Zcash Testnet DoS Attack

Zcash Testnet DoS Attack
UPDATE- Please note that the problems on the Testnet turned out to be a bug, not a DoS attack as originally assumed: https://minezcash.com/zcash-network-bug/ I am very disappointed to report that the Zcash Testnet server has already been the subject of a DoS (Denial of Service) attack. For the past week since Testnet version z8 was released there have been many users (including myself) who have experienced trouble connecting our machines to the Testnet. Some have been able to get their machines connected by re-creating a few of the files in Zcash such as the testnet folders and the peers.dat file. A few bugs such as these are to be expected and are easily ironed out, but now it seems that the Zcash devlopers have more than just bugs to squash. A few hours ago the Zcash GitHub was updated with this unfortunate issue: Issue #1251 Opened by bitcartel: At the time of writing, testnet is at block 4109 but the alpha node is handing out many peers who continuously advertise a block height of 1337 and are not synced. The result is that genuine nodes receiving these peers are unable to join the network.
    {
        "id" : 9,
        "addr" : "x.x.x.x:18233",
        "addrlocal" : "x.x.x.x:55684",
        "services" : "0000000000000001",
        "lastsend" : 1471152190,
        "lastrecv" : 1471152189,
        "bytessent" : 1719575,
        "bytesrecv" : 947,
        "conntime" : 1471152188,
        "timeoffset" : -1,
        "pingtime" : 0.00000000,
        "pingwait" : 31.86533400,
        "version" : 170002,
        "subver" : "/Satoshi:0.11.2/",
        "inbound" : false,
        "startingheight" : 1337,
        "banscore" : 0,
        "synced_headers" : -1,
        "synced_blocks" : -1,
        "inflight" : [
        ],
        "whitelisted" : false
    },

Upstream improvements should be identified and where possible merged. For example “Connection slot exhaustion DoS mitigation” bitcoin/bitcoin#6374 To put this issue into plain English it means that someone has set up several fake peers with a block height of “1337” to constantly query the alphatestnet.z.cash server with the intention of flooding the connection slots so that legitimate users cannot connect. Unfortunately this means that someone views Zcash as a threat and wants to slow the Testnet development by using Denial of Service techniques. The good news is that the Zcash team spotted this annoying behavior and is already taking steps to fix the problem. A new cryptocurrency like Zcash is bound to attract unwanted attention but this attack only serves to strengthen Zcash and highlights the importance of the additional time that Zooko and his team are taking to make sure it is launched right.  
Related Posts