Bitcoin Forum>Other>Meta
Pages:
Author

Topic: Another DDOS ? (Read 4289 times)

deisik
legendary
Activity: 3430
Merit: 1280
English ⬄ Russian Translation Services
Another DDOS ?
November 01, 2016, 01:33:18 PM
#80
Quote from: Wendigo on November 01, 2016, 01:28:14 PM
The downtime of the forum eerily coincided with Halloween  Shocked How spooky is this? And was it just a coincidence or something from another world messed with us we will never know.....

The truth is out there, guys, the truth is out there...

So what are you doing here?

Quote from: BitcoinSupremo on October 31, 2016, 03:54:38 PM
Quote from: rikudou on October 31, 2016, 03:33:06 PM
For half a day, do not provide access to the Forum.  Angry

What is important is that theymos did a great job in bringing the site up after the DDOS. Unfortunately hackers hate this site and DDOS flood is been common in this year 2016 which I have been part of this forum. I remember since January, February, April , May and now we had a few of these but theymos managed to always be on top. It's a great feeling when we know we have a really great admin.

Why would the hackers want to hate this forum specifically, apart from their usual hatred ("haters gonna hate")? Or, just like with anything else, there are good hackers and there are evil hackers? And since there are anti-establishment hackers (i.e. pro-Bitcoin hackers), there should also be pro-establishment hackers (i.e. anti-Bitcoin hackers)...

Not speaking of the hackers who are there just for money
Wendigo
legendary
Activity: 2604
Merit: 1036
Re: Another DDOS ?
November 01, 2016, 01:28:14 PM
#79
The downtime of the forum eerily coincided with Halloween  Shocked How spooky is this? And was it just a coincidence or something from another world messed with us we will never know.....

The truth is out there, guys, the truth is out there.....

In the meantime hold onto your dear coins because the frickin' rocket is heading for the Moon  Grin

deisik
legendary
Activity: 3430
Merit: 1280
English ⬄ Russian Translation Services
Re: Another DDOS ?
November 01, 2016, 01:04:49 PM
#78
Quote from: Joel_Jantsen on October 29, 2016, 02:42:38 PM
I wasn't able to login for almost 30 minutes.First connection timed out error,later SMF unable to connect to the database followed by forum's please post about it in meta message.If it was ddos,was the ransom asked ?

And it coincidentally happened just when the Bitcoin price has started nearing its pre-halving highs (~$800). If this is not a coincidence (I'm curious if anyone believes it is), who might be behind these attacks? Such attacks should require a lot of resources which would obviously cost something (and not small, I guess). What might other purposes of taking down a Bitcoin forum be if not to somehow discredit (if only temporarily) Bitcoin itself?

Is fecit cui prodest
LLec
hero member
Activity: 798
Merit: 501
Re: Another DDOS ?
November 01, 2016, 12:20:36 PM
#77
I noticed it is loading fast now when just 12 hours ago could not load up the page for the life of me.
It seems that it just took time of the configurations done and the adjustments to work it's way down the line.
pereira4
legendary
Activity: 1610
Merit: 1183
Re: Another DDOS ?
November 01, 2016, 07:49:33 AM
#76
Quote from: theymos on October 31, 2016, 12:57:03 PM
I have some ideas for how to mitigate the DDoS, but I might not finish it today.

As someone mentioned earlier, I don't want to use Cloudflare because Cloudflare can see/modify all encrypted traffic, they are a massive central point of failure on the Internet, IMO they probably assist and are supported by the NSA, they only protect against fairly small-scale attacks, and they really make life difficult for Tor users.

The UDP flood is causing high packet loss. What this will look like when browsing the forum is:
 - When you first connect to the forum after not browsing any pages for a while, it might be especially slow, and it might time out. After it completely fails / times out, just keep trying. It will eventually work.
 - After you first connect, browsing should be much smoother because at this point you'll already have a TCP connection open, though it might be a bit slow, and occasionally a page might time out.
 - If the page times out while posting, press the refresh button in your browser and accept any warning it gives you. Keep trying until it goes through.

I guess that's why browsing with Tor was an horrible experience yesterday, since Tor constantly changes IP and doesn't save any data of the websites it was like starting from scratch all the time.

Im using Tor right now and I can confirm that the forum is smooth again, let's hope it lasts.
eaLiTy
hero member
Activity: 2814
Merit: 911
Have Fun )@@( Stay Safe
Re: Another DDOS ?
October 31, 2016, 10:42:51 PM
#75
Quote from: theymos on October 31, 2016, 09:02:29 PM
The most recent 504s were due to an accidental misconfiguration I made. I'm tentatively hoping that my countermeasures were in fact successful against the DDoS.


its working fine now and hope there wont be any issues was getting the 504 error for quite some time and since you said to refresh ,i was doing that for some time until i got pissed  Grin

Quote
@theymos: press the refresh button in your browser and accept any warning it gives you. Keep trying until it goes through.
veleten
legendary
Activity: 2016
Merit: 1106
Re: Another DDOS ?
October 31, 2016, 10:27:15 PM
#74
it is much better for me today,usually at this time of day I struggle to open more than 10 pages of bitcointalk without getting an error
and I don't use VPN and on a quality 100 mb line
Gleb Gamow
vip
Activity: 1428
Merit: 1145
Re: Another DDOS ?
October 31, 2016, 09:44:59 PM
#73
Quote from: theymos on October 31, 2016, 09:02:29 PM
The most recent 504s were due to an accidental misconfiguration I made. I'm tentatively hoping that my countermeasures were in fact successful against the DDoS.



Great! That's a relief knowing it's just a misconfiguration for my 504s no longer fitting oppose to thinking that I gained excess weight while eating Spoetnik's munchies while awaiting BCT to come back online. That said, I nominate theymos for ... for ... for ... let me get back to you on that.  Tongue
theymos
administrator
Activity: 5166
Merit: 12850
Re: Another DDOS ?
October 31, 2016, 09:02:29 PM
#72
The most recent 504s were due to an accidental misconfiguration I made. I'm tentatively hoping that my countermeasures were in fact successful against the DDoS.
LTU_btc
legendary
Activity: 3038
Merit: 1330
Slava Ukraini!
Re: Another DDOS ?
October 31, 2016, 07:33:45 PM
#71
It's still almost impossible to use forum. It's only possible to load forum in very short intervals. After few minutes it goes down again. To made this post I had to make many attempts. But we can see one positive thing: these days less spam was mad by signature campaign spammers Cheesy (sarcasm)
LFC_Bitcoin
legendary
Activity: 3528
Merit: 9525
#1 VIP Crypto Casino
Re: Another DDOS ?
October 31, 2016, 06:20:17 PM
#70
Shame that this continues to happen but there will slways be people or organisations trying to fuck up others lives & happiness. Tech gifted people will always find a way to do it online.

I hope the worst of it is finally over for this attack any way. 
RHavar
legendary
Activity: 2557
Merit: 1886
Re: Another DDOS ?
October 31, 2016, 06:05:16 PM
#69
Quote from: theymos on October 31, 2016, 12:57:03 PM
As someone mentioned earlier, I don't want to use Cloudflare because Cloudflare can see/modify all encrypted traffic, they are a massive central point of failure on the Internet, IMO they probably assist and are supported by the NSA, they only protect against fairly small-scale attacks, and they really make life difficult for Tor users.

I share your concerns about them being a centralized man-in-the-middle, however I don't think the other stuff is too accurate.

I'm not aware of any attack that has ever been too big for cloudflare, or customer they've dropped because of large attacks. I know they've certainly stood in front of my site for some attacks that other providers couldn't close to handle.

Also they've done a *lot* of work on the tor problem, and even allow you to special access rules for tor users if you want them (and the deluge of abuse that comes with it). It's honestly not cloudflare's fault that the vast majority of tor traffic is malicious (they blogged that it's 94%), they simply wouldn't be doing their jobs if they gave it a free pass because it was tor. And they're doing some pretty cool stuff like working on blinded captcha tokens so tor users won't need to re-enter the captcha at each site, while preserving privacy etc.


(FWIW, I'm no cloudflare shill and think it's great that bitcointalk doesn't use them. I really worry about them being the biggest intelligence honeypot in existence, with all this encrypted traffic neatly decrypted for them. But you have to give them credit, they're a damn good service)
Magisterek
hero member
Activity: 518
Merit: 501
Re: Another DDOS ?
October 31, 2016, 05:24:04 PM
#68
Uff, i have problem with connection not only one time... maybe its ending now.

At nigh (utc+01.00 warsaw time)
zuggu-1
hero member
Activity: 742
Merit: 501
Re: Another DDOS ?
October 31, 2016, 04:44:52 PM
#67
Forum seems to be working normally now, thanks!  Cheesy
mrcash02
hero member
Activity: 1190
Merit: 525
CryptoTalk.Org - Get Paid for every Post!
Re: Another DDOS ?
October 31, 2016, 04:34:07 PM
#66
Forum is working fine now, no lag and no error messages.

But now I can't access Yobit. Same kind of problem. It's happening with many sites I believe. I can't open Yobit exchange and the icon is gray.  Sad
What do sites can do to stop this issue?
Spoetnik
legendary
Activity: 1540
Merit: 1011
FUD Philanthropist™
Re: Another DDOS ?
October 31, 2016, 04:15:01 PM
#65
Quote from: superiorus on October 31, 2016, 02:21:27 PM

Quote
As someone mentioned earlier, I don't want to use Cloudflare because Cloudflare can see/modify all encrypted traffic, they are a massive central point of failure on the Internet, IMO they probably assist and are supported by the NSA, they only protect against fairly small-scale attacks, and they really make life difficult for Tor users.

I don't like Cloudflare too (too expensive and they can't manage/deny those attacks.
But there are other good alternatives:   Incapsula (a good one), Keycdn, Maxcdn, etc.

Incapsula ? I recall clearly Cryptsy getting DDOS'd with them.

And i agree with the Cloudflare reasoning from theymos.
Yesterday i was glad to see some kind of message on Twitter too.
Scaccomatt0
legendary
Activity: 1120
Merit: 1000
https://cryptoworld.io
Re: Another DDOS ?
October 31, 2016, 04:09:57 PM
#64
thanks theymos  for the update and the great works for mitigating the DDoS
BitcoinSupremo
copper member
Activity: 1442
Merit: 529
Re: Another DDOS ?
October 31, 2016, 03:54:38 PM
#63
Quote from: rikudou on October 31, 2016, 03:33:06 PM
For half a day, do not provide access to the Forum.  Angry

What is important is that theymos did a great job in bringing the site up after the DDOS. Unfortunately hackers hate this site and DDOS flood is been common in this year 2016 which I have been part of this forum. I remember since January, February, April , May and now we had a few of these but theymos managed to always be on top. It's a great feeling when we know we have a really great admin.
rikudou
hero member
Activity: 714
Merit: 500
Alenktrik Teknikeri
Re: Another DDOS ?
October 31, 2016, 03:33:06 PM
#62
For half a day, do not provide access to the Forum.  Angry
BitMaxz
legendary
Activity: 3248
Merit: 2971
Block halving is coming.
Re: Another DDOS ?
October 31, 2016, 03:32:45 PM
#61
Quote from: theymos on October 31, 2016, 12:57:03 PM
I have some ideas for how to mitigate the DDoS, but I might not finish it today.

As someone mentioned earlier, I don't want to use Cloudflare because Cloudflare can see/modify all encrypted traffic, they are a massive central point of failure on the Internet, IMO they probably assist and are supported by the NSA, they only protect against fairly small-scale attacks, and they really make life difficult for Tor users.

The UDP flood is causing high packet loss. What this will look like when browsing the forum is:
 - When you first connect to the forum after not browsing any pages for a while, it might be especially slow, and it might time out. After it completely fails / times out, just keep trying. It will eventually work.
 - After you first connect, browsing should be much smoother because at this point you'll already have a TCP connection open, though it might be a bit slow, and occasionally a page might time out.
 - If the page times out while posting, press the refresh button in your browser and accept any warning it gives you. Keep trying until it goes through.
This method is not working to me when i was log in few hours ago.. but right now its working again.
I hope that theymos can solve this issue..

Quote from: theymos on October 31, 2016, 03:26:49 PM
I changed something which may block the UDP flood. We'll see.

Email is probably broken again for most people. Note that the email is being sent, but your email provider is blocking it -- whenever I change IP addresses, I have to take a bunch of steps to make the IP look more "clean" for email purposes. I will fix this in a few days.
I think keep this settings for now so that we can stay long in this forum.. and fix the other problem in another day..
Pages:
Bitcoin Forum>Other>Meta
Jump to: