Topic: [POOL][Scrypt][Scrypt-N][X11] Profit switching pool - wafflepool.com - page 119. (Read 465668 times)

Yeh I was just reading it can't be mined alongside normal script coins on a pool, And there's not enough of them for a multicoin pool yet, At least I don't think.

Well lets hope they take off and we soon see a new Wafflepool address with script n coins.

The real work that needs to be done is extending the stratum implementation to also pass the value of N to the sgminer (and have sgminer understand).  Then a pool could switch between different scrypt-n coins.

I did some vertcoin mining while WafflePool was being DDoS'd, and I am planning to stay long on vertcoin for now - I think it's likely to do quite well as scrypt ASIC power ramps up.  Already, vertcoin is consistently more profitable to mine then LTC by my calculations (and we are still at the very beginning of the scrypt ASIC era).

during DDOS, I tried script-n. can not be parallel to mine and then it requires individual settings. perhaps in time we need to convince, pw, another pool on a script-n.

Reddcoin (RDD)
Network Hashrate: 1.71 GH/s
Potcoin (POT)
Network Hashrate: 1.71 GH/s

support in many ways, but would not have contact with coins less Network Hashrate 1-2 GH / s. Uncertain condition.

Like behavior Spaincoin (SPA), especially soon to introduce Cryptsy.com. Eyeing.

From MP frontpage:
Mar 26 12:02 PM The Luckycoin network appears to be under some sort of timewarp attack which is causing the client to reject 95%+ of our blocks. It is not recommended to mine LKY at this point.

The attacks are appearing to be on multiple fronts.  First redirect then ddos ...

Is it possible that the perpetrator(s) have gained a "51%" position from these attacks?

It's definitely possible.

is this really possible? i mean of course it is possible if you are working in that datacenter, but for outsider and only knowing pool ip..?

No...

Here is my speculative analysis of the attack (when I re-enabled redirect on one of my miners, it was redirected repeatedly to a server in Panama and I was able to do a bit of analysis):
- I do not believe this attack involves DNS manipulation
- The attack seems more closely related to the NTP Amplification attacks, whereby it abuses networks that do not properly implement BCP38 (speculative, but makes sense).

Here is how I would attempt to execute such an attack, based on :
- buy a server in the same data center as a large pool
- sniff packets intended for the pool (this used to be possible on OVH if you were on the same subnet as the intended host, probably still is)
- when a miner connects to the pool, snag it's IP, and pass that IP to another server that is hosted on a network that allows source IP address spoofing (e.g., it does not follow BCP38).
- from your server that can spoof source IP addresses, send a packet to the miner with a redirect command, using the WP server as the source.

Can scrypt n coins be mined on a pool like this ?

does anyone else think of a pool that attracted hundreds of miners with "foolish" proposal of 200% profit?
i wonder if every single one of hijacked miners were mining there and if anyone of them had dinamic ip.. i was not poolswitched yet and i was mining there with no static ip.

If I understood the problem, a yet to be hijacked miner got a valid message - to redirect its hashing power to another IP & destination port.

Basically, this happened on different miner versions and different operating systems.

Injecting TCP packets into sessions is not an easy task - but it is possible. For a starter, one must know the IP address of the miner and source & destination ports (and some other details regarding specific TCP session).

Now, Waffle claims, nobody broke into the wafflepool. Please note, it's good enough to sniff (read) the packets - not modify them. Injection of packages can be done separately on the other part of the world. To be fair to waffle, hijacking happened also to people mining to other pools also - albeit it is not clear if packets were sniffed on one pool only. For example, you hash at pool #2 (not waffle), hacker sniffed up the session, sent a redirect package, redirecting your mine to someplace else.

What should be considered is that data is leaking at some of the pools, but the redirect happens to miners, currently mining at some other pool. Technicaly speaking cgminer connects to EVERY pool stated in the config - even to reserve pools. I think that this is very possible explanation, how on earth hacker managed to inject packages to miners. Besides ignoring the redirect message, two other security measures comes to my mind (kalroth - r u reading this???):

a) is it possible that a redirect message comes from a session /w pool A and redirects the pool B? I think a check should be done, to honor only redirects from the session limited to a pool to which the session belongs - it would also mean that if a message tries to redirect other session's pool - it is probably hacker's redirect. Please note that in that case one would clearly know which pool is sniffed up. Of course - perhaps packages are not sniffed at pool's side - but perhaps someone broke into some router and it is sniffing interesting packages. But in this case, a trace route can be compared and perhaps some common point crops up. So - knowing from which session pool the redirect message came, would be very useful.

b) injection is possible if session is open; is it possible that a sesion to a pool is established only after for example primary pool is down - this way, this would radicaly lower the exposure to hijacking


Somebody else even suggested that a communication can be intercepted and redirected. That's also true.

So what can be done?

Either use kalroth latest version of cgminer, where there is a new option, to ignore the redirection command.

Other option is to strictly limit where the miner can connect to -- basically, even if mining is redirected, cgminer will not be able to communicate - thus no hash power is stolen.

A long term solution would be that the miner would be able to verify a true identity of the pool.

CoinSolver mines DigiByte, so it should be fine to be added.

btc-e is an exchange, not a wallet.  If you weren't using an address that you hold the private key to (you don't for any deposit address on an exchange), then you can't sign a message from that address.

Specifying shaders has no effect if you have also specified thread-concurrency.  TC is a better tuning method, generally.  I have found the best values for the 290s are a tc at 20479 or 28672 (depends on the BIOS/card as to which is more optimal).  Various other tc values are commonly used, but these have been the most optimal for me (and I have tested 100s of tc values on my banks of 290s).

I have never seen CM profits actually pass WP profits in reality.  I have run side by side tests many times, and the CM numbers never bear true after you take into account under-reported hashrate and rejected shares.

lol... WafflePool does mine the most profitable scrypt coins.  And the litecoin diff JUST changed.  Give it 24 hours to see what WP profits are like.

Besides, unless you are using a real PPS pool (only one I know of is litecoinpool.org, as LTCRabbit is a modified PPS scheme), mining LTC will never earn you "100%" of LTC profits - some days will be less, some more.

Looks like the pool has been mainly mining Fluttercoin, DogeCoin, and Litecoin so far today.  These would indeed be the most profitable coins to mine.  (We haven't mined mint in ages - we just have unexchanged coins stuck in coinmarket.io from a long time ago, we aren't mining flappycoin - we are sitting on a bunch because there is no buy interest, and I haven't seen worldcoin being mined yet today).

Ya, glad you added it, PW. Manually trading will hopefully be worthwhile - profitability has been good on this coin lately, and the random doubling of spends is kinda an interesting feature.  Maybe we'll get lucky and our deposits to the exchange will get multiplied =).

--

@PoolWaffle: how about adding DigiByte (DGB)?  Seems to be doing pretty well lately after the publicity from their code being used in Doge.  Diff staying above 10, and listed on crypsty.  Can't recall if there is anything particularly odd about their implementation that would make it unprofitable, but I don't believe so.

PW, i can say is one of the best ops out there. but been having problems as all other pools have been having.

thanks for Fluttercoin. shown as a stable medium fork. watching him for over a week

pw, A friend told me - do not engage in this nonsense)

Because Wafflepool mining ALWAYS doge, mintcoin flapycon, worldcoin => POOR PROFITS

Today LTC = 0.0052 BTC/Day/Mh and Wafflepool = 0.0044

CONCLUSION = MINE YOURSELF LITECOIN ! or go to clevermining...

It seemed that wafflepool mining the most profitable crypto?  

We should see profits going up now, for the next 3.5 days, as litecoin difficulty went down by 7% just now.

Litecoin per Mh/s per day now at 0.1855, which at the current LTC/BTC ratio is 0.00531 BTC/MHs/day for mined litecoin.

Maybe we'll creep up into the .008 levels :-)

quick question --does adding shaders make your gpu more stable whilst mining? regarding 290x or 290

Wonder what is CleverMining mining, they're on 0.00583 BTC/MH, although their reject rates are crazy high.