Pages:
Author

Topic: Electrum servers are currently under a DoS attack (Read 389 times)

legendary
Activity: 916
Merit: 1003
The Electrum server DDoS attack appears to be mitigated for the time being since the IP blacklist was released.
HCP
legendary
Activity: 2086
Merit: 4361
I've personally used that "electrs" server... It seemed to run OK, even tho I was possibly "abusing" it a bit by running it in the Ubuntu "app" on Windows 10!!?! Tongue (the one that uses the "Windows subsystem for Linux").

Obviously, it requires a Bitcoin Core Full Node, but otherwise the requirements are relatively low. After the initial indexing time (took a few hours from memory)... it actually ran pretty well.
legendary
Activity: 3584
Merit: 5243
https://merel.mobi => buy facemasks with BTC/LTC
I had never heared about https://github.com/romanz/electrs, but after looking into it, it seemed like a nice service to setup since it didn't require me to enable txindex and reindex all blocks (i use my node as a lightning backend, so i don't want to stop it for an extended period of time).

I'm currently running electrs and it's building an index, i've setup nginx as reverse proxy and i've setup a manual ip whitelist in nginx so i can block every connection exept the manually whitelisted ones... So if the indexing is finished, and the server starts properly (i can't make any promises), i'll be able to offer a private electrum server in a couple of hours.

Do note the following restrictions apply:
  • The server will only run for as long as there's a need for a private electrum server. As soon as the DDos'ing stops, the server goes down
  • No guarantees for uptime or load whatsoever... I can take the service down at any moment i want without warning
  • No other guarantees either.. Either use my service or don't, but if you do: do not complain!
  • You'll need to trust me... You'll be connecting to my service directly AND you'll need to send me your public ip since i'll have to add it to the whitelist (don't post your ip in this thread... Use privnote or encrypt it using pgp and send it to me using a PM and ONLY after i've announced the server to be up and running)

I realise ip's can be spoofed, but this setup was the easyest one i could come up with...
legendary
Activity: 3472
Merit: 10611
some short time ago someone posted a new project about re-implementation of Electrum servers[1]. the project seems to be active and moderately popular on GitHub[2] so i am wondering whether anybody is actually running a server using that implementation in which case are they also affected by the DoS attack since the vulnerability is only in ElectrumX implementation in python[3]? if so then it can be a very easy solution to the current problem until they merge the PRs in ElectrumX and servers upgrade to new versions you could manually connect to those types of server.

[1] https://bitcointalksearch.org/topic/an-efficient-re-implementation-of-electrum-server-in-rust-4589797
[2] https://github.com/romanz/electrs
[3] https://github.com/kyuupichan/electrumx
HCP
legendary
Activity: 2086
Merit: 4361
No, it's not blocked... and DNS hasn't changed... just different servers are being DoS'd I guess... yesterday hsmiths and xskyx were fine... today, they won't connect. However, hodlister and jochen-hoenicke (which didn't work yesterday), are working OK.

That's the problem with this sort of thing... the goalposts are constantly moving... what works for me right now, probably isn't working for others (or me) in 2 hours Tongue
legendary
Activity: 3374
Merit: 3095
Playbet.io - Crypto Casino and Sportsbook
I previously didn't have any issues... but this morning seems relatively "bad"... Several servers which show up in the list will just result in "not connected" if I attempt to connect to them. I've managed to find one or two that seem to work OK at this time.
I experienced this an hour ago but right now seems working fine to me and I noticed that more server is added to the server list.

Your Electrum might be blocked did you change your DNS recently?
HCP
legendary
Activity: 2086
Merit: 4361
I confirm the same, I did not have any problems with sync - it take 5-10 seconds and I always have it on automatic. Is there any explanation why some users have big problems to connect to server and sync, while others do not have such problems? Except those who use versions older then 3.3.4, all users with latest version should have the same user experience. Is there something else what influence on sync problems, except fact that servers are under DoS attack?
Not necessarily. There are many factors at play other than just Electrum version. Things like:
- Number of transactions/addresses needed to sync
- Network speed/latency
- Local computer speed
- Server load

Even prior to the DoS attack, users who were attempting to sync wallets with thousands of addresses/transactions would also face really long sync times.

I previously didn't have any issues... but this morning seems relatively "bad"... Several servers which show up in the list will just result in "not connected" if I attempt to connect to them. I've managed to find one or two that seem to work OK at this time.
copper member
Activity: 236
Merit: 17
By the way, it does connect (my one is set to auto) and allow to do transaction

It's still not functional for me. It says either stuck at synchronization or shows "Not connected" all the time even after changing servers.

On my laptop it just says "not connected". I can get it to work on my phone (at least my multisig is strong as I can't be bothered trying to test whether it works on my laptop anymore Grin.

I'll load my phone up and send you a pm of the server that works if I can find it. I'll do the same for anyone who has earnt at least 100 merits (just in case).

Edit: my laptop says "not connected" because the server has anti ddos protection and my wifi can't support it (as the routing table is broken, I've finally worked out why it doesn't work)...
giveme 100 merits, so you could tell me that server
copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
By the way, it does connect (my one is set to auto) and allow to do transaction

It's still not functional for me. It says either stuck at synchronization or shows "Not connected" all the time even after changing servers.

On my laptop it just says "not connected". I can get it to work on my phone (at least my multisig is strong as I can't be bothered trying to test whether it works on my laptop anymore Grin.

I'll load my phone up and send you a pm of the server that works if I can find it. I'll do the same for anyone who has earnt at least 100 merits (just in case).

Edit: my laptop says "not connected" because the server has anti ddos protection and my wifi can't support it (as the routing table is broken, I've finally worked out why it doesn't work)...
staff
Activity: 3500
Merit: 6152
By the way, it does connect (my one is set to auto) and allow to do transaction

It's still not functional for me. It says either stuck at synchronization or shows "Not connected" all the time even after changing servers.
copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
I had a complete outage yesterday (I think) it still won't load currency data now.

Electrum servers are currently under a DoS attack. We are working on a more robust version of the electrum server. In the meantime, affected users should disable auto-connect, and select their server manually.

https://twitter.com/ElectrumWallet/status/1114987055736655873

Perhaps they could use something like Andrea's schildbach added to android electrum and get them. To ping compatible core nodes?
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
i honestly have not yet encountered any problems so far with connectivity in the past couple of days since the news about DoS attacks came out. every time i open Electrum (3.3.4) it automatically connects to multiple servers (currently Cool and syncs easily.

I confirm the same, I did not have any problems with sync - it take 5-10 seconds and I always have it on automatic. Is there any explanation why some users have big problems to connect to server and sync, while others do not have such problems? Except those who use versions older then 3.3.4, all users with latest version should have the same user experience. Is there something else what influence on sync problems, except fact that servers are under DoS attack?
legendary
Activity: 3472
Merit: 10611
Non of the servers seem to be working ATM. Seems like the network is dead.

i honestly have not yet encountered any problems so far with connectivity in the past couple of days since the news about DoS attacks came out. every time i open Electrum (3.3.4) it automatically connects to multiple servers (currently Cool and syncs easily.
HCP
legendary
Activity: 2086
Merit: 4361
Seems to be working fine for me ... 2019-04-09 03:22 UTC

Granted, it took a few minutes to finish syncing, but it definitely connected and synced up OK... I just created a new copy of Ledger Hardware wallet (following OS reinstall).
legendary
Activity: 3682
Merit: 1580
Non of the servers seem to be working ATM. Seems like the network is dead.
full member
Activity: 519
Merit: 197
Quote
In the meantime, affected users should disable auto-connect, and select their server manually.
are no problem when generate new wallet offline?, because first time open have choose auto or manually server
legendary
Activity: 3682
Merit: 1580
AWS is premium web hosting. If you want to run electrumx what you need is a bargain basement dedi from ovh, online.net or hetzner. Most public servers run in hetzner's DCs.  If you want to run electrum personal server a 4GB ram VPS from ramnode, vultr or DO will suffice. Make sure to enable pruning in bitcoin core to save space.

However unless you need the special features of electrum there is little point in running a complicated setup like above. Much easier to just switch to bitcoin core.
legendary
Activity: 3374
Merit: 3095
Playbet.io - Crypto Casino and Sportsbook
Vod tried running a full node on an aws instance, I think he said it cost him $200/month.

How do you manage to break a raspberry pi!? I mean I couldn't install bitcoin core on mine but still...
~snip~

Too expensive to run a full node on AWS instance I thought $20 per month is enough or maybe it depends on the machine specs?
What is the minimum required to run a full node?

What I mean about my Raspberry Pi it's totally dead after my son drops it into the water salt then after one day when I opened it all parts are rusty.
copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
My raspberry is currently broken so my plan is to run it in AWS or DO with their free credit.

Vod tried running a full node on an aws instance, I think he said it cost him $200/month.

How do you manage to break a raspberry pi!? I mean I couldn't install bitcoin core on mine but still...

And actually there was a thread where I was asking about making a vps instance from yself to run a full node and it got quite a lot of good suggestions, I think most of those were valued at aroun 10 to 20 euros a month. I didn't go through with the idea because I'll just run my own node when I get roujnd to it, I'm in the process of configuring an old laptop for it.
legendary
Activity: 916
Merit: 1003
Can I downgrade electrum for it to connect. I've completely emptied my wallet so there's no risk of a phishing attack doing anything..

It's good to hear you're trying to find a solution.

Bitmaxz, is cloudflare capable of that? I though since clients connect to electrum in a manner that is similar to a bot then therell be a load of issues... If anyone has a private electrum node set up and fancies giving someone a hand the let me know. (also why don't we just try dosing that bad electrum server)....

All Electrum clients were forced to upgrade recently due to phishing vulnerabilities so downgrading won't help.

I've found that Electrum does connect but you have to be patient and wait a few minutes.  It's annoying because it used to connect instantly but not a show-stopper.

Cloudflare probably won't help in this situation.
Pages:
Jump to: