New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Electrumx continuously attempting to crash old client. #842
Comments
This is from the code introduced, I believe, in EX v0.11 that keeps clients from connecting unless they have at least version 3.3 that does not display the phishing upgrade message from malicious servers. It is part of the phishing mitigation, not DDoS (although the two are related). There is no environment variable to disable this. Your logs look like normal public server activity with clients attempting to use the old Electrum to me. |
Really? Continuously, every second 24/7? |
Could be. Your server is also serving clients with the appropriate version just fine. Also could possibly be the botnet (DDoS) is using an intentionally old version to tie up your server - I didn't look closely at the timestamps initially. As the IPs are varied there is little to do other than use Ghost43s blacklist. Incidentally, when my server was pubic I only served SSL - TCP doesn't really appear necessary. Even |
This is a sub-optimal solution. This is assuming the Electrum client version from the main Electrum client (https://github.com/spesmilo/electrum/blob/master/electrum/version.py#L1), but there are other clients using this protocol which naturally don't have the same client version. The fix also does not really do anything, as someone running a good server does not send phishing messages, while a bad one won't try to crash old clients. Any chance to revert this? |
@benma the relevant change is #760
You are missing that the client connects to many servers, any one of which can crash its network thread.
see spesmilo/electrum#5246 |
@SomberNight Thanks, will look into it. |
While not a fix it is possible to edit out the logging of that message. Find line 1292 and comment it out so it becomes Then rerun the setup.py installer |
|
There is variable to configure this. If you are using run_electrum.sh (on Raspberry Pi for example), put this into it:
This will tell ElectrumX to drop connections to clients 3.0* - 3.2*. That would ban this pesky 3.2.2 client. |
The Unix command:
journalctl -u electrumx -f
shows that electrumxx (1.12) keeps writing the following line over and over again:
attempting to crash old client with version 3.2.2
Is that still due to the DDOS attacks? Or is something else going on?
Note that I run with the configuration variables:
to allow connections over TOR without running into resource limit problems.
See below for part of the actual output from journalctl:
The text was updated successfully, but these errors were encountered: