Author

Topic: whitelist mtgox (Read 2569 times)

donator
Activity: 826
Merit: 1060
May 07, 2011, 06:39:12 AM
#16
...so most of people is actually consulting not trading...

That's no big deal. A few well-known mirrors (e.g. www.bitcoinwatch.com ) can get themselves whitelisted and can proxy the MtGox pricing information for everyone else. Or they can put it into a form that's hard to DDOS (such as Usenet NNTP).
legendary
Activity: 1218
Merit: 1000
May 07, 2011, 06:11:22 AM
#15
How about: send 0.1 BTC to MtGox for your IP address to be whitelisted for an hour. All whitelist payments would be deducted from your MtGox exchange fees, so this would not cost genuine traders anything.

And you would bury BTC and condemn it to the bottom of the underground, as most people take Mt. Gox as the "standard price" for BTC... so most of people is actually consulting not trading, not all BTC users are speculators or exchangers.

Whitelists are generally impracticable except for small access groups...

Unless MagicalTux splits Mt. Gox in two, one for trading other for consulting.
donator
Activity: 826
Merit: 1060
May 07, 2011, 06:02:18 AM
#14
How about: send 0.1 BTC to MtGox for your IP address to be whitelisted for an hour. All whitelist payments would be deducted from your MtGox exchange fees, so this would not cost genuine traders anything.
legendary
Activity: 1218
Merit: 1000
May 07, 2011, 05:15:29 AM
#13
FW for layer 7 attacks sounds good, but due to the nature of those attacks I didn't think it would be possible.

Does that do what? Limit POST headers to Y connections - I see a problem here, as the attack is distributed they would have different IP sources? Closes slow POST? But that would be just a connection issue, anyway there're no big data uploads to Mt.Gox, posts are resumable to the login/register and bid/ask/withdraw forms...
vip
Activity: 608
Merit: 501
-
May 07, 2011, 02:06:27 AM
#12
ddos bump
ddos ended.

We are setting up a layer7 firewall in front of mtgox to block those attacks~
sr. member
Activity: 410
Merit: 250
Proof-of-Skill - protoblock.com
May 06, 2011, 09:18:30 PM
#11
ddos bump
newbie
Activity: 2
Merit: 0
May 04, 2011, 12:52:26 PM
#10
What if you only accept IP address running bitcoin clients?
hero member
Activity: 698
Merit: 500
May 04, 2011, 04:13:28 AM
#9
because some/most users have a dynamic ip?

even dynamic ip are given by limited pools, which can be figured out...
legendary
Activity: 3920
Merit: 2349
Eadem mutata resurgo
May 03, 2011, 10:00:47 PM
#8
pay 0.01 btc to get on the whitelist.

+1  (0.01 * 100)

I'll pay 1.00 btc provided I get my 1.00 back after I don't hit the servers 10,000 times in 24 hrs.

Not a bad idea. Put up a bond to be a trusted IP.
legendary
Activity: 1137
Merit: 1001
May 03, 2011, 04:54:59 PM
#7
pay 0.01 btc to get on the whitelist.

+1  (0.01 * 100)

I'll pay 1.00 btc provided I get my 1.00 back after I don't hit the servers 10,000 times in 24 hrs.
vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
May 03, 2011, 04:14:45 PM
#6
pay 0.01 btc to get on the whitelist.

+1  (0.01 * 100)
legendary
Activity: 1137
Merit: 1001
May 03, 2011, 04:14:05 PM
#5
pay 0.01 btc to get on the whitelist.
member
Activity: 98
Merit: 13
May 03, 2011, 02:37:56 PM
#4
Some of the other services have "IP security" options, where you whitelist a set of IP or range of IP addresses associated with your account.  Per-person, this serves to ensure that someone from another country or computer is less likely to access your account.

Site-wide, it could be used as an anti-DDoS whitelist.

sr. member
Activity: 410
Merit: 250
Proof-of-Skill - protoblock.com
May 03, 2011, 02:35:50 PM
#3
because some/most users have a dynamic ip?

implementation detail... many ways around this.

back to the basic question.. assuming you have everyones ip.. will it work?
hero member
Activity: 602
Merit: 513
GLBSE Support [email protected]
May 03, 2011, 02:23:52 PM
#2
because some/most users have a dynamic ip?
sr. member
Activity: 410
Merit: 250
Proof-of-Skill - protoblock.com
May 03, 2011, 02:18:09 PM
#1
can we just generate a list of all funded registered IPs.. so we can at least trade until this ddos is figured out?

assuming you have list of all valid ips.. would this work and stop the ddos? if so.. why not do it?

Jump to: