Page 1 of 4

Status as of Friday, June 30, 2017

Posted: Fri Jun 30, 2017 8:02 am
by Steve Sokolowski
Good morning! It looks like everyone is back, after a second round of attacks.
  • These attacks are difficult not because they are sophisticated or hard to understand, but because we can't get information from the companies we are dealing with. We still don't even know the specific types of attacks, or how large they are.
  • Chris did determine that this latest attack seemed to be a result of a large number of UDP packets. OpenVPN runs over UDP, because having two layers of TCP could cause packets to be doubly retransmitted. In this most recent attack, the bogus UDP packets overwhelmed the real ones - but it was easy to solve once we finally determined what was going on because UDP packets should only be accepted from one source - the VPN network. Javapipe dropped all the other packets and the system returned to normal, since we don't provide any services that use UDP.
  • It's time for a poll. Chris received a quote from Comcast Enterprise Solutions yesterday. They charge $1095 for a single DDoS response, which is good for 24 hours.
  • One option is to keep doing what we're doing what we're doing now. I assume that attackers try the cheapest attack types first, so as Javapipe blocks them, the attacks will probably become too expensive to even attempt, let alone sustain for long periods. But when new attacks occur, it takes days to figure out what is happening, and it introduces another point of failure into the system when Javapipe is having trouble with their services. This method allows fees to be lower, but the system would be unreliable.
  • The other option is to use Comcast, which has people who can be reached on the phone and who will respond within five minutes any time of the day or night. They guarantee uptime, so I doubt we would have problems with that, but the high cost means customers would have to pay extra fees, perhaps rising to 6.99%. We could make days there are no attacks "bonus days," so that miners get a surprise 2% bonus when we don't have to spend the $1095 to deal with attacks.
  • Which option do you prefer?
This weekend, we will be releasing a number of performance enhancements, as well as the litecoin default payout coin changes. The server side of the website seems to be running slowly - that's not because of an attack, but just because we have spent all our performance optimization time on the mining server and client side of the website. I'll be looking into optimizing the server side of the website this weekend.

Re: Status as of Friday, June 30, 2017

Posted: Fri Jun 30, 2017 8:23 am
by fattygrub
I think you should give Javapipe at least a week or two to prove them selves since you're already hooked up with them.

I am, however, willing to pay more for a system that is rock solid and stable.

But $1095 "per attack" sounds absolutely ridiculous to me. You can't run that way. We already know that Prohashing is a target and as you grow so will the attacks.

Comcast's $1095 "per attack" is a no-go in my book, unless or until you reach such volume and profit that you can afford 365 X $1095 per year.

Stick with Javapipe for now.

John

Re: Status as of Friday, June 30, 2017

Posted: Fri Jun 30, 2017 8:34 am
by GregoryGHarding
im with fatty, i dont mind the fee raise and bonus days, not liking the per attack charge, but i guess thats the cost of enterprise protetion

Re: Status as of Friday, June 30, 2017

Posted: Fri Jun 30, 2017 8:34 am
by Mrrt
I would be less interested in additional DDoS mitigation solutions at this point as I would be in having more information about my network traffic.

DDoS attacks are commonly used as smokescreens to divert attention while real info-gathering/hacks are taking place, so I'd be more interested in seeing what other abnormal traffic may be headed to the servers to either identify or rule out more serious potential security threats.

Re: Status as of Friday, June 30, 2017

Posted: Fri Jun 30, 2017 8:40 am
by mrgoldy
Would you be able to operate with an additional $1095 daily cost if it did happen everyday? Would a fee increase alone cover that cost?
I'm fine with the fee increase if that's what it takes to be more reliable. and the bonus kickback sounds like a good idea.

I also want ProHashing to be around as long as possible, which means enough profit for you guys to keep running it.

Re: Status as of Friday, June 30, 2017

Posted: Fri Jun 30, 2017 9:06 am
by GregoryGHarding
is it possible to have the best of both worlds? stick with javapipe until we outgrow them (since now they know the method of our DDoSing) and then make the switch to comcast. or is this a time sensitive deal?

Re: Status as of Friday, June 30, 2017

Posted: Fri Jun 30, 2017 9:41 am
by Maznoz
I prefer a stable solution which is competitive price wise. A 2% fee increase might make the pool profitability less competitive, depending on current market conditions. An unstable server however is also a big disadvantage.

Stability would be my highest priority and I would accept a fee increase as longs as profitability remains competitive. If stability, profitability or both would take too big of a hit I would probably switch to other pools.

I really appreciate this pool and the support you guys give, but end of the day stability and profitability are what matters most.

Re: Status as of Friday, June 30, 2017

Posted: Fri Jun 30, 2017 9:48 am
by piet
"we" already pay 4% more compared to other pools... for this 4% you can`t offer a decent uptime / service / ddos protection ?

Lets do some math;
40.000 earning per day, 5% of this is 2.000 per day = 60k monthly, this isnt enough for some decent uptime !?

I switched to another pool and i`m quite happy with it, earnings are (only) slightly lower but constant! and no payout problems, coin problems, router problems, holiday errors, weather problems, etc, etc, etc, etc, etc...

Re: Status as of Friday, June 30, 2017

Posted: Fri Jun 30, 2017 10:06 am
by AvPro
Personally I think a 2% fee increase would be too high an overall fee in comparison to other pools which offer DDOS protection. Although I fully appreciate that PH pool exceeds others. 0.75-1% increase would be fairer

Given that JavaPipe have had a week of service maybe they will become more proficient and have greater ability to defend.

Re: Status as of Friday, June 30, 2017

Posted: Fri Jun 30, 2017 10:27 am
by n00bminer
I could go with either. If it were my business, I would opt for javapipe only because I do not trust comcast enterprise lol