Silk Road forums

Support => Customer support => Topic started by: kesafat on April 30, 2013, 11:43 am

Title: Suggestion: Silk Road DDOS Prevention System
Post by: kesafat on April 30, 2013, 11:43 am
There would be an easy way to solve the DDOS problem. Delete the mail silkroad website. Then set up an email server on TOR, something like silkroad@tormail.org or similar. Each user wanting to log in has to send a Subject LOGIN message to this address. As reply he will get a String of number on which he has to compute proof-of-work (lets say hash it 10 times or something). He as to send his proof of work back to the email. And in reply he will get a unique (assigned to him) .onion domain, where he can access and login to Silk Road. This .onion domain should be valid only for a limited amount of time.
Title: Re: Suggestion: Silk Road DDOS Prevention System
Post by: Goadelic on May 01, 2013, 07:32 am
Quote
Then set up an email server on TOR, something like silkroad@tormail.org or similar. Each user wanting to log in has to send a Subject LOGIN message to this address.

i don't think that'll work, they could simply start flooding that e-mail box. what about unavailability of tormail, happens all the time i get the impression.

what about several dns-registrations as backups? in case of an attack update the dns-record or change the ip-address of the server(s) and find a way to let us know what url to use.

depends of course on how long it takes to propagate the dns-update through tor and also if you got direct access to the boxes where it's running in case of cabling or ip-address changes and the likes.

curious, what the whole infrastructure looks like, however it's kind of obvious no regular user will ever see a backbone drawing or such. pity!
Title: Re: Suggestion: Silk Road DDOS Prevention System
Post by: thecatalyst on May 01, 2013, 03:37 pm
I don't know how many servers are running this site, but one could always throw more hardware at the problem.  Load balancing and HA would help mitigate the issue, as well as some crafty firewall rules.  This is the second time I have offered my assistance.  I would love Silk Road to stay up and healthy.
Title: Re: Suggestion: Silk Road DDOS Prevention System
Post by: Dingo Ate My Drugs on May 02, 2013, 11:12 am
Quote
Then set up an email server on TOR, something like silkroad@tormail.org or similar. Each user wanting to log in has to send a Subject LOGIN message to this address.

i don't think that'll work, they could simply start flooding that e-mail box. what about unavailability of tormail, happens all the time i get the impression.

what about several dns-registrations as backups? in case of an attack update the dns-record or change the ip-address of the server(s) and find a way to let us know what url to use.

depends of course on how long it takes to propagate the dns-update through tor and also if you got direct access to the boxes where it's running in case of cabling or ip-address changes and the likes.

curious, what the whole infrastructure looks like, however it's kind of obvious no regular user will ever see a backbone drawing or such. pity!
Yea, tormail is down frequently.