Topic: [4+ EH] Slush Pool (slushpool.com); Overt AsicBoost; World First Mining Pool - page 953. (Read 4382653 times)

Slush... I have an idea...

Soooo...

Basically, you have a problem with public addresses for your pool.

If only you could ensure that no one knew how to find your pool unless they had trust... you could just use a static IP and have people mine there.

Here is one REALLY good litmus to determine whether or not a user should have trust... hashing.

If you pull from your DB of users, those who have hashed over a certain amount in the last couple weeks for instance... you could tell with a degree of certainty that these are all trusted people.

So... then you email all those users (I would be one of these people)...

Just email a private ip for the server to those users... or perhaps a domain name whatever... just something you don't post on here.

Sure, you'll lose a lot of hashing power, but it would let you continue to operate.  I liked mining with your pool, I was doing quite well.

That way maybe you can operate in the short term as a private pool using trusted participants.

The reason I do not suggest that you allow ALL miners that have been working to get the address is that quite likely, your attackers have been mining the pools somewhat to ensure they were functionally down.

+1

I keep tabs on this thread to see when your back up and running.

All others namecoins also not received?

sadpanda: This two-line solution was meant as a reaction to eleuth saying that fast reconnecting miners can DoS the pool.
I'm afraid that dealing with zombiemining is way harder ...

Another partial solution to DDoS screening would be pretty much what you suggest - TCP Syncookie like system - which i'm afraid, miners would have to support. This still gets me back to the idea that biggest pool operators should unite (they all seem reasonable guys) and set some kind of standard for miners which they all will enforce. Pretty much the way internet RFCs work - there is no 'legal' enforcing, but if you want to connect to common sites, you have to abide, because that's what most expect ...

For all pool users: This attack is worse than attacks before. Actually it's probably a tenth DDoS to pool in it's almost year history (I didn't counted them carefully and you probably even don't know about small attacks which I was able to handle somehow without public attention).

This attack is worse because Linode LLC, server provider for pool infrastructure, frozen my account for periodical violation of their ToS. I can access pools servers, but I was asked to not start another balancers with public IP because those attacks are harming datacenter infrastructure.

It means that I cannot start pool at this infrastructure and I need to find another provider. Which is pretty hard once I start asking to their anti DDoS policies. Back in July I was in touch with Rackspace, company providing custom solutions for big enterprises and even they told me that they cannot handle such large scale attack for some reasonable price (we're talking about thousands of US dolars monthly just for anti-DDoS protection). Posts of some users above are really naive, there's NO way how to handle those attacks just by banning some subnets.

Fighting attacks become much worse with falling bitcoin price, because even if I have 1/3 of all network hashrate and 2% fee I simply cannot pay for any real solution which really helps to handle attacks. Last week I tried to use services of one DDoS mitigation company (the same as deepbit is using), but they had pretty high ratio of false positives, so although I paid them big money for a single day protection, almost 40% of users were still unable to mine on the pool. So this isn't the way to go.

Since tomorrow I'll try harder to find any server provider which at least don't shut down pool infrastructure on first DDoS attack, but I cannot promise that I'll succeed. There's no point in running a service which is every week for one day offline thanks to attacks.

So far it's 1:0 for attackers. However I don't want to capitulate too easily; I spent insane amount of time and energy in inventing and running my pool and I don't want to simply disappear, because I really believe in long-term Bitcoin success (small note: people, don't get scared with current panic on market, it's just an oposite of July's insane price peak). I "invented" (maybe it's better to say "realized") first really usable and widely used Bitcoin pool ever and now I feel again that I'm on the track of another innovation of Bitcoin mining, which will be DDoS resistant yet easy to use and with steady payouts like normal share based pools.

Technical note: Because the downtime of mining.bitcoin.cz will be probably more significant than anytime before, I'll wait until all mined blocks will be matured and then will send all balances of users to their wallets. Don't worry, I'm not running away with your hardly mined coins!

well, solution to this part is quite easy ... upgrade or get banned ...
I'd even suggest to setup some kind of miner "RFC" saying how many connects per second is still ok. If enough pool admins agree on this and enforce it right away, ppl will force programmers to fix broken miners and users to update.

Infected HARDware? That's just... devious.

using infected hardware

The problem is that the way many miners work is very similar to a DDoS if they're targetting your mining port while the server is unresponsive.  It's amazing how many people still use old miners that will reconnect with almost no delay, making it effectively a mini DDoS client when the pool is being attacked and having stability issues.

   Which means they suck. Because they could certainly filter at the packet level if they offered that type of service.  Sadly, most that offer such custom filtering are often quite expensive.. :/

There is no easy way to decipher what traffic should come through and what shouldn't in that situation.

It's sad you got DDOS'd but, are you keeping the coins of your pool(my coins, his coins, etc) or you will distribute them and close?

Technical note: Because the downtime of mining.bitcoin.cz will be probably more significant than anytime before, I'll wait until all mined blocks will be matured and then will send all balances of users to their wallets. Don't worry, I'm not running away with your hardly mined coins!

Sad to see, hosting at blacklotus could probably have handled the problems