Update on the pool downtime

News updates about the Prohashing pool
Forum rules
The News forum is only for updates about the Prohashing pool.

Replies to posts in this forum should be related to the news being announced. If you need support on another issue, please post in the forum related to that topic or seek one of the official support options listed in the top right corner of the forums page or on prohashing.com/about.

For the full list of PROHASHING forums rules, please visit https://prohashing.com/help/prohashing- ... rms-forums.
shyrwall
Posts: 13
Joined: Fri Jun 16, 2017 1:48 am

Re: Update on the pool downtime

Post by shyrwall » Sun Jun 18, 2017 12:44 pm

If the verizon ips you plan of using is in the same /24 as the old ones I suggest you request a new ip range in another /24 from verizon or it might be very easy for the attacker to find the backend.

Best is of course if verizon can firewall all traffic except javapipe
User avatar
FRISKIE
Posts: 117
Joined: Sun Apr 16, 2017 12:51 pm

Re: Update on the pool downtime

Post by FRISKIE » Sun Jun 18, 2017 1:24 pm

I suggest you request a new ip range in another /24 from verizon or it might be very easy for the attacker to find the backend
I agree and have not understood why a new set of IPs have not been provided already?

Especially if 2 of the current IPs are not working as expected.
User avatar
Steve Sokolowski
Posts: 4585
Joined: Wed Aug 27, 2014 3:27 pm
Location: State College, PA

Re: Update on the pool downtime

Post by Steve Sokolowski » Sun Jun 18, 2017 1:43 pm

FRISKIE wrote:
I suggest you request a new ip range in another /24 from verizon or it might be very easy for the attacker to find the backend
I agree and have not understood why a new set of IPs have not been provided already?

Especially if 2 of the current IPs are not working as expected.
They can't do that on the weekends, because the department that has authorization to do that apparently only works on weekdays.

Really, the main problem here is Verizon, not the attacker. If Verizon didn't have this problem, we would have been able to respond to this attacker much more quickly. This sours me on Verizon's service - how is this "business class?" When I've called Comcast for their "residential" service, they still the ability to fix stuff like this, even at my house, on the weekends.
User avatar
FRISKIE
Posts: 117
Joined: Sun Apr 16, 2017 12:51 pm

Re: Update on the pool downtime

Post by FRISKIE » Sun Jun 18, 2017 3:02 pm

Hehe . . perhaps the attackers have actually done you guys a favor in the long run by giving you a bit of downtime and opportunity to implement the DDoS protections that I'm sure have been on the "TO DO" list , but performance upgrades are taking up all available time for the longest ;)
User avatar
Steve Sokolowski
Posts: 4585
Joined: Wed Aug 27, 2014 3:27 pm
Location: State College, PA

Re: Update on the pool downtime

Post by Steve Sokolowski » Sun Jun 18, 2017 4:02 pm

Chris is having problems trying to figure out why DNS names are not resolving on the server after he configured it for this new setup.

He's been at it for about 4 hours and hopefully will figure it out soon.
GregoryGHarding
Posts: 646
Joined: Sun Apr 16, 2017 3:01 pm

Re: Update on the pool downtime

Post by GregoryGHarding » Sun Jun 18, 2017 4:09 pm

Steve Sokolowski wrote:
FRISKIE wrote:
I suggest you request a new ip range in another /24 from verizon or it might be very easy for the attacker to find the backend
I agree and have not understood why a new set of IPs have not been provided already?

Especially if 2 of the current IPs are not working as expected.
They can't do that on the weekends, because the department that has authorization to do that apparently only works on weekdays.

Really, the main problem here is Verizon, not the attacker. If Verizon didn't have this problem, we would have been able to respond to this attacker much more quickly. This sours me on Verizon's service - how is this "business class?" When I've called Comcast for their "residential" service, they still the ability to fix stuff like this, even at my house, on the weekends.
comcast even has higher priority for business class customers and here verizon cant even keep the department open on weekends what happens when a company begins to hemorrhage money because of that? bye bye verizon.
User avatar
FRISKIE
Posts: 117
Joined: Sun Apr 16, 2017 12:51 pm

Re: Update on the pool downtime

Post by FRISKIE » Sun Jun 18, 2017 4:15 pm

Right - having managed a support team for an ISP here in the EU (Interoute) I'm likewise disappointed by Verizon's support response.
GregoryGHarding
Posts: 646
Joined: Sun Apr 16, 2017 3:01 pm

Re: Update on the pool downtime

Post by GregoryGHarding » Sun Jun 18, 2017 5:09 pm

i did comcast support.. never again
User avatar
Steve Sokolowski
Posts: 4585
Joined: Wed Aug 27, 2014 3:27 pm
Location: State College, PA

Re: Update on the pool downtime

Post by Steve Sokolowski » Sun Jun 18, 2017 5:28 pm

I talked with Chris.

We determined that the previous method won't work, because Verizon is blocking outbound traffic that appears to come from IPs outside their network. The idea was to use a front server that had a lot of bandwidth to filter traffic and then just re-broadcast good packets with a different destination IP. Our server would then reply and rewrite the packets as if they came from the front server. But Verizon apparently filters these packets, a policy which was probably informed by people who tried to execute DDoS attacks with fake source addresses from within their network.

So Chris is trying a different idea. He's going to buy a VPS that provides DDoS protection from Javapipe, and set up a tunnel. Inbound, the behavior is the same, but outbound the packets travel back to the origin server and are broadcast there. No filtering is going to happen out there because the packets actually are coming from the server they pretend to come from.

We'll see if Chris can get this online in a few hours.
User avatar
FRISKIE
Posts: 117
Joined: Sun Apr 16, 2017 12:51 pm

Re: Update on the pool downtime

Post by FRISKIE » Sun Jun 18, 2017 5:57 pm

Hey Steve - I was reading thee Javapipe "remote DDoS protection" offering and options, and the 2nd solution you describe here sounds good from what I understand of things - good luck!
Locked