Eligius: 0% Fee BTC, 105% PPS NMC, No registration, CPPSRB - page 195.

anth0ny

full member

Activity: 196

Merit: 100

Quote from: Luke-Jr on April 25, 2014, 08:51:45 PM

Quote from: ?? on ??

It is EXTREMELY LIKELY that a pool the person is connected to before it was redirected is the cause.
It is EXTREMELY UNLIKELY that it is a MITM attack unless there is a shoddy network somewhere in the middle.

I can agree with your probabilistic statements here, but in this case, it does indeed seem to be a TCP MITM attack.

Generally when I hear "TCP MITM attack" I think of a TCP connection being intercepted, not a client being tricked into going to the wrong IP address. kano might have been thinking the same thing, maybe?

Luke-Jr

legendary

Activity: 2576

Merit: 1186

Quote from: ?? on ??

It is EXTREMELY LIKELY that a pool the person is connected to before it was redirected is the cause.
It is EXTREMELY UNLIKELY that it is a MITM attack unless there is a shoddy network somewhere in the middle.

I can agree with your probabilistic statements here, but in this case, it does indeed seem to be a TCP MITM attack.

RealMalatesta

legendary

Activity: 2380

Merit: 1150

Quote from: Luke-Jr on April 25, 2014, 08:41:12 PM

Quote from: organofcorti on April 25, 2014, 08:11:25 PM

Quote from: Luke-Jr on April 25, 2014, 03:09:37 PM

Everyone, please check your miner is actually connected to Eligius.
It seems there are some MITM attacks going on to redirect Eligius miners to another pool Sad

Do you know which pool, or at least an IP address? It'd be interesting to try and tie the pool-in-the-middle to a reused generation address.

Redirected clients show "Connected to 46.28.205.80..." in the miner.
This seems to be a scrypt "Worldcoin" mining server, and it seems likely they are just automatically MITM'ing any stratum connections they can inject into, regardless of the destination pool.

Quote from: ?? on ??

I'm just wondering how a MITM attack is possible.

Stratum uses a TCP connection (not UDP), so the source must of course say where it came from.

Thus the only option I can see is that there is a network provider on the network who is hacking packets going through them.
I'd be VERY surprised if that was the case - unless the network provider themselves has been hacked - and that would be major news.

My guess would actually be that the Eligius server itself has been hacked
(or it's connected to a shoddy network)

You seem to have a very naive view of the internet.
TCP may be harder to MITM than UDP, but it's far from difficult.
There have been ongoing attempts to BGP redirect Eligius and other pool IPs (these only successful against scamcoin pools to date, AFAIK) for months now.
A little TCP MITM is nothing in comparison...
Security on the internet at large is almost non-existent.
This is why protocols like SSL/TLS etc exist.

Seems it is not the first time this IP appears:

https://bitcointalk.org/index.php?topic=448649.3480

anth0ny

full member

Activity: 196

Merit: 100

Quote from: ?? on ??

I'm just wondering how a MITM attack is possible.

DNS spoofing?

Quote from: ?? on ??

Stratum uses a TCP connection (not UDP), so the source must of course say where it came from.

UDP also says where it comes from. It's not authenticated though, unless you're using IPsec, which unfortunately virtually no one supports.

TCP is harder to MITM than UDP, though, which is why DNS spoofing is the easier route, if the stratum servers are found through DNS and not by hard-coded IP address.

Luke-Jr

legendary

Activity: 2576

Merit: 1186

Quote from: organofcorti on April 25, 2014, 08:11:25 PM

Quote from: Luke-Jr on April 25, 2014, 03:09:37 PM

Everyone, please check your miner is actually connected to Eligius.
It seems there are some MITM attacks going on to redirect Eligius miners to another pool Sad

Do you know which pool, or at least an IP address? It'd be interesting to try and tie the pool-in-the-middle to a reused generation address.

Redirected clients show "Connected to 46.28.205.80..." in the miner.
This seems to be a scrypt "Worldcoin" mining server, and it seems likely they are just automatically MITM'ing any stratum connections they can inject into, regardless of the destination pool.

