[4+ EH] Slush Pool (slushpool.com); Overt AsicBoost; World First Mining Pool - page 840.

digital

hero member

Activity: 490

Merit: 500

Quote from: Turok on April 17, 2013, 10:07:30 AM

appears to be down again. Another DDoS?

~~Likely the same one.~~ -Edit after slush's response.

DDoS aren't a static thing. It's a flood of traffic to a specific IP or server in order to overload the target so it's inaccessible to other users. By it's very nature the site will go up and down as the DDoS traffic fluctuates.

DDoS attacks can last for days.

slush

legendary

Activity: 1386

Merit: 1097

Guys at OVH datacentre failed. They're even bigger idiots than Linode admins.

I'm migrating stratum backends to another datacentre. Please be patient, I'm working on it hard.

Turok

newbie

Activity: 38

Merit: 0

appears to be down again. Another DDoS?

solitude

hero member

Activity: 674

Merit: 500

Down at 11:00 AM Eastern

salty

full member

Activity: 562

Merit: 100

Quote from: bitpop on April 17, 2013, 08:41:59 AM

i dont blame the bot commanders. i blame the idiots that let their computers turn into virus laden festering bots.

What, like your grandma? (not a personal attack, but you get the idea)

It's not their fault they go into some big store and are sold a pup that runs windows in admin mode with Java, flash enabled, by some grinning salesperson that assures them their 'Norton' will keep them safe. My opinion is that the people who make the computer distros, and the people who sell them, should be providing more secure devices. But where's the incentive? That's where the blame and pressure should be going. Things have been getting better on this front and I suspect once all the windows XP and Vista computers have been retired this problem will seriously diminish.

Your argument suggests that if you don't have a CS degree you shouldn't be using a computer though.

Camello_AR

newbie

Activity: 43

Merit: 0

Is up a little time and down again.

Someone has anything personal with slush as I see

klotzenhotz

sr. member

Activity: 252

Merit: 250

Hi, are there problems again? Can't connect again for about 2 hours.

ewitte

member

Activity: 98

Merit: 10

Irritating have 1771 shares off the current round but since I can't get reconnected going to get barely any BTC

thehairymob

full member

Activity: 152

Merit: 102

Still down?

jerethdaminer

member

Activity: 84

Merit: 10

seem to be getting loads more stales atm ideas

scouzi

newbie

Activity: 45

Merit: 0

Quote from: Xenotron on April 17, 2013, 08:56:20 AM

I start to think that probably it's not a bad idea to have decentralized pool.

Seems that slush miners have gravitated towards 50BTC - not BTC Guild. Amazing that there is a collective ecosystem balancing at work.

http://blockchain.info/pools

centove

full member

Activity: 194

Merit: 100

Quote from: Xenotron on April 17, 2013, 08:56:20 AM

I start to think that probably it's not a bad idea to have decentralized pool.

Here ya go.

https://bitcointalksearch.org/topic/1500-th-p2pool-decentralized-dos-resistant-hop-proof-pool-18313

centove

full member

Activity: 194

Merit: 100

Quote from: warlordluke on April 17, 2013, 08:40:45 AM

If you have the IP what about doing a tracert to see where exactly it comes from? Though I'm guessing that may also give you roughly the same information as doing the whois and reverse lookups.

Not really it will give you the path and some hints on who owns it, whois will tell you who the space was assigned to by the registrar, so that's who is ultimately responsible for the ip in question. Whois also lists contact information to get in touch with someone (hopefully).

So for instance, lets talk bitcointalk.org.. -- 109.201.133.65

traceroute tells us thus:
18 30-239-159-85.rtr1.b06-s02-az16.gsa.nl.nforce.com (85.159.239.30) 106.420 ms 109.760 ms 109.593 ms
19 5-239-159-85.rtr1.dbn.nl.nforce.com (85.159.239.5) 120.049 ms 118.963 ms 119.622 ms
20 * * *
(probably filtered at this point)

whois however tells us this:
netname: NFORCE_ENTERTAINMENT
descr: Serverhosting
admin-c: NFAR
(...)
person: NFOrce Entertainment BV - Administrative role account
address: Gewenten 8
address: 4704RD
address: Roosendaal
address: The Netherlands
phone: +31 (0)206919299
fax-no: +31 (0)206919409
abuse-mailbox: [email protected]
nic-hdl: NFAR
mnt-by: MNT-NFORCE
source: RIPE # Filtered
(...)

Xenotron

newbie

Activity: 31

Merit: 0

I start to think that probably it's not a bad idea to have decentralized pool.

BitcoinOxygen

sr. member

Activity: 336

Merit: 250

Quote from: RoboCoder on April 17, 2013, 08:53:38 AM

I will be willing to bet that the DDOS attack(s) are for one of the following reasons:

. Manipulate BTC price
. Manipulate Difficulty
. Destabilize BTC and crypto-currency in general.

Slush, we are all here for you man!

Is there anything I (we) can do, if so let us know. Would server resources help you in any way? Or financial?

Please PM me if there is anything I can do to assist.

RoboCoder

+1

RoboCoder

sr. member

Activity: 388

Merit: 250

Save A Life, Adopt a Pet Today!

I will be willing to bet that the DDOS attack(s) are for one of the following reasons:

. Manipulate BTC price
. Manipulate Difficulty
. Destabilize BTC and crypto-currency in general.

Slush, we are all here for you man!

Is there anything I (we) can do, if so let us know. Would server resources help you in any way? Or financial?

Please PM me if there is anything I can do to assist.

RoboCoder

centove

full member

Activity: 194

Merit: 100

Not specifically about slushs pool...

http://arstechnica.com/security/2013/04/fueled-by-super-botnets-ddos-attacks-grow-meaner-and-ever-more-powerful/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+arstechnica%2Findex+%28Ars+Technica+-+All+content%29

bitpop

legendary

Activity: 2912

Merit: 1060

i dont blame the bot commanders. i blame the idiots that let their computers turn into virus laden festering bots.

warlordluke

newbie

Activity: 44

Merit: 0

Quote from: centove on April 17, 2013, 08:22:44 AM

Quote from: VishwaJay on April 17, 2013, 08:10:31 AM

Quote from: centove on April 17, 2013, 08:08:11 AM

Good luck with that, taking out the 'drones' is like trying to hold the tide back. For every drone you stop, two or more replace it. To really stop this you need to locate the 'command' nodes and shut those down.

Only if you go 1:1 with it... when you tell them a DDoS is happening, the word tends to spread and they begin looking for servers. If everyone does exactly nothing about it, then nothing gets done.

The providers response tends to be hmmm.. I have a hundred thousand ip's smacking one IP here... Impacting my other business.. what to do.... Hmmm one vs thousands... Okay lets blackhole one upstream.. Other clients happy, one client unhappy.

Then there is the fact of where 99% of the traffic is coming from.
You start doing whois's and reverse lookups on things and get responses like this:
netname: CHINANET-HB
descr: CHINANET Hubei province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088

netname: SPECTRA
descr: Spectra ISP Networks Private Limited
descr: 42, Okhla Industrial Estate
descr: Phase III

.in-addr.arpa. not found: 3(NXDOMAIN)

and so on...

and IF you happen to get a response on that, it will generally be a end user (cable modem or some such)

In short there isn't much that _can_ be done about it. The numbers favor the attacker.

If you have the IP what about doing a tracert to see where exactly it comes from? Though I'm guessing that may also give you roughly the same information as doing the whois and reverse lookups.

jagallout

newbie

Activity: 29

Merit: 0

In case a simple restart on your mining proxy doesn't "just work". As slush stated above you may need to flush dns:

windows:
Run--> CMD --> ipconfig /flushdns

Mac Osx:
-->Searchlight --> Terminal --> dscacheutil -flushcache

Linux:
/etc/rc.d/init.d/nscd restart

Topic: [4+ EH] Slush Pool (slushpool.com); Overt AsicBoost; World First Mining Pool - page 840. (Read 4382675 times)