Thanks, I have a working script that automatically scans for these connections, adds the IP to a log file and bans them for a day now.
Why bother with it and not ban them for a longer period at once? I don't understand your approach here. I've used 1 month to check whether it is going to stop in the meantime, if it doesn't then these nodes will go to my yearly ban list.
Well I wrote the script so I dont have to care about this anymore. Changing the bantime is trivial now, esp since I can see in the log whether or not the attack still continues. It also ensures that I dont ban IPs for a long time when its not needed or if its a false positive. This prevents that my node helps separating amazon nodes in general from the network. If franky1 is correct, and I think its likely they are, its a bad idea to help the attacker by splitting amazon nodes off the network. Its still rank #4 on ISP according to bitnodes[1].
[1]
https://bitnodes.21.co/nodes/#networks-tab
i have no idea about this. i never face such things ever. may that i am quite new in bitcoin forum. so i hope that the problem will be solve very soon. let me know that if something like this happend what suoul i do then.
Do you run a full node?