Well heck, I'm glad I started this thread! Two new open-source pools with front-ends = mission accomplished!
I'd start a pool myself, but I don't have the guts to go up against the DDOSers that seem to run rampant across the pools.
I've been thinking about DDOS attacks myself, Once I get enough BTC I will be able to get a good server and try this idea out I have with firewall permissions. You know deny everyone from the pool accept those that have authenticated their IP address before connecting, That way the server just will not respond to those IP address unauthenticated.I'd start a pool myself, but I don't have the guts to go up against the DDOSers that seem to run rampant across the pools.
This would probubly deffinalty slow down attackers as they'd have to authenticate every single netbot and if they have 1000000 netbots coming from 1 ip address it will shut them out. Simple as that .
This will be in a couple of months from now after my pooling software is perfect but still a dream i have for the future of pooling services
tell me what you guys think in terms of flaws, and maybe how annoying it might be to authenticate your ip address everytime
Even if you reject packets at your router the DDoS still clogs your incoming bandwidth. It's Denial Of Service - an easy way to deny service is to overload your proposed authentication server, just pass tens of thousands of spurious requests from spoofed IPs and it bogs down, denying service to your users who actually CAN authenticate. One of the only ways to mitigate DDoS today is to have the ISP kill the connections from their gateway - and you have to be a decent size to manage that.
I can actually think of a few ways that cost a bit of money per hour to run that could nearly completely remove DDoS attacks from the pools and front ends specifically, but i'll keep those to myself until someone offers a BTC bounty, since i'm technically in the business of selling such novel solutions.
Xenland - you ever need some quick security advice you know where to find me.
--
