The DDoS attacks are getting worse.
-
I seen the same the other day. I went in and banned some connections but like I have a said before I hit one and it change mining like I cut on a switch. There has got to e a better way.
-
most of the non pool related stuff doesn't go through the firewall. If this persists then I'll make it so none of it does, and they'll no longer have a centralized source to attack. They can fuck with my servers, but I can fight back.
-
@aitor I'm not going to block countries, just assholes. Unlike some other sites this a censorship free zone ......
-
@haitch really, really piss me off. There's going to be downtime for maintenance this weekend. Sorry, but I won't be giving notice of when stuff is going down. Just don't panic if you can't connect - it's planned maintenance.
-
@haitch i def would say random times on these type things... just tell ppl in a thread its possible from this day to this day... it could be down
0http://freecoinz2day.com?affiliate_id=2 -- NEW way to earn Burst Coin
https://forums.burst-team.us/topic/5827/ann-falcon-burst-pool -- Falcon Mining Pool
https://forums.burst-team.us/topic/6256/ann-talon-power-asset -- Talon Power Asset
one_reply_to_this_post
-
ahhh this is funny guys. I was closing everything too then oops closed my remote access port
-
@falconCoin I'll announce when I'm starting maintenance, but won't be giving specifics or a timetable.
-
Can we all work together on this, forget about the pool competition and lets work together. I have turned off a few countries with cloudflare and can get the pool running off of it. But it isn't steady as either cloudflare adds 300ms or slowly less people are able to connect. However between Lex's adding the port 80 fix and cloudflare we can get a little closer to the issue. Anyone know if NXT wallet has any updates that we need? Hate to mention this but was qora engine any better?
- Lets call to order a java expert meeting. Lets add the new websocket.io from cloudlfare into our pool software. (couldn't get it to run......pool.ro? Can you add to this)
-
@Burstde I don't know why, but the CloudFlare websocket support is not compatible with the Ninja V2 implementation of websockets - don't know why, I can make it work on my proxies.
My infrastructure grew too fast and unplanned. I'll be trying to make everything make more sense.
-
@haitch - few things, and some suggestions...
-
I have multiple new hypervisors up, and a new Vcenter server that was just completed today.
-
My new hypervisors have DDOS protection custom router that my security expert helped build, and it's some pretty damn amazing stuff, you can find any and every piece of information and whatever, where it comes where it goes, and so so much more, block GEO in a click if necessary, it's some truly awesome stuff, it's best run on direct set of hardware, but honestly mine has run great on a VM thus far, with lots of traffic as I'm helping lexpool, redirecting to multiple wallets, etc. It is by far, hands down, the most amazing router software I have ever seen, with freaking sweet UI, alias for IP addresses, hostnames for host, so easy to map things to where they should be, and not only that... the DHCP and the way I set mine, I never need to set another IP in a VM OS again, I only set the lease and it sees it there on the net, that IP is magically static when you say so.
-
The new pool software I'm sure will be ready soon enough, and I'll see what we can do to get you setup.
-
The infrastructure, I think you have been way too generous to the community, and because of that you have maybe taken on too much, are people paying you for this? If so, what costs and such, I'd be happy to help take some of the load, for a small fee and I'd give BURST people discounts, especially if hosting public BURST type stuff or nodes.
My infrastructure has been massively enhanced, I've learned a ton from my security expert, and he's the real deal. I look forward to learning all he can show me, and making my hardware too legit for any weak nonsense attack to come touch anything on any of my hosts, and even now, I highly doubt that a DDOS would do anything.
Another issue, the wallets, and even the new nodes that I have setup, for whatever reason, started freezing, and being stupid... I think there's a few things that we should work out, potentially one of them I'll PM you in Discord to speak about, I'd like to bring some people in together, and make things get done, and finally get the wallet and platform for BURST really solid.
Anyway, I'm doing 2 moves, building 2 new hosts, taking old ones down, and such right now... But I'm also rebuilding my new stuff INSANE better, and in 3 DC right now, and another that I haven't followed up with, due to all the distractions and ridiculous stuff I've been dealing with.
I for one, am ready to step up, both my own game, the BURST wallet should be finished, released, and the platform should be so much better, and finally stable for real. I think that will be great, babysitting these wallets becomes a full time job, and that's like the last possible thing that should be that way.
But I DO have some nodes, if you'd like to have some for new wallets, hosted, pool, private, whatever. I'm gonna make more, and give these more power, along with doing all the other things I'm doing...
Haha, what's funny, is when I start showing people everything I've done, even though I've been doing work at home, delegation played a real role in allowing things to continue anyway. But I have quite a few interesting things to show everyone. I'll be making many posts, videos, and such with the info.
1http://www.crowetic.com - Crowetic Computers, LLC. Owner.
http://web.burst-team.us - NEW BURST website
http://burstcoin.online - BSILVER asset info
one_reply_to_this_post
-
-
@Burstde said in The DDoS attacks are getting worse.:
Can we all work together on this, forget about the pool competition and lets work together. I have turned off a few countries with cloudflare and can get the pool running off of it. But it isn't steady as either cloudflare adds 300ms or slowly less people are able to connect. However between Lex's adding the port 80 fix and cloudflare we can get a little closer to the issue. Anyone know if NXT wallet has any updates that we need? Hate to mention this but was qora engine any better?
- Lets call to order a java expert meeting. Lets add the new websocket.io from cloudlfare into our pool software. (couldn't get it to run......pool.ro? Can you add to this)
few things...
