Update on the pool downtime

News updates about the Prohashing pool
GregoryGHarding
Posts: 665
Joined: Sun Apr 16, 2017 3:01 pm

Re: Update on the pool downtime

Post by GregoryGHarding » Sun Jun 18, 2017 6:10 pm

yep did a bit of research on JP VPS too.. sounds like it should work
jstefanop
Posts: 10
Joined: Tue Apr 18, 2017 3:00 pm

Re: Update on the pool downtime

Post by jstefanop » Sun Jun 18, 2017 7:14 pm

Steve Sokolowski wrote:I talked with Chris.

We determined that the previous method won't work, because Verizon is blocking outbound traffic that appears to come from IPs outside their network. The idea was to use a front server that had a lot of bandwidth to filter traffic and then just re-broadcast good packets with a different destination IP. Our server would then reply and rewrite the packets as if they came from the front server. But Verizon apparently filters these packets, a policy which was probably informed by people who tried to execute DDoS attacks with fake source addresses from within their network.

So Chris is trying a different idea. He's going to buy a VPS that provides DDoS protection from Javapipe, and set up a tunnel. Inbound, the behavior is the same, but outbound the packets travel back to the origin server and are broadcast there. No filtering is going to happen out there because the packets actually are coming from the server they pretend to come from.

We'll see if Chris can get this online in a few hours.
Probably not a good idea to broadcast details about DDoS protections on a public forum ;)
User avatar
Steve Sokolowski
Posts: 4244
Joined: Wed Aug 27, 2014 3:27 pm
Location: State College, PA

Re: Update on the pool downtime

Post by Steve Sokolowski » Sun Jun 18, 2017 8:46 pm

jstefanop wrote:
Steve Sokolowski wrote:I talked with Chris.

We determined that the previous method won't work, because Verizon is blocking outbound traffic that appears to come from IPs outside their network. The idea was to use a front server that had a lot of bandwidth to filter traffic and then just re-broadcast good packets with a different destination IP. Our server would then reply and rewrite the packets as if they came from the front server. But Verizon apparently filters these packets, a policy which was probably informed by people who tried to execute DDoS attacks with fake source addresses from within their network.

So Chris is trying a different idea. He's going to buy a VPS that provides DDoS protection from Javapipe, and set up a tunnel. Inbound, the behavior is the same, but outbound the packets travel back to the origin server and are broadcast there. No filtering is going to happen out there because the packets actually are coming from the server they pretend to come from.

We'll see if Chris can get this online in a few hours.
Probably not a good idea to broadcast details about DDoS protections on a public forum ;)
This is pretty standard practice, so it's nothing new to them.

A few updates. First, Chris was unable to complete his tasking today because he ran out of energy and fell asleep, having slept only 4h last night.

Second, even if he had been able to stay awake, a third IP address was attacked and lost. The site requires three IP addresses to operate, and we now only have two addresses available. Therefore, he can't make any further progress until 8:00am tomorrow, when he's going to buy new IPs. Then he'll work on connecting the "DDoS protected" IP through the VPN tunnel.

The largest coin payouts will be executed tonight. If the attacks take out the trader server, then we won't be able to execute payouts tonight. The forums might also be taken out, and if that's the case, then we'll keep people updated on twitter.

Right now, I'd say there's a 60% chance the site is available tomorrow, 80% by Tuesday, and almost certainly by Wednesday.
Last edited by Steve Sokolowski on Sun Jun 18, 2017 9:20 pm, edited 3 times in total.
User avatar
Eyedol-X
Posts: 105
Joined: Sun Nov 06, 2016 1:45 pm

Re: Update on the pool downtime

Post by Eyedol-X » Sun Jun 18, 2017 8:48 pm

Steve Sokolowski wrote:
jstefanop wrote:
Steve Sokolowski wrote:I talked with Chris.

We determined that the previous method won't work, because Verizon is blocking outbound traffic that appears to come from IPs outside their network. The idea was to use a front server that had a lot of bandwidth to filter traffic and then just re-broadcast good packets with a different destination IP. Our server would then reply and rewrite the packets as if they came from the front server. But Verizon apparently filters these packets, a policy which was probably informed by people who tried to execute DDoS attacks with fake source addresses from within their network.

So Chris is trying a different idea. He's going to buy a VPS that provides DDoS protection from Javapipe, and set up a tunnel. Inbound, the behavior is the same, but outbound the packets travel back to the origin server and are broadcast there. No filtering is going to happen out there because the packets actually are coming from the server they pretend to come from.

We'll see if Chris can get this online in a few hours.
Probably not a good idea to broadcast details about DDoS protections on a public forum ;)
This is pretty standard practice, so it's nothing new to them.

A few updates. First, Chris was unable to complete his tasking today because he ran out of energy and fell asleep, having slept only 4h last night.

Second, even if he had been able to stay awake, a third IP address was attacked and lost. The site requires three IP addresses to operate, and we now only have two addresses available. Therefore, he can't make any further progress until 8:00am tomorrow, when he's going to buy new IPs. Then he'll work on connecting the "DDoS protected" through the VPN tunnel.

The largest coin payouts will be executed tonight. If the attacks take out the trader server, then we won't be able to execute payouts tonight. The forums might also be taken out, and if that's the case, then we'll keep people updated on twitter.

Right now, I'd say there's a 60% chance the site is available tomorrow, 80% by Tuesday, and almost certainly by Wednesday.
Bummer to hear about this kind of down time, thanks for the work you guys are doing. Looking forward to the site being back online.
GregoryGHarding
Posts: 665
Joined: Sun Apr 16, 2017 3:01 pm

Re: Update on the pool downtime

Post by GregoryGHarding » Sun Jun 18, 2017 8:59 pm

thanks for the update steve let chris get his Z's he deserves the beauty rest..
both for his hard work and that thing he calls a profile pic :lol: :mrgreen:
vinylwasp
Posts: 98
Joined: Mon Oct 31, 2016 3:42 am
Location: Singapore

Re: Update on the pool downtime

Post by vinylwasp » Sun Jun 18, 2017 9:26 pm

Steve Sokolowski wrote:
I don't think these people have any purpose at all, and they're actually pretty dumb. Would you:
1. Spend your own money
2. Not be able to get anything in return because you can't steal any money or hack any systems
3. Provide more evidence for us to add to the police reports so that you can live in fear of arrest

That doesn't seem to be very smart to me. If I were to do something like this, I would at least want to have some potential for gain in exchange for my money and the chance of spending years in prison.
If they're another Pool operator that directly benefits from PH being down, then there's a strong economic motivation to keep DDoSing.
If they do it for long enough their strategy may be to cause you sufficient loss of revenue and cost to remediate to ultimately drive you out of business. I hope this doesn't happen of course but there are plenty of precedents for competitor DDoS attacks.

DDoS attacks are actually pretty cheap. Just google "web site stressor" and you'll find services (sic) for a few bucks per hour.
Javapipe sounds promising, my only concern would be increased latency, but we'll just have to wait and see what the impact of that might be.
User avatar
rootdude
Posts: 79
Joined: Wed Jan 07, 2015 3:14 pm

Re: Update on the pool downtime

Post by rootdude » Sun Jun 18, 2017 9:52 pm

This definitely hurts the bottom line. Sorry you're having to deal with it Steve/Chris.
User avatar
rootdude
Posts: 79
Joined: Wed Jan 07, 2015 3:14 pm

Re: Update on the pool downtime

Post by rootdude » Sun Jun 18, 2017 9:53 pm

Why not switch to different port numbers? Just shut down 3333 temporarily and use 443 and maybe a few others?
topkhodon
Posts: 8
Joined: Wed Jun 07, 2017 12:26 pm

Re: Update on the pool downtime

Post by topkhodon » Mon Jun 19, 2017 2:07 am

Steve Sokolowski wrote:
jstefanop wrote:
Steve Sokolowski wrote:I talked with Chris.
Right now, I'd say there's a 60% chance the site is available tomorrow, 80% by Tuesday, and almost certainly by Wednesday.
not so bad. I will waiting for restoring of pool. We belive in you. From Russia with love and hope. :)
olkah
Posts: 58
Joined: Fri Jan 27, 2017 9:36 pm

Re: Update on the pool downtime

Post by olkah » Mon Jun 19, 2017 2:25 am

Когда будете работать снова ???
Post Reply