Topic: Eligius: 0% Fee BTC, 105% PPS NMC, No registration, CPPSRB - page 214. (Read 1061594 times)
Stats page is returning just a white page for me.
pool is work?
Yes, pool has been working for me all morning.
pool is work?
Cloudflare only helps with http/https last I checked. And I would rather not centralize yet another bitcoin related service behind Cloudflare.
As for the effectiveness of the attacks, the only noticeable effects lately have been slightly delayed response times with the web server. The pool servers have been generally unaffected.
The web server setup definitely is not as scalable as I would like, but that falls back to the mostly unfunded part of the problem.
As for the effectiveness of the attacks, the only noticeable effects lately have been slightly delayed response times with the web server. The pool servers have been generally unaffected.
The web server setup definitely is not as scalable as I would like, but that falls back to the mostly unfunded part of the problem.
I'll throw this out there one more time: I know my 1% isn't much given my tiny rig, but I'd be happy to donate some time to help out the cause. Scalability is a big part of my job.
so ... the device running cgminer worked as expected but ................. the ones that lost you lotsa hash rate were running what?
nothing was using cgminer. I used Hex Miner for the TechnoBit devices. Those kept going. I use bfgminer for everything else. It's embedded in the mess of text I wrote, but that part is in there.
The ones that lost the hash rate stopped hashing at Eligius. The BFL units on one instance of bfgminer went into failover, and the KnC on a separate instance dropped to less than 800 MH/s
Oddly enough, I have a total of 330 GH/s after the two TechnoBit units died the other day. I'm still at the computer after writing the postyou've responded to. My hashrate at Eligius has dropped again from ~330 GH/s to ~265 GH/s. bfgminer shows the KnC and BFL units to be hashing fine. Curious if this is a stats issue, si I've switched everything to another pool again for 24 hrs to see what kind of hashrate stat i get. Perhaps i have more HW issues than I thought, though bfgminer is reflecting this in no way whatsoever.
I've been messing with this crap for hours every evening for over a week. I'm burnt out for now. I'll check in tomorrow. Appreciate the help.
Awesome work wizkid. Just a small thanks for all of the hard work.
https://blockchain.info/tx/abb641b1c23447050c7582bddeb92e3e6882f5365ec69656ac67d2d4a066b571
https://blockchain.info/tx/abb641b1c23447050c7582bddeb92e3e6882f5365ec69656ac67d2d4a066b571
This almost slipped through the bitcointroll.org cracks...
Thank you very much, gigavps. Much appreciated. Definitely will put towards upcoming improvements.
Cold storage catch up would be really nice.
I'm actually finalizing some code that will make cold storage catch ups much less frequent and I was planning on a catch as soon as I finish phase 1 of that code
Awesome work wizkid. Just a small thanks for all of the hard work.
https://blockchain.info/tx/abb641b1c23447050c7582bddeb92e3e6882f5365ec69656ac67d2d4a066b571
https://blockchain.info/tx/abb641b1c23447050c7582bddeb92e3e6882f5365ec69656ac67d2d4a066b571
This almost slipped through the bitcointroll.org cracks...
Thank you very much, gigavps. Much appreciated. Definitely will put towards upcoming improvements.
Cold storage catch up would be really nice.
Awesome work wizkid. Just a small thanks for all of the hard work.
https://blockchain.info/tx/abb641b1c23447050c7582bddeb92e3e6882f5365ec69656ac67d2d4a066b571
https://blockchain.info/tx/abb641b1c23447050c7582bddeb92e3e6882f5365ec69656ac67d2d4a066b571
This almost slipped through the bitcointroll.org cracks...
Thank you very much, gigavps. Much appreciated. Definitely will put towards upcoming improvements.
Cloudflare only helps with http/https last I checked. And I would rather not centralize yet another bitcoin related service behind Cloudflare.
As for the effectiveness of the attacks, the only noticeable effects lately have been slightly delayed response times with the web server. The pool servers have been generally unaffected.
The web server setup definitely is not as scalable as I would like, but that falls back to the mostly unfunded part of the problem.
As for the effectiveness of the attacks, the only noticeable effects lately have been slightly delayed response times with the web server. The pool servers have been generally unaffected.
The web server setup definitely is not as scalable as I would like, but that falls back to the mostly unfunded part of the problem.
How well does CloudFlare deal with many of the attacks listed?
could some things be gained from using them or building something similar and more specific for mining pools?
could some things be gained from using them or building something similar and more specific for mining pools?
A semi-well known fact about me: my real life job includes DDoS mitigation at the ISP level for multiple ISPs.
This particular attack against Eligius has taken almost every form possible... UDP reflection attacks (DNS, NTP, SNMP, etc... 30+ gigabit at times), TCP SYN attacks (over 20 gigabit peaks), botnets directly flooding pool ports (multiple gigabit), botnets attempting application layer (stratum and HTTP) attacks (varies up to several gigabit and > 100k connections), HTTP request floods from botnets and other amplification (wordpress being one), hanging TCP connection attacks, various attack attempts against public facing bitcoinds, flood attacks against upstream routers, social engineering attempts (someone has contacted the abuse@ addresses for some nodes claiming Eligius is DoS attacking them, lol, presumably in an attempt to stir trouble with our hosts), and probably a ton of other things that are just automatically filtered/ignored.
This particular attack against Eligius has taken almost every form possible... UDP reflection attacks (DNS, NTP, SNMP, etc... 30+ gigabit at times), TCP SYN attacks (over 20 gigabit peaks), botnets directly flooding pool ports (multiple gigabit), botnets attempting application layer (stratum and HTTP) attacks (varies up to several gigabit and > 100k connections), HTTP request floods from botnets and other amplification (wordpress being one), hanging TCP connection attacks, various attack attempts against public facing bitcoinds, flood attacks against upstream routers, social engineering attempts (someone has contacted the abuse@ addresses for some nodes claiming Eligius is DoS attacking them, lol, presumably in an attempt to stir trouble with our hosts), and probably a ton of other things that are just automatically filtered/ignored.
It's nice to get some hard info on what's going on. I, BTW, work for a backbone provider, specifically for managed IP services.
I am surprised that Eligius is operating with that level of network connectivity, as a mostly unfunded operation I has thought your resources were a lot more meager. That said, at the point your pipe is getting filled your provider should be willing to either provide some sort of CoS shaping and/or basic filtering for you, to keep pipe congestion down. For what gets past that I would assume you've got some basic stateful firewalling in place, at least.
Some of your other attacks, like the HTTP requests, while intended as a DDoS, are great at pointing out scalability problems, for which there's probably some low hanging fruit. Some squid boxes, ICAP, memcached, etc. I haven't looked at the stratum protocol so I couldn't guess what your problems would be there.
Sounds like you guys are definitely getting a trial by fire.
A semi-well known fact about me: my real life job includes DDoS mitigation at the ISP level for multiple ISPs.
This particular attack against Eligius has taken almost every form possible... UDP reflection attacks (DNS, NTP, SNMP, etc... 30+ gigabit at times), TCP SYN attacks (over 20 gigabit peaks), botnets directly flooding pool ports (multiple gigabit), botnets attempting application layer (stratum and HTTP) attacks (varies up to several gigabit and > 100k connections), HTTP request floods from botnets and other amplification (wordpress being one), hanging TCP connection attacks, various attack attempts against public facing bitcoinds, flood attacks against upstream routers, social engineering attempts (someone has contacted the abuse@ addresses for some nodes claiming Eligius is DoS attacking them, lol, presumably in an attempt to stir trouble with our hosts), and probably a ton of other things that are just automatically filtered/ignored.
This particular attack against Eligius has taken almost every form possible... UDP reflection attacks (DNS, NTP, SNMP, etc... 30+ gigabit at times), TCP SYN attacks (over 20 gigabit peaks), botnets directly flooding pool ports (multiple gigabit), botnets attempting application layer (stratum and HTTP) attacks (varies up to several gigabit and > 100k connections), HTTP request floods from botnets and other amplification (wordpress being one), hanging TCP connection attacks, various attack attempts against public facing bitcoinds, flood attacks against upstream routers, social engineering attempts (someone has contacted the abuse@ addresses for some nodes claiming Eligius is DoS attacking them, lol, presumably in an attempt to stir trouble with our hosts), and probably a ton of other things that are just automatically filtered/ignored.
When it comes to Bitcoin, DDoS means 30+ Gbit/sec :p
Are you saying you have a cluster of servers sitting on multiple OC-255s? Like I said, if they can actually fill the pipe with SYNs you're pretty much screwed, you need help from your backbone provider.
That said, I haven't seen any significant detail divulged on the attack. No one's said what they're attacking, the IP stack, the application, what. Are they overrunning the pipe or server resources? If the latter there's more than likely a few things you can do to scale just to make it harder for them to effectively DDoS you.
When it comes to Bitcoin, DDoS means 30+ Gbit/sec :p
Mitigating DDoS attacks is pretty basic, depending on whether they're trying to attack the TCP stack (like SYN floods) or the protocol (like that NTP reflection attack that was going on a couple of months ago). More servers won't help unless you have a genuine scaling problem.
Care to elaborate on the pretty basic way a DDoS can be mitigated? I'm sure plenty of people will be interested...
Mitigating DDoS attacks is never "basic". Mitigating the DDoS attacks that have been ongoing for quite some time against Eligius is time consuming, requires cooperation of many different entities, and is a genuine pain in the ass. But, I'd much rather mitigate than give the attackers any satisfaction.
It depends on the attack, but most of the garden variety DDoS is basic, but you seem adverse to accepting anyone's help or expertise, Wiz.
SYN floods are very basic unless the packet rate actually exceeds your available bandwidth. There's not much you can do without the help of your backbone provider if they can actually fill your pipe. But if it's just a socket threshold limit on the server itself there's a couple of ways to protect yourself, even without a decent accelerator or IDP. Basic steps like enabling SYN cookies, increasing your syn backlog queue, lowering SYN and SYN/ACK retries, etc.
Beyond that you could enable packet marking so you can log stale SYNs and feed them to a program (like autofwd) in order to semi-permanently firewall hosts generating those packets. If those packets are forged, and not generated directly by bots, there may be some collateral damage.
All of this is even easier if you're comfortable with OpenBSD.
Application protocol level DDoS, depending on the protocol, can be a bit hairier.
Thanks for reposting the payout queue info wizkid057, that was the info I was questioning.
I have my payout set to low as I have added a lot of miners without readjusting the threshold. I will adjust it now. Currently I vary from receiving a payout every 2-to-3 days but sitting in the queue for most of that time bouncing around.
I have my payout set to low as I have added a lot of miners without readjusting the threshold. I will adjust it now. Currently I vary from receiving a payout every 2-to-3 days but sitting in the queue for most of that time bouncing around.
Mitigating DDoS attacks is pretty basic, depending on whether they're trying to attack the TCP stack (like SYN floods) or the protocol (like that NTP reflection attack that was going on a couple of months ago). More servers won't help unless you have a genuine scaling problem.
Care to elaborate on the pretty basic way a DDoS can be mitigated? I'm sure plenty of people will be interested...
Mitigating DDoS attacks is never "basic". Mitigating the DDoS attacks that have been ongoing for quite some time against Eligius is time consuming, requires cooperation of many different entities, and is a genuine pain in the ass. But, I'd much rather mitigate than give the attackers any satisfaction.
Mitigating DDoS attacks is pretty basic, depending on whether they're trying to attack the TCP stack (like SYN floods) or the protocol (like that NTP reflection attack that was going on a couple of months ago). More servers won't help unless you have a genuine scaling problem.
Care to elaborate on the pretty basic way a DDoS can be mitigated? I'm sure plenty of people will be interested...
Jump to: