Ddos Attacks

Discussion in 'Technical Development' started by shoshin, Jan 2, 2016.

  1. 2017/12/15 - Decred v1.1.2 released! → Release Notes  → Downloads
  1. shoshin

    shoshin Member

    Dec 28, 2015
    86
    94
    Male
    It seems https://decred.org/ may be experiencing a DDoS attack. The wiki and forum are obviously unaffected. As we approach the launch it seems we may have to contend with the prospect of elements seeking to disrupt our community.

    I have suggested the operators use CloudFlare to attempt to mitigate any future DDoS attacks, the trade-off being the loss of some privacy and the unpleasantness of having to solve captchas for Tor and some VPN users.

    One more quick preemptive move would be for the owner of the domain (which is hosted at Gandi I believe) to enable 2FA (two factor authentication) in case a hijacking is attempted. On a slightly related tangent; users of this forum should also enable 2FA for their forum accounts[1] and their email accounts if their provider supports it (e.g., Gmail does[2]).

    Be safe and worry not. Script kiddies may wish to test our resolve however we will be undeterred by their antics.

    [1] https://forum.decred.org/account/two-step
    [2] https://www.google.com/landing/2step/
     
  2. shoshin

    shoshin Member

    Dec 28, 2015
    86
    94
    Male
    Site back up. Seems it was just a small hiccup.
     
  3. davecgh

    davecgh Hero Member
    Developer Organizer

    Dec 31, 2015
    642
    788
    Male
    United States
    For reference, this wasn't the result of a DDoS attack. The admin has been working to upgrade the servers and it was related to that. The infrastructure is still in the process of being beefed up prior to launch.

    I'm not directly involved with with the site infrastructure, but wanted to relay the information.
     
    Rune S, jy-p and Renato Abreu like this.
  4. shoshin

    shoshin Member

    Dec 28, 2015
    86
    94
    Male
    Thank you for the update. The communication from the Decred team has been top notch from the beginning.
     
  5. Costin

    Costin Member
    Advocate (Twitter)

    Dec 28, 2015
    243
    84
    Male
    JavaScript
    Liverpool
    I knew it xD, thanks for the update!
     
  6. Freedom2Choose

    Freedom2Choose Full Member
    Designer

    Dec 17, 2015
    103
    118
    Designer
    USA
    I noticed that too this morning. Not a bad idea as far as the ddos prevention is concerned. I remember back in my altcoin mining days whenever a new alt would come out the pools would alot of times get ddos'd as well, so something to think about. Is decred going to be able to run p2pool nodes?
     
  7. anvoice

    anvoice Member

    Dec 22, 2015
    229
    78
    Male
    I think it's a little presumptuous to believe Decred will get ddos'd anytime soon. The one point of doing that to a pool is temporarily diminish hashing power to up one's revenue. Other than that, it would take a popular coin on an exchange to become a ddos target, for that is a tool for price disruption. Decred is in the clear for now, until major pool mining starts up anyway. Even then solutions exist.
     
  8. Grizzlebee

    Grizzlebee New Member

    Dec 28, 2015
    7
    4
    I experienced the very short outage.
    Don't listen to anyone who says DDOS wasn't an option.
    One or two people could easily DDOS the domain.
    Just log, track, and mitigate any nonesense.
    If need be use a service like Cloud Flare or cheaper.
    When Cloud Flare started they would help projects like this for pennies.
     
  9. anvoice

    anvoice Member

    Dec 22, 2015
    229
    78
    Male
    The devs themselves said it was a server failure. No need to panic for no reason, there is hardly a chance of ddos this early on.
     
  10. Costin

    Costin Member
    Advocate (Twitter)

    Dec 28, 2015
    243
    84
    Male
    JavaScript
    Liverpool
    There are many script boys out there. Ddos is a concern for even Google itself. In this case you're totally right but you never know :).
     
  11. Renato Abreu

    Renato Abreu Jr. Member
    Advocate (Twitter)

    Jan 3, 2016
    252
    45
    Male
    Programador
    Brazil
    DDoS is a concern ever !!!
     

Share This Page