Bitcoin Forum
December 10, 2016, 07:07:43 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 [2] 3 4 5 6 »  All
  Print  
Author Topic: MtGox - too many connections  (Read 12916 times)
coined
Full Member
***
Offline Offline

Activity: 176


View Profile
April 30, 2011, 11:52:48 PM
 #21

did the market just outgrow our little community very very quickly?

a simple DDoS and 95% of bitcoin trades freeze, it is a good way to drive prices down, investors will see our amateur level operations and wait a while  Grin Grin Grin

maybe its the wake up call we need. were not ready for the world to join in yet.
There are several different types of Bitcoin clients. Server-assisted clients like blockchain.info rely on centralized servers to do their network verification for them. Although the server can't steal the client's bitcoins directly, it can easily execute double-spending-style attacks against the client.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
bitcoinex
Sr. Member
****
Offline Offline

Activity: 350


probiwon.com


View Profile WWW
May 01, 2011, 12:06:39 AM
 #22

did the market just outgrow our little community very very quickly?

a simple DDoS and 95% of bitcoin trades freeze, it is a good way to drive prices down, investors will see our amateur level operations and wait a while  Grin Grin Grin

maybe its the wake up call we need. were not ready for the world to join in yet.


99.9% really Smiley

decentralized Bitcoin are highly centralized to mtgox!11

New bitcoin lottery: probiwon.com
- Может, ты ещё и в Невидимую Руку Рынка веруешь? - Зачем же веровать в то, что можно наблюдать непосредственно?
Steve
Hero Member
*****
Offline Offline

Activity: 868



View Profile WWW
May 01, 2011, 12:33:40 AM
 #23

MtGox' version of trading curbs  Grin

(gasteve on IRC) Does your website accept cash? https://bitpay.com
fbit
Newbie
*
Offline Offline

Activity: 4


View Profile
May 01, 2011, 12:36:03 AM
 #24

=( just took an evening off to play around with the API and get a trading bot started. Now I got some basic functionalty done and the page goes down.
eleuthria
Legendary
*
Offline Offline

Activity: 1750


BTC Guild Owner


View Profile WWW
May 01, 2011, 12:42:09 AM
 #25

I was implementing a BitCoin currency on my store using the MtGox API as it went down as well.  Was getting nice results too, was about to work on the final checkout page Sad.  Guess it'll have to wait for a May 1st update.  At least people can still use US$ Smiley.

R.I.P. BTC Guild, 2011 - 2015.
BTC Guild Forum Thread
Ulysses
Jr. Member
*
Offline Offline

Activity: 32


View Profile
May 01, 2011, 12:53:19 AM
 #26

Most likely it's not a dos, mtgox was featured on hacker news frontpage.
The Script
Sr. Member
****
Offline Offline

Activity: 336



View Profile
May 01, 2011, 12:55:42 AM
 #27

I'm sure magical tux is working on it, so this is me subscribing to the thread so I get notified as things progress.
qed
Full Member
***
Offline Offline

Activity: 196


View Profile
May 01, 2011, 01:12:42 AM
 #28

Most likely it's not a dos, mtgox was featured on hacker news frontpage.

Source?

Mobile App (Android)

Monitor miners, exchange rates and Bitcoin network stats.
bitcoinBull
Legendary
*
Offline Offline

Activity: 826


rippleFanatic


View Profile
May 01, 2011, 01:15:39 AM
 #29

MagicalTux is on #bitcoin-otc discussing the DDoS right now:

[21:08] <+MagicalTux> in 0.05 seconds, I'm getting 313 connection attempts
[21:09] <+MagicalTux> that's ~6200 connections/second
[21:10] <+MagicalTux> I'll be storing bits of flood from tcpdump, and blocking those

http://webchat.freenode.net/?channels=#bitcoin-otc

College of Bucking Bulls Knowledge
MagicalTux
VIP
Hero Member
*
Offline Offline

Activity: 617


Working on new MtGox features


View Profile WWW
May 01, 2011, 01:19:06 AM
 #30

Reporting here! What I got so far:

Getting ~6000 SYN/sec (standing at ~1.7MB/s) from various sources, mainly vietnam. Those are attempts to connect on port 443 to "poke" various urls, including / and /users/login.

There are different patterns, suggesting either there are various version of the "drones" out there trying to attack mtgox, or that different people are attacking.

The attacks seems specifically targetted at mtgox (use of the login url, for example), and contain a vast majority of russian bits (use of random russian referers, use of russian user agents, etc).


The strategy:

I'm trying to get some patterns out there I can block out from the server. Traffic load is still lower than server uplink, which should allow to block that without too much troubles. The first thing I'll be doing is to block the ips I've recorded so far, and write a little C program with libpcap to analyze the network traffic and block ips that seem obviously doing something bad. I'll also reduce the max open tcp connections per ip to limit the load caused by a single IP.

bitcoinBull
Legendary
*
Offline Offline

Activity: 826


rippleFanatic


View Profile
May 01, 2011, 01:22:40 AM
 #31

Most likely it's not a dos, mtgox was featured on hacker news frontpage.

Source?


Bitcoin hits US$ 4, after being mentioned on CNN yesterday (mtgox.com)
http://news.ycombinator.com/item?id=2501006

Bitcoin exchange account of Coinpal shut down by Paypal (bitcoin.org)
http://news.ycombinator.com/item?id=2501793

College of Bucking Bulls Knowledge
qed
Full Member
***
Offline Offline

Activity: 196


View Profile
May 01, 2011, 01:33:24 AM
 #32

Most likely it's not a dos, mtgox was featured on hacker news frontpage.

Source?


Bitcoin hits US$ 4, after being mentioned on CNN yesterday (mtgox.com)
http://news.ycombinator.com/item?id=2501006

Bitcoin exchange account of Coinpal shut down by Paypal (bitcoin.org)
http://news.ycombinator.com/item?id=2501793

I miss the connection, how is hacker news related with any hackers crew?

Mobile App (Android)

Monitor miners, exchange rates and Bitcoin network stats.
bitcoinBull
Legendary
*
Offline Offline

Activity: 826


rippleFanatic


View Profile
May 01, 2011, 01:35:31 AM
 #33

Most likely it's not a dos, mtgox was featured on hacker news frontpage.

Source?


Bitcoin hits US$ 4, after being mentioned on CNN yesterday (mtgox.com)
http://news.ycombinator.com/item?id=2501006

Bitcoin exchange account of Coinpal shut down by Paypal (bitcoin.org)
http://news.ycombinator.com/item?id=2501793

I miss the connection, how is hacker news related with any hackers crew?


Its not.  But HN is a high-profile site which can drive large traffic.  However, the HN traffic still would not be enough to cause the MtGox outage.  As MagicalTux explained above, apart from legitimate traffic, they are under a DDoS attack.

College of Bucking Bulls Knowledge
cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
May 01, 2011, 01:42:59 AM
 #34

for us non hackers, is it possible to sustain a DDoS attack indefinitely and if so can mtgox restore functionality?
eof
Full Member
***
Offline Offline

Activity: 156


View Profile
May 01, 2011, 01:47:50 AM
 #35

for us non hackers, is it possible to sustain a DDoS attack indefinitely and if so can mtgox restore functionality?

in theory; but he will likely be able to find patterns in the traffic and/or block the right IPs to restore functionality.  depends on how smart a ddos and how much resources they have
cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
May 01, 2011, 01:50:27 AM
 #36

for us non hackers, is it possible to sustain a DDoS attack indefinitely and if so can mtgox restore functionality?

in theory; but he will likely be able to find patterns in the traffic and/or block the right IPs to restore functionality.  depends on how smart a ddos and how much resources they have

has a gov't ever launched a DDoS?
mewantsbitcoins
Full Member
***
Offline Offline

Activity: 126


View Profile
May 01, 2011, 01:54:12 AM
 #37

MagicalTux, if we mirrored your site, maybe you could do some load balancing?
bitcoinex
Sr. Member
****
Offline Offline

Activity: 350


probiwon.com


View Profile WWW
May 01, 2011, 02:01:58 AM
 #38

The attacks seems specifically targetted at mtgox (use of the login url, for example), and contain a vast majority of russian bits (use of random russian referers, use of russian user agents, etc).

And now I understand you Smiley

New bitcoin lottery: probiwon.com
- Может, ты ещё и в Невидимую Руку Рынка веруешь? - Зачем же веровать в то, что можно наблюдать непосредственно?
qed
Full Member
***
Offline Offline

Activity: 196


View Profile
May 01, 2011, 02:04:41 AM
 #39

for us non hackers, is it possible to sustain a DDoS attack indefinitely and if so can mtgox restore functionality?

Nope.

Mobile App (Android)

Monitor miners, exchange rates and Bitcoin network stats.
bitcoinex
Sr. Member
****
Offline Offline

Activity: 350


probiwon.com


View Profile WWW
May 01, 2011, 02:05:37 AM
 #40

for us non hackers, is it possible to sustain a DDoS attack indefinitely and if so can mtgox restore functionality?

Nope.

An ddos could be a cover for a hack.

New bitcoin lottery: probiwon.com
- Может, ты ещё и в Невидимую Руку Рынка веруешь? - Зачем же веровать в то, что можно наблюдать непосредственно?
Pages: « 1 [2] 3 4 5 6 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!