11:35:34 PM
 #1925

There is a DDoS attack happening against deepbit servers.
Now I'm taking some countermeasures against this.

Sorry again for the delay.

Has anybody done any investigation on where these DDOS attacks are coming from [meaning who is behind them]?  I assume most come from insecure desktops on broadband that have been breached in one form or another.  It also seems to me that most broadband is from a relatively small number of companies and they should be able to log network scans and such [a little more difficult if people are being infected by emails, or browsing websites and accepting crap they shouldn't], but I think that there must be mechanisms already in place with major ISPs like AT&T, Comcast, Time Warner, the baby bells, and other (sorry, US centric examples) to help track down the origination of an attack and allow for prosecution.  In fact, it is in their own best interest to do just that to avoid flooding their network with undesired traffic. 

What I am trying to say is that something should be done to try and catch who is doing this.  Bitcoin is still small beans in the scheme of things, so the necessary forensics from large and savvy providers on up through the backbone should already be in place and thus such a repeatedly targeted attack of a small number of sites [since there just aren't many bitcoin related sites in the scheme of things] should result in catching script kiddies and even more sophisticated attackers. I would take great satisfaction by seeing this person or people or groups caught and exposed.

Anyway, good luck Smiley

If you have found my post helpful, please donate what you feel it is worth: 18vaZ4K62WiL6W2Qoj9AE1cerfCHRaUW4x
Gradius
Newbie
*
Offline Offline

Activity: 52
Merit: 0


View Profile
May 29, 2011, 11:41:30 PM
 #1926

There do seem to be some regular periods when I look at my stats page and see several instances of "rewards = none." I very highly doubt its a connection problem as internet connectivity is 100% working during these periods.
jasonk
Full Member
***
Offline Offline

Activity: 168
Merit: 100


View Profile
May 29, 2011, 11:48:51 PM
 #1927

I agree with Tycho.  I've never experienced downtime that I noticed and have been mining for at least 3 weeks.  So I hardly think your "daily" assessment is correct.

I've seen at least 10 down times in the last 3 weeks.  Most were minor lasting only a matter of seconds ore minutes.  There have been a couple times with 20-30 minutes of down time.  This has been the longest so far, and thats why I moved.  Once deepbit is backup, I'll use it as my "backup" pool if my other primary no fee pool fails.
phro
Newbie
*
Offline Offline

Activity: 11
Merit: 0


View Profile
May 29, 2011, 11:52:01 PM
 #1928

@Veldy, tracing a ddos attack is notoriously difficult.  It's easy enough to identify the machines that are part of the botnet flooding you but to determine who's pulling the strings is pretty difficult.
cablepair
Hero Member
*****
Offline Offline

Activity: 896
Merit: 1000


Buy this account on March-2019. New Owner here!!


View Profile WWW
May 29, 2011, 11:54:21 PM
 #1929

most denial of service attacks come from hacked linux boxes in multiple countries. It is doubtful these attacks are coming from any kind of dsl or cable connection
these are rooted servers sitting on t1s or t3s, a lot of them small companies or universities. If the hacker is worth anything they of course have hacked log files and are probably connecting through multiple proxy servers anyway.

to make a long story short if you could catch them would it would be difficult to do you can try and prosecute them based on some arbitrary number of supposed lost revenue due to the outage, but this would take the cooperation of multiple law enforcement agencys and is not likely to happen or get anywhere

solution: increase / secure firewall at uplink, and (dont quote me on this because I know very little about bitcoind) but there may be something that can be patched that could protect it from bogus packets on port 8332

I think its very likely that some very well equipped hacked got sick of seeing bitcoin mining become a monopoly and did something about it.

no offense to tycho, slush or their respective pools but one good thing about this is it will create more diversity, lower the difficulty (maybe) and get the little guys a chance to catch up.
Syke
Legendary
*
Online Online

Activity: 3654
Merit: 1076


View Profile
May 30, 2011, 12:00:54 AM
 #1930

most denial of service attacks come from hacked linux boxes in multiple countries.

You misspelled that. The correct spelling is W-I-N-D-O-W-S boxes.

Buy & Hold
TehZomB
Sr. Member
****
Offline Offline

Activity: 294
Merit: 250



View Profile
May 30, 2011, 12:16:32 AM
 #1931

The demographic of the hacked/infected boxes varies from attack to attack, but when *nix boxes are involved, in my experience it was a security flaw in the program or OS that was patched a /long time ago/. Windows boxes are much more easy to infect if the user is naive and does not take preemptive measures against attacks.

Boxes that are used in attacks don't have to be on T1/T3 connections, a botnet of thousands of dial-up computers will do just fine.

In short? Good luck finding the person "in charge", all you can really do is defend.
[Tycho]
Hero Member
*****
Offline Offline

Activity: 742
Merit: 500



View Profile WWW
May 30, 2011, 12:19:17 AM
 #1932

There do seem to be some regular periods when I look at my stats page and see several instances of "rewards = none." I very highly doubt its a connection problem as internet connectivity is 100% working during these periods.
Your mining speed may be too low to submit a share for each block, especially the short ones.

Welcome to my bitcoin mining pool: https://deepbit.net - Both payment schemes (including PPS), instant payout, no invalid blocks !
ICBIT Trading platform : USD/BTC futures trading, Bitcoin difficulty futures (NEW!). Third year in bitcoin business.
ancow
Full Member
***
Offline Offline

Activity: 373
Merit: 100


View Profile WWW
May 30, 2011, 12:23:41 AM
 #1933

most denial of service attacks come from hacked linux boxes in multiple countries. It is doubtful these attacks are coming from any kind of dsl or cable connection
these are rooted servers sitting on t1s or t3s, a lot of them small companies or universities. If the hacker is worth anything they of course have hacked log files and are probably connecting through multiple proxy servers anyway.
That's nonsense, you can't do a proper DDOS with just a couple of hacked servers. Those are way too easily handled by blocking a few IP address ranges.
You need a highly distributed network of attackers, which can pretty much only be done using (windows) botnets (or a large community like that Anonymous group thingie).

BTC: 1GAHTMdBN4Yw3PU66sAmUBKSXy2qaq2SF4
mjsbuddha
Sr. Member
****
Offline Offline

Activity: 336
Merit: 250


yung lean


View Profile
May 30, 2011, 12:37:23 AM
 #1934

tycho, just perma-block any ip's coming from russia or china and be done with it. that will stop a DDOS.
[Tycho]
Hero Member
*****
Offline Offline

Activity: 742
Merit: 500



View Profile WWW
May 30, 2011, 12:40:48 AM
 #1935

tycho, just perma-block any ip's coming from russia or china and be done with it. that will stop a DDOS.
Many of my users are from Russia. And no, that won't stop a DDoS - it's distributed.
There are better ways of protection against DDoS, but it takes some time to set up initially. I'm doing this now.

Welcome to my bitcoin mining pool: https://deepbit.net - Both payment schemes (including PPS), instant payout, no invalid blocks !
ICBIT Trading platform : USD/BTC futures trading, Bitcoin difficulty futures (NEW!). Third year in bitcoin business.
DiabloD3
Legendary
*
Offline Offline

Activity: 1162
Merit: 1000


DiabloMiner author


View Profile WWW
May 30, 2011, 12:48:49 AM
 #1936

tycho, just perma-block any ip's coming from russia or china and be done with it. that will stop a DDOS.
Many of my users are from Russia. And no, that won't stop a DDoS - it's distributed.
There are better ways of protection against DDoS, but it takes some time to set up initially. I'm doing this now.

Or just move to Rapidxen.

cablepair
Hero Member
*****
Offline Offline

Activity: 896
Merit: 1000


Buy this account on March-2019. New Owner here!!


View Profile WWW
May 30, 2011, 12:51:42 AM
 #1937

don't get me wrong I am a huge linux fan, I am running ubuntu right now

but the fact of the matter is like someone else already pointed out - there are *nix boxes all over the place that have some god forsaken version of irix or red hat linux 6.2
or some other dumb stuff that is just ripe for the picking

windows has infinite security holes without a doubt but the fact is there are a lot more *nix boxes out there packing bandwidth than windows

I am a network administrator of 20+ years and I have also been retired from hacking for about that long, so your probably right about the botnets
back in my day they did not have d.o.s. bot nets or even any effective way to d.o.s. from windows at all
I actually coded in c a nice little proggie in about 1995 that was a modification of smurf.c if anyone remembers that? (or am I too old?)
hehehe

ping floods do not do anything with these modern firewalls we have these days

but unfortunately even modern networks are vulnerable to tcp/udp flooding of certain types if originated from an efficient and wideband source.

anyways good luck to you tycho this kind of attack is coming from some big guns
ancow
Full Member
***
Offline Offline

Activity: 373
Merit: 100


View Profile WWW
May 30, 2011, 01:11:57 AM
 #1938

but the fact of the matter is like someone else already pointed out - there are *nix boxes all over the place that have some god forsaken version of irix or red hat linux 6.2
or some other dumb stuff that is just ripe for the picking
I don't have anything resembling your experience, and have seen some rather strange things - I don't doubt these exist, in fact I know they do. It just wouldn't be enough to selectively knock out deepbit as there are two servers on either side of the pond and, judging by the response times I get even with the huge amount of users deepbit has, they must both have respectable bandwidth resources themselves. IOW, you aren't just going to knock them off using TCP/UDP floods without causing serious problems for a whole lot of businesses, and that wouldn't be smart as there'd be a bigger outcry and the attacker would likely be found out.

windows has infinite security holes without a doubt but the fact is there are a lot more *nix boxes out there packing bandwidth than windows
Here's the point: a lot of bandwidth wouldn't do squat against a biggish target like deepbit. All you'd have to do to avoid the more pointed attacks is block some addresses and all the serious flooding attacks would draw too much attention.
You need something distributed that doesn't so much draw bandwidth as cause the server(s) to overload, and that is why you need the botnet. That way, Tycho can't distinguish the attack from friendly traffic before it gets processed by the server.

Frankly, I'm not even so worried about the DDOS itself as much as I worry that it might be the cover for a cracker who's trying to infiltrate the system. There's a lot of money in deepbit, so it's pretty attractive. Let's hope Tycho's countermeasures are successful...

BTC: 1GAHTMdBN4Yw3PU66sAmUBKSXy2qaq2SF4
V2-V3
Full Member
***
Offline Offline

Activity: 227
Merit: 100



View Profile
May 30, 2011, 01:12:29 AM
 #1939

Tired of waiting Just joined BitClockers.com more secure pool.
[Tycho]
Hero Member
*****
Offline Offline

Activity: 742
Merit: 500



View Profile WWW
May 30, 2011, 01:16:08 AM
 #1940

Tired of waiting Just joined BitClockers.com more secure pool.
How do you know if it's more secure or not ?
Just asking, no offence.

Welcome to my bitcoin mining pool: https://deepbit.net - Both payment schemes (including PPS), instant payout, no invalid blocks !
ICBIT Trading platform : USD/BTC futures trading, Bitcoin difficulty futures (NEW!). Third year in bitcoin business.
Pages: « 1 ... 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 [97] 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 ... 326 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!