Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Announcements (Altcoins)
Re: [ANN] The XVC take over! ICO. Collect BTC for expensive devs.
by
ocminer
on 01/12/2016, 17:38:37 UTC
Quote from: kalisto on December 01, 2016, 05:31:49 PM
Quote from: ocminer on December 01, 2016, 05:21:05 PM
Quote from: kalisto on December 01, 2016, 05:14:11 PM
Quote from: ocminer on December 01, 2016, 05:07:35 PM
Quote from: kalisto on December 01, 2016, 04:59:33 PM
Quote from: ocminer on December 01, 2016, 04:48:28 PM
Quote from: kalisto on December 01, 2016, 04:44:47 PM
Quote from: romanornr on December 01, 2016, 04:11:57 PM
Quote from: kalisto on December 01, 2016, 12:19:35 AM
Quote from: ocminer on November 30, 2016, 11:44:41 PM
Quote from: hankrules on November 30, 2016, 11:08:17 PM
How about just create a new genesis block and call it chocolatecoin?

Won't work, all his backdoors / tricks are still in the code - the code can't be trusted in its current state.

lol you are fast.. lurking in slack? if you cannot protect your pool dont come here bashing with fud like a ctr shill Grin

if you can point us to 1 backdoor you can earn some respect back

Hey your Bitcointalk account is exposed to the public. Your account is vulnerable. I will ask the mods to ban your account.

This is how stupid John his theory sounded when he said suprnova is not safe.

To mine, a pool need to have open ports.. Otherwise you can't connect.

He had nothing to back up with except bluffing /lying.
But maybe you are a pro network engineer and be able show everyone a detailed security analysis.

If you dont close your inbound tcp ports for the daemon you are not qualified to run a pool lol.

Stratum is the only port that should be open to the public and talks internal to the daemon.

Crybabies

Lol and the daemon talks to itself because it isn't allowed to communicate with other peers, right?

You have p2p ports and rpc ports.  Of course close the rpc port but p2p is the port which connects to other daemons, other wallets...

Drunk?

LOL i get it, you dont know how a firewall works.
You dont want external peers connecting to your node, you submit your work to the network.
Only outbound is important so you get a firewalled peer, how else does the BTC client work behind a router with closed ports? ROFLOL

Are you really that stupid?  Grin

LOL, I see a real network expert here Smiley




Of course you want external nodes connecting to your node, this will propagate your blocks faster, especialy when you're a pool. You always want as much connections as possible, your're not a peer, you're a pool.. If you're not connecting well, your Blocks won't propagate fast and you'll have problems with orphans. Thats also the reason why there's always a main and a backup node, one gets direct blocks from stratum and communicates with backup node as well as with other nodes on the internet to get this block propagated as fast as possible on the network.

"Bad" or "malicious" peers are or at least SHOULD be automatically banned by the daemon, you can see that as "misbehaving" in the log of the daemon.
If that doesn't work or is disabled intentionally you or ALL peers are having a BIG problems, as EVERYONE with an open wallet is vulnerable to those attacks.

Oh and btw, you firewall expert, you of course CAN block incoming connections and only allow outgoing connections but what about the incoming data over the outgoing connection ? So you don't want to accept any traffic coming in ? Smiley


By making your node public it starts to become probed for collateral, relays encrypted data, votes, seeds the blockchain, etc for services such as ZeroTime, Node Incentives and Chainblender. Because other nodes can connect to you will seed the blockchain to other peers more often and possibly see increased memory growth from Berkeley DB keeping excessive dirty pages. By firewalling your node it will keep a fairly constant memory pattern as it is only performing relaying. The only reason to have the p2p port public is if you intend something described here.


And this is exactly what is needed Smiley

Btw in bitcoin/dash nodes you can limit all those stuff in the config file.. "rpcmaxconnections" etc..

If you disable incoming connections or disallow incoming traffic at all, your node will have only 1 connection (the outgoing connection) and you'll have lots of orphans and lots of problems when that one connection goes down.

Still XVC has a big problem with authentication. By default it listens on  port 9995 without any username or password or even host authentication which of course makes it a viable target for hackers. At least it defaults to 127.0.0.1 but IMHO it shouldn't be possible at all to allow listening on any port without password (rpcusername) or hostname (rpcallowip) auth. But yes, this can be fixed by iptables etc... Hopefully everyone does that...

No it's not needed, as long as you have 8 outbound connections there are no problems.
Inbound = overhead, rest should get handled with proper opsec.
I'm just explaining why your pool forked on xvc, its not your so called paranoid backdoor.


I disagree, the pool running like this for years until JC in public stated he banned my pools node(s). (Check twitter pics!) It forked because he used his code and banned the pools IP and/or wallet address, not because anything on pools side was improperly configured or not going normal. He was actively fighting against the pool as said so in his twitter.