Market Slow, might be a DDOS-type attack - don't panic

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

I see a bunch of threads today regarding Trade Route and it 
being slow or unusable. And many seem to be worried about an 
exit scam or such. Obviously I have no insight over there but
 wanted to share with the community that we had a DDOS-type 
attack yesterday. We didn't go down and had some slight 
slowdowns but we tightened our throttling rules and that 
mitigated the issue.

I'm guessing/wondering if the same person/group is doing the 
same over at Trade Route. Guess the point is - don't panic
 quite yet. There's a lot going on with markets with external 
factors (like the DDOS type stuff). I'm guessing this may be 
status quo for a few weeks.

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJZlaNKAAoJEI6Gz4/YbLRHwncP/AmegDWvwKjA4IJFc1mTw5Tw
b14cKJiWl9lclROat2UCUrx0gmcQANGInO8oTGt/HVx48gVjvIryyhw1gTPUXVwR
kS1x63BWcBPSg21Y6QNubUG90b6ze2Kr2c3ipXgHbYH+IA5bzDlVyApBJevsVzXj
nm8TZQiQztFaBgIE9Z/8sRtnZab9SkGJxxWbmF6v7lRVqHWpY4jQiJ7LWzYoQcMU
40C1vwbS2YmMZ8Ia9pMATg2lK76UtX4ktPfi3lZmfWYp4+qBiLcfccl2FTRAT7nN
YqIcMUTHvtMjt1ni2NCVDAOJTSlMkE6W+zsbt/ZH+Lp/MQd6tqOwsztpedldNXnh
u5ckvS2cmVH+7vXOiHX+3JQFwYxnST8Wyph1DBXhBUBBHxrDNUfwi0iaMry46JVH
3g8hAXoXrcIeVAD2aUvYNM/eCpp8GwK9NdXuIOxQUqjG3QscDHt75xZFjyOdG1PW
WqbPXDp8hlbs2CkSFsDDEk0u0QBIuJ46jqK+bBvVSgbS2cmDtPYmhV9CkUd3QcDi
OBxGvr8q0KFKnF2IIHU+V12aFgYBlQcUyaWdjvtbWvasRdMYWSEjA7CCFE6NgXGh
BuaFKTQ5sPEl6IyZQr5Bw793xd5bLbDVudOafkuloCCxw8Ln4TCgwiHBxVQLSGRz
/JJh6p+7Ht9V8z7i8KMu
=Bh/C
-----END PGP SIGNATURE-----


Comments


[1 Points] endedbytheknife:

All market announcements need to be signed with PGP key


[9 Points] DooshNozzzle:

I just logged in.... it's slow but works fine.


[5 Points] SpeedflyChris:

DDOS on hidden services can be used in an attempt to get your service to connect through one of an adversary's chosen guard nodes to uncloak the service.

Also I can't believe you're still attempting to run a marketplace given the unbelievably glaring holes that were uncovered in yours. Do yourself a favour and quit whilst you're ahead.


[5 Points] brasiliancardking:

It isn't a common Ddos, but in fact it is a 0 day technique used to backtrace and to try to locate the servers by the time between signaling and the server response.


[3 Points] FreshestNuts:

It's most likely because the servers are flooded, my pages load but it takes a second.


[3 Points] HugBunter:

Can you send me any info on this? I ran a lot of automated buyer-side tests on Sourcery yesterday, not sure if I contributed to it.


[2 Points] dimethyllibra:

I can't even login right now. It's not a big deal, just wanted to browse, but still. Kinda bummed that my connection keeps timing out.


[2 Points] _PrinterPam_:

Kudos on being fair with a competing market and helping stamp-out any FUD that might arise when certain things happen. I can't overstate how professional that is.


[2 Points] sharpshooter789:

Be careful with DOS attacks on Tor. They could potentially be a sign of an attack by LE to force you to use one of their entry nodes.

nachash [person who ran doxxbin] specifically warns about this type of attack

One last thing about guard node discovery attacks: The Naval Research Lab published a paper in July 2014 about the "Sniper Attack," [5] which in short works like this: The attacker discovers your guard nodes, then uses an amplified DoS trick to exhaust the memory on all of your nodes. The attacker keeps doing this until your hidden service uses guard nodes that they control. Then it's game over. If your hidden service's entry nodes are all specified in your torrc file and they get DoSed, your service will go offline. In this situation, if all of your relays are down, you essentially have an early warning canary that you're being targeted. In other words: This is the best possible time to book your one-way ticket to your chosen non-extradition country. For those of you with a background in writing exploits, this is similar in principle to how stack smashing protection will render some exploits either unable to function or will turn them into a DoS. Personally, I recommend an ever-changing list of relays or bridges. Add a few new ones at a pre-determined interval, and gradually let old ones go unpaid. ... [5]http://www.nrl.navy.mil/itd/chacs/biblio/sniper-attack-anonymously-deanonymizing-and-disabling-tor-network

The refrence link is from pastebin and automod removes dat shit. I can PM the link to the full writing for those interested.


[1 Points] sayitaintsokd:

Will setting up mirrors help?


[1 Points] None:

You're crazy man.


[1 Points] None:

[removed]


[1 Points] AutoModerator:

To format PGP encrypted messages, signed messages or keys properly on reddit please follow these instructions.

I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.


[0 Points] basjin:

so sourcery_market reddit account telling anyone to chill about TRADE ROUTE beeing offline.

maybe it is just me, but this seems pretty much odd.

i will post some fud stuff about this connection soon, stay tuned.

edit: /r/DarkNetMarkets/comments/6u5yht/market_slow_might_be_a_ddostype_attack_dont_panic/dlrdovb/