Quote from: ?? on ??

I'm just wondering how a MITM attack is possible.

Stratum uses a TCP connection (not UDP), so the source must of course say where it came from.

Thus the only option I can see is that there is a network provider on the network who is hacking packets going through them.
I'd be VERY surprised if that was the case - unless the network provider themselves has been hacked - and that would be major news.

My guess would actually be that the Eligius server itself has been hacked
(or it's connected to a shoddy network)

You seem to have a very naive view of the internet.
TCP may be harder to MITM than UDP, but it's far from difficult.
There have been ongoing attempts to BGP redirect Eligius and other pool IPs (these only successful against scamcoin pools to date, AFAIK) for months now.
A little TCP MITM is nothing in comparison...
Security on the internet at large is almost non-existent.
This is why protocols like SSL/TLS etc exist.

organofcorti

donator

Activity: 2058

Merit: 1007

Poor impulse control.

Quote from: Luke-Jr on April 25, 2014, 03:09:37 PM

Everyone, please check your miner is actually connected to Eligius.
It seems there are some MITM attacks going on to redirect Eligius miners to another pool Sad

Do you know which pool, or at least an IP address? It'd be interesting to try and tie the pool-in-the-middle to a reused generation address.

equipoise

hero member

Activity: 794

Merit: 1000

Monero (XMR) - secure, private, untraceable

Bfgminer can't connect to eligius pool last 30 minutes. I never had this problem with eligius till now. I'll try again tomorrow.

RealMalatesta

legendary

Activity: 2380

Merit: 1150

Quote from: Luke-Jr on April 25, 2014, 05:17:55 PM

Quote from: MrTeal on April 25, 2014, 03:23:49 PM

Quote from: Luke-Jr on April 25, 2014, 03:09:37 PM

Everyone, please check your miner is actually connected to Eligius.
It seems there are some MITM attacks going on to redirect Eligius miners to another pool Sad

That's interesting, I was noticing that one miner I had that pointed to Slush wasn't pointed to the normal bitcoin.cz but instead was connected to an IP address, I believe 48.xxx. The shares were also not getting logged on Slush's website.
Here, I had 3 Antminers that appeared to still be submitting shares to Eligius but the website showed them as down.

Is there an ETA on a fix for this, or do you recommend moving everything to another pool until it can get sorted out?

It's not pool-specific. They're intercepting any stratum connections they can MITM.
Will be patching BFGMiner to reject redirections across domains...

I'm a noob in this forum, but wouldn't it make sense to open an own topic for this issue - just for making sure enough people are aware of this?

Luke-Jr

legendary

Activity: 2576

Merit: 1186

Quote from: MrTeal on April 25, 2014, 03:23:49 PM

Quote from: Luke-Jr on April 25, 2014, 03:09:37 PM

Everyone, please check your miner is actually connected to Eligius.
It seems there are some MITM attacks going on to redirect Eligius miners to another pool Sad

That's interesting, I was noticing that one miner I had that pointed to Slush wasn't pointed to the normal bitcoin.cz but instead was connected to an IP address, I believe 48.xxx. The shares were also not getting logged on Slush's website.
Here, I had 3 Antminers that appeared to still be submitting shares to Eligius but the website showed them as down.

Is there an ETA on a fix for this, or do you recommend moving everything to another pool until it can get sorted out?

It's not pool-specific. They're intercepting any stratum connections they can MITM.
Will be patching BFGMiner to reject redirections across domains...

MrTeal

legendary

Activity: 1274

Merit: 1004

Quote from: Luke-Jr on April 25, 2014, 03:09:37 PM

Everyone, please check your miner is actually connected to Eligius.
It seems there are some MITM attacks going on to redirect Eligius miners to another pool Sad

That's interesting, I was noticing that one miner I had that pointed to Slush wasn't pointed to the normal bitcoin.cz but instead was connected to an IP address, I believe 48.xxx. The shares were also not getting logged on Slush's website.
Here, I had 3 Antminers that appeared to still be submitting shares to Eligius but the website showed them as down.

Is there an ETA on a fix for this, or do you recommend moving everything to another pool until it can get sorted out?

Luke-Jr

legendary

Activity: 2576

Merit: 1186

Everyone, please check your miner is actually connected to Eligius.
It seems there are some MITM attacks going on to redirect Eligius miners to another pool Sad

movellan

full member

Activity: 368

Merit: 100

Quote from: baddw on April 24, 2014, 11:38:54 PM

Quote from: anth0ny on April 24, 2014, 05:44:14 PM

I don't know. What are the ideals of Luke and "wizkid057"? I'm not even sure who the latter is, and I don't think either of them want this to be about their personal beliefs.

I think that you can tell a lot about their ideals just from the way the pool is set up. For one, I think they believe in radical transparency (publishing the payment queue, all contributor info + hashrates, etc. on the site, no login required); 2nd, they place a high priority on fairness (CPPSRB is the fairest system around IMO -- not sure if fair is the exact right word, but it pretty much gets at what I mean here); 3rd, they value simplicity (lack of login/username system is best example; to start mining, simply provide your BTC address. Can't get much simpler than that.).

All of which are great traits for pool operators IMO.

Definitely a "Hats Off" to LukeJr and Wizkid for their excellent administration of the best pool around. Not to forget the anonymity being identified only by BTC address affords.

baddw

hero member

Activity: 700

Merit: 500

Quote from: anth0ny on April 24, 2014, 05:44:14 PM

I don't know. What are the ideals of Luke and "wizkid057"? I'm not even sure who the latter is, and I don't think either of them want this to be about their personal beliefs.

I think that you can tell a lot about their ideals just from the way the pool is set up. For one, I think they believe in radical transparency (publishing the payment queue, all contributor info + hashrates, etc. on the site, no login required); 2nd, they place a high priority on fairness (CPPSRB is the fairest system around IMO -- not sure if fair is the exact right word, but it pretty much gets at what I mean here); 3rd, they value simplicity (lack of login/username system is best example; to start mining, simply provide your BTC address. Can't get much simpler than that.).

All of which are great traits for pool operators IMO.

anth0ny

full member

Activity: 196

Merit: 100

Quote from: inzli on April 24, 2014, 05:26:30 PM

Quote from: anth0ny on April 24, 2014, 04:49:03 PM

Quote from: ronin4bits on April 24, 2014, 02:45:23 PM

I HATE the idea of a forced fee, and if one is instituted, I will reduce my donation correspondingly; however, I only say that knowing that other people are freeloading. I am running 180GHs - I've been on this pool for over a year now, and I've given the entire time, even when my sweaty little GPUs were struggling to break 1MHs before the ocean of asics hit.

I feel pretty much the opposite. If you want (or need) to be paid, charge a fee. If you don't, then you don't need my donation.

At least that's how I feel about services such as this, where it's really simple to charge a fee to the people who benefit from the services. It's not like Eligius provides a service where freeriding can't easily be prevented.

You're basically right. But hasn't it also got to do with idealism and the believe that people who share your ideas probably also will support you?

I don't know. What are the ideals of Luke and "wizkid057"? I'm not even sure who the latter is, and I don't think either of them want this to be about their personal beliefs.

inzli

newbie

Activity: 56

Merit: 0

Quote from: anth0ny on April 24, 2014, 04:49:03 PM

Quote from: ronin4bits on April 24, 2014, 02:45:23 PM

I HATE the idea of a forced fee, and if one is instituted, I will reduce my donation correspondingly; however, I only say that knowing that other people are freeloading. I am running 180GHs - I've been on this pool for over a year now, and I've given the entire time, even when my sweaty little GPUs were struggling to break 1MHs before the ocean of asics hit.

I feel pretty much the opposite. If you want (or need) to be paid, charge a fee. If you don't, then you don't need my donation.

At least that's how I feel about services such as this, where it's really simple to charge a fee to the people who benefit from the services. It's not like Eligius provides a service where freeriding can't easily be prevented.

You're basically right. But hasn't it also got to do with idealism and the believe that people who share your ideas probably also will support you?

anth0ny

full member

Activity: 196

Merit: 100

Quote from: ronin4bits on April 24, 2014, 02:45:23 PM

I HATE the idea of a forced fee, and if one is instituted, I will reduce my donation correspondingly; however, I only say that knowing that other people are freeloading. I am running 180GHs - I've been on this pool for over a year now, and I've given the entire time, even when my sweaty little GPUs were struggling to break 1MHs before the ocean of asics hit.

I feel pretty much the opposite. If you want (or need) to be paid, charge a fee. If you don't, then you don't need my donation.

At least that's how I feel about services such as this, where it's really simple to charge a fee to the people who benefit from the services. It's not like Eligius provides a service where freeriding can't easily be prevented.

inzli

newbie

Activity: 56

Merit: 0

Quote from: TechByPC on April 24, 2014, 03:01:37 PM

At the risk of derailing this thread again, I'll just say that it is a fallacy to tell yourself or others that you'll donate when you are richer. This is true in life and in the pool. If you are greedy with your current salary, you will be greedy with your future higher salary. Greed knows no limits. Start donating when you are "poor" or it will hurt too much to start when you are "rich".

+1000

(And once I paid back the persons who lent me money for buying the first miners, I can think about paying others.)

ronin4bits

newbie

Activity: 59

Merit: 0

Quote from: TechByPC on April 24, 2014, 03:01:37 PM

At the risk of derailing this thread again, I'll just say that it is a fallacy to tell yourself or others that you'll donate when you are richer. This is true in life and in the pool. If you are greedy with your current salary, you will be greedy with your future higher salary. Greed knows no limits. Start donating when you are "poor" or it will hurt too much to start when you are "rich".

^^ This x1000!!

imo, this is not hijacking - this is the point of this thread - how is Eligius running and how do we keep it the best pool. being good, contributing members WITH each other should be the topic until everyone stops preaching forced fees. There's nothing more central than that.

Stop being cheap people. Give.

TechByPC

full member

Activity: 168

Merit: 100

At the risk of derailing this thread again, I'll just say that it is a fallacy to tell yourself or others that you'll donate when you are richer. This is true in life and in the pool. If you are greedy with your current salary, you will be greedy with your future higher salary. Greed knows no limits. Start donating when you are "poor" or it will hurt too much to start when you are "rich".

gallery2000

hero member

Activity: 784

Merit: 1000

Live Stars - Adult Streaming Platform

Quote from: inzli on April 24, 2014, 05:05:54 AM

Quote from: movellan on April 24, 2014, 04:00:54 AM

Quote from: mdude77 on April 23, 2014, 05:51:22 PM

I think pool op should instate mandatory 1% fee.

I saw someone the other day with 60TH/s on here. He linked his payout address. 0% donation. 0%!!!

M

I mentioned this previously but Luke and wizkid didn't like it. Just checked the top 20 again and not a single donation with thousands of BTC mined. If the high rollers would donate just 0.01 %, it would help out with pool maintenance costs. But I still don't like the idea of a set fee.

I'm not donating, I confess. But this will change once more miners have been deliverd to me and when my hashrate is higher than 10 TH/s (which will be in two weeks).

During the last months, I have tried several pools. When I started, I was with ghash. They leave you with the impression that you make a lot of money by paying out constantly. However, ghash is today a no-go. The guild looked nice. But eligius is in my opinion the one with the most transparency. And the fact that it is constantly under ddos tells me that some competitors may be shitting their pants because of this. Or another reason - who knows.

It is not a bad idea to sacrify some of your earnings to the hemaphrodite god.

Topic: Eligius: 0% Fee BTC, 105% PPS NMC, No registration, CPPSRB - page 195. (Read 1061594 times)