shorena

Legendary



Offline



Activity: 1498

Merit: 1346





No I dont escrow anymore.







Copper MemberLegendaryActivity: 1498Merit: 1346No I dont escrow anymore. Re: Why? Because fuck u, thats why: version 70002 , blocks= March 01, 2016, 08:43:22 AM #9 Quote from: jtoomim on March 01, 2016, 04:30:00 AM DNS amplification attacks.

This user agent string is used by the crawlers that https://www.reddit.com/user/botneko-chan uses to identify Bitcoin Classic nodes for subsequent DDoS via

From what was reported here, that claim makes no sense. It looks like the attack is just to request blocks over and over again. That is not a "DNS amplification". Im not even sure how its a (D)DoS attack at all as I suspect that core/classic/any other fork will limit the number of requests to their own capabilities.



It will hardly crash the nodes, if anything it will result in the node no longer accepting external connections, which could be seen as a partial DoS. From what was reported here, that claim makes no sense. It looks like the attack is just to request blocks over and over again. That is not a "DNS amplification". Im not even sure how its a (D)DoS attack at all as I suspect that core/classic/any other fork will limit the number of requests to their own capabilities.It will hardly crash the nodes, if anything it will result in the node no longer accepting external connections, which could be seen as a partial DoS. Im not really here, its just your imagination.

fubly



Offline



Activity: 556

Merit: 517





Trustless IceColdWallet







Hero MemberActivity: 556Merit: 517Trustless IceColdWallet Re: Why? Because fuck u, thats why: version 70002 , blocks= March 03, 2016, 09:20:44 PM

Last edit: March 04, 2016, 02:55:04 AM by fubly #10 I do not know if there is a close connection between these messages and the fact that since I recognized these I have to restart my node 4-5 times a day after crashing my system has 32 gb ram and a 16 core cpu.



p.s. my script restarts usually the node by it self, after kill command it comes up within 0,5 seconds but not after an crash.



each time you send a transaction don't forget to use a new address, each time you receive one also!

waspoza



Offline



Activity: 602

Merit: 500





Firstbits: 1waspoza







Hero MemberActivity: 602Merit: 500Firstbits: 1waspoza Re: Why? Because fuck u, thats why: version 70002 , blocks= March 05, 2016, 12:53:41 AM

Last edit: March 05, 2016, 01:49:45 AM by waspoza #18 Quote from: fubly on March 04, 2016, 08:35:03 PM can any one post an fail2ban jail for that?



Good idea. Instructions how to make one:



First make sure that you have logips=1 in your bitcoin.conf, otherwise it won't work. Need to restart bitcoind after this change.



In /etc/fail2ban/jail.local add following at the end of file:

Code: [bitcoin]



enabled = true

port = 8333

filter = bitcoin

logpath = /home/bitcoin/.bitcoin/debug.log

maxretry = 0

bantime = 2592000

findtime = 2592000

Make sure logpath is pointing to the right place. I set bantime for 1 month, adjust to your liking.



Create file /etc/fail2ban/filter.d/bitcoin.conf and put following inside:

Code: # Fail2Ban configuration file for bitcoin

#

[Definition]

failregex = .*receive version message: Why\? Because fuck u.*peeraddr=<HOST>:.*

ignoreregex =



fail2ban-client reload should add new jail, check /var/log/fail2ban.log for errors.



fail2ban-client status should show bitcoin jail:

Code: Status

|- Number of jail: 2

`- Jail list: ssh, bitcoin



And fail2ban-client status bitcoin should show something like this:

Code: Status for the jail: bitcoin

|- filter

| |- File list: /home/bitcoin/.bitcoin/debug.log

| |- Currently failed: 0

| `- Total failed: 16

`- action

|- Currently banned: 16

| `- IP list: 77.34.27.96 95.53.51.198 176.50.123.107 178.64.113.245 93.120.208.183 77.82.86.29 5.199.198.144 77.40.25.121 178.35.111.80 37.23.153.174 178.67.71.3 95.129.179.54 92.37.141.207 176.50.198.19 37.78.17.90 95.70.82.79

`- Total banned: 16



Enjoy! Good idea. Instructions how to make one:First make sure that you havein your bitcoin.conf, otherwise it won't work. Need to restart bitcoind after this change.Inadd following at the end of file:Make sure logpath is pointing to the right place. I set bantime for 1 month, adjust to your liking.Create fileand put following inside:should add new jail, check /var/log/fail2ban.log for errors.should show bitcoin jail:Andshould show something like this:Enjoy!