So everything seems to be back to normal on my end. Not that I would know if something more nefarious was going on. How is everybody else doing?
SO what are so real solutions to prevent this happening again? I'm willing to listen.
Now, there are there two proposals to solve such problem:
a) Prevent redirect request across domains. The redirect mechanism of Stratum was designed for load balancing across different server of the same pool. All those servers should be in the same domain, so a redirect request across domains is highly suspicious.
b) Use TLS to encrypt/sign the connection, so that no third party might create a packet that legetimately appears to be coming from the pool, even if he guesses correctly the sequence number.
a is easy, as it only requires a small patch on miner clients. However, it is not torough, and does not address the underling vulnerability.
b is much more torough, but is more complicated, as it requires support from both miners and pool, and adds some overhead, especially to the pool.
However, both solutions are in the works. Patches have been submitted to BFGminer and cgminer to block suspicious redirects, and support TLS connections. Eligius pool server is testing supporting inound TLS connections. (Inbound TLS connections on other pools, though, is up to each pool operator)
Any new news on the potential use of these patches and their effectiveness?
GrapeApe