-
there's a team, and I really want to get the others that should be there, who were there from the beginning, into the new group where the others are, so that everything is back in a single place for the REAL core development, to be talked and finished.
-
man, I just wouldn't bring QORA up, please. I have horrible flashbacks of things from the past, but if you'd like to contact me, I can talk privately about it.
-
Yes, the new wallet we're working on, or at least were, until the nonsense and threats to stop paying devs and whatever happened. All that we really need, is me to have time and my office, so I can get back into working and less in outer space not knowing what is actually happening and why...
I need only a couple days, contact with certain people that usually get back to me within 12 hours, a few kind words, and time for some private talks with each, and I'll have it all back as a well oiled machine. But first, I work on my situation, get back some semblance of 'a place I can really work' then I can reach out, pull the people to reality again, and see what's happening with the stuff that they were working on.
-
@crowetic We need to discuss stuff. Give me a day or two.
-
@haitch said in The DDoS attacks are getting worse.:
@crowetic We need to discuss stuff. Give me a day or two.
of course bro, no worries, you know I'm always busy, but with any luck, and some internet connection installer magic, I should be into my office this week, and moving things into new mining place too, it's good all good, so much is finally working out, but it can't come fast enough I need out of the house.
Working from home is not possible for me, it's simply full of constant distractions and noise, children, pets, and toddler toys, along with my brain which fell on the floor the other day, I just left it there for now, until I can get to a place that work can actually be done, if I put it back now, I'm afraid it'll make me sit in a chair with a helmet. So it can stay there on the floor behind the couch in the den, it'll be safe enough till the week end, once the office is going, my stuff is all there, mining location running (vent and power started installation last night) my world will come to a nice settled happy point, at that time I'll be back to helping facilitate work, finding things for people, and helping out more with hosting and infrastructure.
I enjoy it a lot, and now I'm finally 'on my own' without anyone that I don't have 1000000% trust in working on any of my stuff, a fully configured VPN thanks to my custom firewall, so I can literally use the password of 'awesome' and my stuff cannot be touched, you'll have to have not only a user account on the VPN, but a security key generated specifically for you, in order to even come say hi to SSH on any of my nodes, this allows me to not only give access for frames of time, but to specific people and specific nodes only, and when they have done what they needed, they can be removed just as easily as they were created.
That is the stuff I'm talking about, we're coming out of the 'dark ages' and I'm planning to come out, driving a damn tesla with hovercraft add-on, it's only a thing if you believe enough. :)
I have not slept, and I've been a bit looney, forgot damn payouts yesterday, and doing that today. Overall though, things finally I think are settling after the nonsense, and with the level of security on my two newer nodes, and what will be put on the ones I will add, rebuild or replace, and slowly add in, there's no way that any time in the future, if anyone needs access to things, that they'll be accessing anything other than exactly what they need, and no more.
This type of security is real, and kicks total ass, and I'm finally happy that I am in this place with this stuff.
Soon I will post about all sorts and kinds, and I'll offer various things like hosting to people for good prices, also would enjoy removing some of the host load, that haitch has on him, it's too much for one person to hold, and IMO having all that stuff in a single DC, I have 3 separate ones, and another on the way.
I have decided not to go anything but big, secure, and better than I've ever done before, realized my previous mistakes in all aspects, corrected, moving on, and the new setup, is something that real stuff can be built on.
I will do some testing on various things too, if anyone is interested I've got someone that can pentest things for you, let me know.
-
has it been considered to have the whole system on a hosting service that has dDoS prevention build in?
-
ie like burstcoin.ro does it... their pages etc are very fast
-
Try cloudfare?
-
Try cloudfare?
-
@haitch Cool and thank you!
-
If you're looking for ddos protection on your hosts/network, this is one of the best solutions out there right now:
https://github.com/FastVPSEestiOu/fastnetmon
Complete BGP Flow Spec support, RFC 5575 Can process incoming and outgoing traffic Can trigger block script if certain IP loads network with a large amount of packets/bytes/flows per second Thresholds could be configured in per subnet basis with hostgroups feature Could announce blocked IPs to BGP router with ExaBGP GoBGP integration for unicast IPv4 announces Full integration with Graphite and InfluxDB Redis integration MongoDB integration Deep packet inspection for attack traffic netmap support (open source; wire speed processing; only Intel hardware NICs or any hypervisor VM type) SnabbSwitch support (open source, very flexible, LUA driven, very-very-very fast) Could filter out NetFLOW v5 flows or sFLOW packets with script implemented in LUA (useful for port exclude) Supports L2TP decapsulation, VLAN untagging and MPLS processing in mirror mode Can work on server/soft-router Can detect DoS/DDoS in 1-2 seconds Tested up to 10GE with 12 Mpps on Intel i7 3820 with Intel NIC 82599 Complete plugin support Could capture attack fingerprint in pcap format Have complete support for most popular attack typesMikrotic provides a plugin for their routeros:
https://www.mikrotik.com/software
https://github.com/pavel-odintsov/fastnetmon/tree/master/src/mikrotik_pluginYou can also run fastnetmon with other firewall/router distros, such as PfSense, or VyOs.
However, unless you run your own AS, ddos protection will be less effective, and only take you so far, which is why Cloudflare is definitely a good solution as long as you take care to configure your hosts to only accept connections from their edge servers, otherwise the ddos protection can be easily circumvented.
