Pages:
Author

Topic: Mass DDOS part 2 (Read 6374 times)

hero member
Activity: 504
Merit: 500
October 25, 2011, 01:23:06 PM
#59
In my head it would seem the earlier attack would have the bigger impact on time to next retarget.. My head is old and fuzzy though, so without giving a shit to punch in the numbers it is highly likely I am delusional...

Not so fuzzy after all.  An earlier attack DOES have an advantage!

When you attack, you usually don't know how long you can sustain the attack.  So, if you attack early and sustain as long as you possibly can, you will enjoy 100% of the attacks' fruits.

On the other hand, if you arbitrarily decide to attack just 48h before difficulty change, then you can enjoy AT MOST 48h of decreased hashing power.

There's no advantage in doing it late.  But there IS the risk that you underestimate your chances of success.

So much for the myths..

  If that is true it certainly would speak more to the motives of said Botnet OP.  It would need verification, but if I recall correctly the last two big attacks were shortly after difficulty change. I.e., a start point within the first 48 hours. If correct this would indicate a motive that is much more profit driven and diliberate than an attack that was just intended to disrupt the network for *insert reasons here*.

  *ponders*

  Cheers
newbie
Activity: 53
Merit: 0
October 25, 2011, 12:30:36 PM
#58
I mean, if these botnets were able to mount a successful attack against Bitcoin, it would teach us a lot about how to mitigate these sort of attacks.

Pools are not bitcoin!

In fact, they are the quite the contrary.  The bitcoin spirit is to decentralise, while pools centralise.  Ironically, this makes pools attackable (as we're witnessing), which is a problem bitcoin tried to solve (by decentralisation).

Consequently the pools fall while the bitcoin network stands. During the next DDoS attack, check the "other" share for evidence, on your favourite stats site or on http://bitcoinwatch.com
newbie
Activity: 53
Merit: 0
October 25, 2011, 11:55:58 AM
#57
In my head it would seem the earlier attack would have the bigger impact on time to next retarget.. My head is old and fuzzy though, so without giving a shit to punch in the numbers it is highly likely I am delusional...

Not so fuzzy after all.  An earlier attack DOES have an advantage!

When you attack, you usually don't know how long you can sustain the attack.  So, if you attack early and sustain as long as you possibly can, you will enjoy 100% of the attacks' fruits.

On the other hand, if you arbitrarily decide to attack just 48h before difficulty change, then you can enjoy AT MOST 48h of decreased hashing power.

There's no advantage in doing it late.  But there IS the risk that you underestimate your chances of success.

So much for the myths..
hero member
Activity: 868
Merit: 1008
October 20, 2011, 01:05:21 PM
#56
Mt Red appears to be down (not sure if it's related to the DDOS).
jr. member
Activity: 49
Merit: 10
October 20, 2011, 10:20:56 AM
#55
The Man is getting "worried", so he is to quote a previous poster, testing the fences !!
full member
Activity: 196
Merit: 101
October 20, 2011, 10:17:11 AM
#54

...

Either that - or it's just 'for the lulz'

Probably the one of the strongest hypotheses.  A lot of geeks are probably somewhat PO'd that they missed their chance to get in as early adopters (I know I am) and a bit of lulzing could go a long way toward easing that pain.

the geek conspiracy.
legendary
Activity: 980
Merit: 1008
October 20, 2011, 09:12:51 AM
#53
I'm really interested in hearing people's theories on why this is taking place. Especially the more rationally argued, non-conspiratorial ones.
lol'd
your looking for a reason that does not involve somebody secretly planning this mass action against bitcoin.

that would be easy then we just look for who is openly talking about ddos'n all the major pools and exchanges.
As far as I know, a conspiracy is between two or more persons or groups. That is what strikes me as improbable. I just don't think Bitcoin is important enough right now for two or more parties to meet and construct some grand plan on how to take Bitcoin down. No offense, I just don't think Bitcoin is that much of a threat to anyone (yet).

I would say the most probable scenario is the botnet operators themselves (as someone else suggested), and not a third party renting a botnet. I've seen prices for renting a 10GB/s botnet for a week to allegedly be $200-$400. Can anyone think of a way that one could make over $400 a week by bringing down these pools? Could the decrease in difficulty resulting from the DDoS attacks increase mining profits by more than $400/week? I doubt it.

Perhaps we shouldn't even look at it as necessarily arising from evil intent. I mean, if these botnets were able to mount a successful attack against Bitcoin, it would teach us a lot about how to mitigate these sort of attacks. It's much better that an attack like this happen now, and not 5 years into the future, when people are using Bitcoin for more serious stuff. Maybe someone is just playing around to see how well Bitcoin stands up? I don't think this is necessarily bad for Bitcoin itself. Of course, one could present other moral objections to doing so.
hero member
Activity: 774
Merit: 500
Lazy Lurker Reads Alot
October 20, 2011, 04:30:40 AM
#52
P4Man Ssssttt do not attract more miners the bigger our bonus Cheesy
Mining without a hitch at bitminter Smiley
hero member
Activity: 518
Merit: 500
October 20, 2011, 03:32:16 AM
#51
Bitminter still working smooth as always:
https://bitminter.com

Perhaps a good time to cash in the 150 free BTC promotion before it runs out.
legendary
Activity: 4690
Merit: 1276
October 20, 2011, 03:28:47 AM
#50

...

Either that - or it's just 'for the lulz'

Probably the one of the strongest hypotheses.  A lot of geeks are probably somewhat PO'd that they missed their chance to get in as early adopters (I know I am) and a bit of lulzing could go a long way toward easing that pain.
legendary
Activity: 1145
Merit: 1001
October 20, 2011, 03:23:40 AM
#49
I'm really interested in hearing people's theories on why this is taking place. Especially the more rationally argued, non-conspiratorial ones.

