Search content
Sort by
Showing 11 of 11 results by sodgi7
DNS propogation is not instant, it can take hours in some cases for the new ip's to propagate to all the DNS servers in the world, especially if the server is caching it can take up to 24hrs for the clients to get the new IP, so the DNS test you did doesn't really prove much.
Sorry, this is nonsense. slush said in his post he has a 5 minute timeout on his zone and this is easily verifiable:
$ dig mining.bitcoin.cz
; <<>> DiG 9.7.3 <<>> mining.bitcoin.cz
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59770
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 5, ADDITIONAL: 4
;; QUESTION SECTION:
;mining.bitcoin.cz. IN A
;; ANSWER SECTION:
mining.bitcoin.cz. 300 IN A 178.79.183.97
See that 300? 300 seconds, 5 minutes.
No DNS server (unless deliberately misconfigured) will hold onto that value for more than 5 minutes.
It is conceivable that if a client is going through a long chain of DNS servers each with their own cache, that you will see old data for slightly more than 5 minutes, but I would guess this is rare. And it certainly wouldn't be 24 hours.
It is also conceivable that the botnet attacking software could have done one lookup when it started then kept the value until told to do otherwise, but then it would require babying by the operator to keep up with his previous DNS changes when trying to evade them. I doubt this is the case.
Everything slush said about DNS was correct. Yes, I am a sysadmin.
Then you are pretty weak sysadmin because DNS server change can easily take over 24 hours for busy server.. it usually takes much less time with small web sites. But in this context I don't think it even matters. I doubt the person behind DDoS specifically wrote the bots to resolve the domain name every now and then while sending packets. Why add such overhead? I don't know many programmers who ever need to write anything like that. Actually it is usually even the opposite, people force their software to automatically use IP addresse after resolving the IP for the very first time to reduce overhead.
Most likely all the machines behind DDoS had the domain name IP locally cached and with most router/computer configurations if you are actively using some addresse it takes very long time to flush the local cache. In fact it might never happen if you constantly query something from that domain.
Saying that the attack didn't go over to btcguild and because of that they are to blame is funny. You must really hate them very much slush.
Just remembered another thing. Even when I'm not using Phoenix miner I seem to get quite high rejected shares rate when checking from the mining proxy database. When I check mining pool dashboard though it is all fine. So I guess this proxy currently marks certain bad connection issues or something similar also as rejected shares while they are really not?
But yeah PulsedMedia.. I wouldn't be surprised if your issues are partly caused by phoenix. I'm going to testrun poclbm in Windows on my machines today.. this far it seems very stable with this proxy as rpcminer clients.
But yeah PulsedMedia.. I wouldn't be surprised if your issues are partly caused by phoenix. I'm going to testrun poclbm in Windows on my machines today.. this far it seems very stable with this proxy as rpcminer clients.
I have phoenix crashing issues too but I'm not really certain if it is this mining proxy causing it. Problem went away when I switched over to another miner(rpcminer). There are some known problems with phoenix. Then again without the proxy phoenix doesn't crash as often so I dunno.
I guess the truth is somewhere in the middle but since using other miners with this proxy works I don't see this as a problem.
I guess the truth is somewhere in the middle but since using other miners with this proxy works I don't see this as a problem.
I would like to get out of here because I have some questions to person who wrote the phoenix miner code and I'm interested about developing a tiny ugly wrapper for it that fixes current issues with it when phoenix becomes idle randomly.
Slashdot is filled with ignorant people who have no idea what they are talking about. Basically they are borrowing somebodies views and just blasting them everywhere in the forums without having any opinion of their own about the topic whatsoever.
This is kind a frustrating but oh well. Can live with it.
Why not add some captchas to registration page though? One repcaptcha and one with questions. Should cut out spam completely. I assume right now you'll still get spam but only to newbie section.
Why not add some captchas to registration page though? One repcaptcha and one with questions. Should cut out spam completely. I assume right now you'll still get spam but only to newbie section.