Prohashing Mining Pool Forums

copy of discussion from the slack chat:
we would be fine until the attacker changed the flood type
then it would take time for javapipe to find where the attack is taking place.
flood type changes, javapipe finds new solution, is that new solution then permanent and that flood type could never happen again?

If the answer is that as javapipe grows/defends, that they become more reliable with less down time. I would say stay with javapipe

piet wrote:"we" already pay 4% more compared to other pools... for this 4% you can`t offer a decent uptime / service / ddos protection ?

Lets do some math;
40.000 earning per day, 5% of this is 2.000 per day = 60k monthly, this isnt enough for some decent uptime !?

I switched to another pool and i`m quite happy with it, earnings are (only) slightly lower but constant! and no payout problems, coin problems, router problems, holiday errors, weather problems, etc, etc, etc, etc, etc...

Unfortunately, the big picture isn't as rosy as that.

Of all revenue, about 0.5% is lost in exchange trading fees, 0.25% in withdrawal fees, 0.25% in network transaction fees, 1% in slippage, 0.5% in servers, bandwidth, and electricity usage of the servers, a small amount (currently) in DDoS attack protection, and 0.4% in salaries for freelancers, including the customer service representative budgeted for hire.

Thus, about 2% actually remains for profit. Of that, 35-39.6% goes to the IRS, 3% to state taxes, 1.45% to local taxes, and 6% to sales taxes, for a total of about 50% in taxation. That means that remaining actual profit is 1% of revenue.

To make things worse, when scrypt profitability falls back below 1 cent when the bubble ends, we should expect pool profit to be cut by at least 75%. The pool was making about 1/4 of what it does now before the bubble.

When you look at this analysis, you can see why Chris is trying to negotiate a monthly rate with Comcast for unlimited attack protection. Even if there were $60k in profit per month, half of that would be taken up by $1095/day attack protection.

Unless you can get some kind of monthly rate for protection, I'd say Comcast is a no go. Yes, the downtime can be frustrating, but so long as javapipe is able to keep adapting relatively quickly, I think that is the overall better way to go. $1100 per attack is a lot of money to be throwing down the drain. At the end of the day, though, you guys need to make the best decision for your business. Unfortunately there really isn't enough data to figure out how often this will happen in the future, and how well Javapipe will respond each time. But, either way you're going to have people dissatisfied, and some will end up leaving at some point. It sucks, but that's the world we live in unfortunately.

Mrrt wrote:I would be less interested in additional DDoS mitigation solutions at this point as I would be in having more information about my network traffic.

DDoS attacks are commonly used as smokescreens to divert attention while real info-gathering/hacks are taking place, so I'd be more interested in seeing what other abnormal traffic may be headed to the servers to either identify or rule out more serious potential security threats.

While this sounds intriguing, if there were other traffic going to the servers, they were unsuccessful in exploiting them. There was so much attack traffic that Chris couldn't even log in, so I doubt attackers would have been able to do any damage considering that Chris couldn't even get characters from an SSH terminal to display.

Personally I think you should give Javapipe a fair chance. Profitability is not a problem for me.

Downtime = Lost Money for Everyone

Add it all UP - for days!

I Vote Comcast - Stable System

It turns out that it only costs $2900 to have "unlimited DDoS protection" - far less than the $33,000 implied by paying every day of the month.

Therefore, I don't think a poll is required.

On other hand 7% fees will make pool highly unporfitable on days when minning is done mostlly on one coin.

Eitherway did these attacks come from BCC miners thats what i would think.

Steve Sokolowski wrote:It turns out that it only costs $2900 to have "unlimited DDoS protection" - far less than the $33,000 implied by paying every day of the month.

Therefore, I don't think a poll is required.

3k$ should be doable