The only ways this can be a non-conspiracy is if either a group publicly declaring that they are doing this or it is an individual.

Here is the definition:
Conspiracy (civil), an agreement between persons to deceive, mislead, or defraud others of their legal rights, or to gain an unfair advantage
Conspiracy (crime), an agreement between persons to break the law in the future, in some cases having committed an act to further that agreement
legendary
Activity: 1092
Merit: 1001
October 20, 2011, 03:22:43 AM
#48
I'm really interested in hearing people's theories on why this is taking place. Especially the more rationally argued, non-conspiratorial ones.
lol'd
your looking for a reason that does not involve somebody secretly planning this mass action against bitcoin.

that would be easy then we just look for who is openly talking about ddos'n all the major pools and exchanges.

oh.. surely it's someone who is very *pro* bitcoin.  They're worried that if the network isn't perceived to be at risk, too many miners will switch off their rigs due to the low exchange rates. By attacking the pools like this they're hoping that more people will keep a proportion of their mining power running to protect the blockchain.
The last thing bitcoin needs while the price has tanked, is a successful 51% attack.

Ok - so I just plucked that theory from the ether, but it works for me better than assuming it's some nefarious bank/paypal type operation.
(I really don't think they're that concerned with bitcoin at the moment)

Either that - or it's just 'for the lulz'

full member
Activity: 196
Merit: 101
October 20, 2011, 03:00:29 AM
#47
I'm really interested in hearing people's theories on why this is taking place. Especially the more rationally argued, non-conspiratorial ones.
lol'd
your looking for a reason that does not involve somebody secretly planning this mass action against bitcoin.

that would be easy then we just look for who is openly talking about ddos'n all the major pools and exchanges.
hero member
Activity: 504
Merit: 500
October 19, 2011, 11:31:58 PM
#46
This isn't the only place its happened, these sites also help centralize the bitcoin miners by not showing more than top 10..

Ozcoin is doing fine so far Smiley

  Aye, and has definetly helped to show that too much centralization can be frustrating, to say the least.

  I think the trick will be for more pools to adopt the 'anonymous' reporting of their solved blocks. I.e., through not having the reporting bitcoin daemon on the same IP as the pool servers or front end. I did like the other chart someone posted, in the fact that there were so many reported blocks that did not have a owning pool assigned to them. Here it is, check out 'Unknown' blocks for 4 day span. http://blockchain.info/pools?timespan=4days   
 
  I would love to see the number of blocks reported by unknowns increase a LOT.  I guess the question in all that would be that if we did break the chart down and show EVERY reporting pool and who they were, would it just be a small bit more work for a DDoser to split his botnet up accordingly? Or, would it end up being so many smaller pools that it would prove enough of a deterrent? Some adaptation of the p2pool and even a good sifting through the longpolling protocol could go a long way to sure up the hashing part of the network.

  Oh, and grats on your pools massive luck recently. I knew I smelled it earlier, that most of the reported higher hash rate was from smaller pools having good luck. I only looked at 6 or so to draw such a conclusion. Yours makes number 7 and further verifies my spidey senses. ;p

   Cheers
vip
Activity: 980
Merit: 1001
October 19, 2011, 09:42:31 PM
#45
The big three are getting hit at the moment. BTCguild, Deepbit, and Slush are down.

Insert; Stupid, very lacking chat here...

Once again....when a pool's website goes down, that's when it stops being shown in that chart-- not when the actual mining pool goes down, so it's basically like renaming existing resources as "Other". Big deal.

  Yes, the chart is certainly not an accurate measure of whether pools are operating or not. I personally mine at some of the ones that show as 'other' but have not added a 'heartbeat' report for the chart. And, why should they?

  But the current DDos situation is very real.......

The chart was changed recently to only show the "Top 10" pools..... I guess "other" would be smaller if this hadn't happened
This isn't the only place its happened, these sites also help centralize the bitcoin miners by not showing more than top 10..

Ozcoin is doing fine so far Smiley
legendary
Activity: 1008
Merit: 1001
Let the chips fall where they may.
October 19, 2011, 09:02:02 PM
#44
You don't need to d/l the chain in order to run a miner/worker. Actually, I have nothing bitcoin related installed on my rig at all.
.

This thread is about a DDOS. My CPU miner (1800khash/s) is not much use as a worker unless you don't pay for electricity (like a botnet operator). The CPU is, however, powerfull enough to relay valid transactions to other nodes on the network.

A worker using a pool does not make the network more resistant to DDOS attacks: the pools are easy targets because there are so few of them. I'm sure my node is an easy target was well (3Mbps would saturate the connection). But, if the attacker needs to hit 10,000 nodes at once, the "Distributed" part of a DDOS becomes less effective (3Mbps*10,000=30Gbps to take down the (hypothetical) network).
full member
Activity: 238
Merit: 100
October 19, 2011, 08:44:13 PM
#43
Ironically, botnet operators can not easily switch their nodes to solo mining. Even if UPnP is employed for firewall piercing, many users will likely notice 12 hours of disk activity as their node catches up to the block-chain.

You don't need to d/l the chain in order to run a miner/worker. Actually, I have nothing bitcoin related installed on my rig at all.
.
newbie
Activity: 47
Merit: 0
October 19, 2011, 07:34:26 PM
#42
I've heard that pool operators shut down the botnet operators' account, so they get DDOSed, but I haven't read that directly from a pool operator.
legendary
Activity: 980
Merit: 1008
October 19, 2011, 07:27:25 PM
#41
I'm really interested in hearing people's theories on why this is taking place. Especially the more rationally argued, non-conspiratorial ones.
hero member
Activity: 630
Merit: 500
Posts: 69
October 19, 2011, 07:19:07 PM
#40
Pages:
Jump to: