Electrumx continuously attempting to crash old client. #842

ghost · 2019-06-17T15:44:08Z

The Unix command: journalctl -u electrumx -f
shows that electrumxx (1.12) keeps writing the following line over and over again:

attempting to crash old client with version 3.2.2

Is that still due to the DDOS attacks? Or is something else going on?

Note that I run with the configuration variables:

COST_SOFT_LIMIT=0
COST_HARD_LIMIT=0

to allow connections over TOR without running into resource limit problems.

See below for part of the actual output from journalctl:

jun 17 17:26:46 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464225] attempting to crash old client with version 3.2.2
jun 17 17:26:46 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464226] attempting to crash old client with version 3.2.2
jun 17 17:26:46 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464227] TCP 1.22.9.5:56594, 104 total
jun 17 17:26:46 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464228] TCP 125.234.108.210:56466, 105 total
jun 17 17:26:46 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464228] attempting to crash old client with version 3.2.2
jun 17 17:26:46 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464227] attempting to crash old client with version 3.2.2
jun 17 17:26:46 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464229] TCP 5.117.58.150:12812, 104 total
jun 17 17:26:46 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464229] attempting to crash old client with version 3.2.2
jun 17 17:26:46 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464230] TCP 117.2.32.37:53663, 104 total
jun 17 17:26:46 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464230] attempting to crash old client with version 3.2.2
jun 17 17:26:46 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464231] TCP 36.72.128.141:57894, 104 total
jun 17 17:26:46 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464231] attempting to crash old client with version 3.2.2
jun 17 17:26:47 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464232] TCP 115.79.24.21:58693, 104 total
jun 17 17:26:47 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464232] attempting to crash old client with version 3.2.2
jun 17 17:26:47 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464233] TCP 171.243.208.209:59166, 104 total
jun 17 17:26:47 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464233] attempting to crash old client with version 3.2.2
jun 17 17:26:47 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464234] TCP 61.5.94.195:8705, 104 total
jun 17 17:26:47 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464234] attempting to crash old client with version 3.2.2
jun 17 17:26:47 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464235] TCP 172.58.11.53:44157, 104 total
jun 17 17:26:47 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464236] TCP 39.52.37.101:57752, 105 total
jun 17 17:26:47 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464236] attempting to crash old client with version 3.2.2
jun 17 17:26:47 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464237] TCP 49.48.149.130:58928, 105 total
jun 17 17:26:47 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464237] attempting to crash old client with version 3.2.2
jun 17 17:26:47 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464238] TCP 111.125.235.3:54829, 105 total
jun 17 17:26:47 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464238] attempting to crash old client with version 3.2.2
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464239] TCP 116.97.243.38:10096, 105 total
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464239] attempting to crash old client with version 3.2.2
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464240] TCP 113.53.232.201:61325, 105 total
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464240] attempting to crash old client with version 3.2.2
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464241] TCP 1.54.200.190:49750, 105 total
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464241] attempting to crash old client with version 3.2.2
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464242] TCP 58.82.189.193:6510, 105 total
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464243] TCP 200.216.76.170:53583, 106 total
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464244] TCP 36.84.227.150:53694, 107 total
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464245] TCP 200.216.76.170:54113, 108 total
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464246] TCP 171.241.230.65:52231, 109 total
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464247] TCP 115.74.212.110:55269, 110 total
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464248] TCP 36.82.47.109:57148, 111 total
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464242] attempting to crash old client with version 3.2.2
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464243] attempting to crash old client with version 3.2.2
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464244] attempting to crash old client with version 3.2.2
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464245] attempting to crash old client with version 3.2.2
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464246] attempting to crash old client with version 3.2.2
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464247] attempting to crash old client with version 3.2.2
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464248] attempting to crash old client with version 3.2.2
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464249] TCP 156.210.61.107:52506, 112 total
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464249] attempting to crash old client with version 3.2.2
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464250] TCP 43.250.242.15:12298, 105 total
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464250] attempting to crash old client with version 3.2.2
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464251] TCP 117.6.121.13:54389, 105 total
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464251] attempting to crash old client with version 3.2.2
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464252] TCP 24.146.232.193:54348, 105 total
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464253] TCP 47.11.141.203:53031, 106 total
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464253] attempting to crash old client with version 3.2.2
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464254] TCP 27.72.47.245:26202, 106 total
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464254] attempting to crash old client with version 3.2.2
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464255] TCP 118.172.127.41:52989, 106 total
jun 17 17:26:49 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464255] attempting to crash old client with version 3.2.2

The text was updated successfully, but these errors were encountered:

peleion · 2019-06-17T19:39:13Z

This is from the code introduced, I believe, in EX v0.11 that keeps clients from connecting unless they have at least version 3.3 that does not display the phishing upgrade message from malicious servers. It is part of the phishing mitigation, not DDoS (although the two are related). There is no environment variable to disable this.

Your logs look like normal public server activity with clients attempting to use the old Electrum to me.

ghost · 2019-06-17T21:16:24Z

@peleion

Your logs look like normal public server activity

Really? Continuously, every second 24/7?

peleion · 2019-06-17T21:23:25Z

Could be. Your server is also serving clients with the appropriate version just fine. Also could possibly be the botnet (DDoS) is using an intentionally old version to tie up your server - I didn't look closely at the timestamps initially. As the IPs are varied there is little to do other than use Ghost43s blacklist.

Incidentally, when my server was pubic I only served SSL - TCP doesn't really appear necessary. Even
ThomasV couldn't give me a good answer why it is used other than for bots/DDoS.

benma · 2019-08-05T17:56:19Z

This is a sub-optimal solution. This is assuming the Electrum client version from the main Electrum client (https://github.com/spesmilo/electrum/blob/master/electrum/version.py#L1), but there are other clients using this protocol which naturally don't have the same client version.

The fix also does not really do anything, as someone running a good server does not send phishing messages, while a bad one won't try to crash old clients.

Any chance to revert this?

SomberNight · 2019-08-05T18:09:30Z

@benma the relevant change is #760

The fix also does not really do anything, as someone running a good server does not send phishing messages, while a bad one won't try to crash old clients.

You are missing that the client connects to many servers, any one of which can crash its network thread.

but there are other clients using this protocol which naturally don't have the same client version.

see spesmilo/electrum#5246
Consider sending a version string that follows a scheme similar to recent Electrum (i.e. identify the client type).

benma · 2019-08-07T09:46:13Z

@SomberNight Thanks, will look into it.

theblains · 2019-08-11T11:22:02Z

While not a fix it is possible to edit out the logging of that message.
In the file electrumx/electrumx/server/session.py

Find line 1292
self.logger.info(f'attempting to crash old client with version {self.client}')

and comment it out so it becomes
#self.logger.info(f'attempting to crash old client with version {self.client}')

Then rerun the setup.py installer

erolgobel17 · 2019-09-21T14:31:13Z

digitalbitbox/bitbox-wallet-app#499

erolgobel17 · 2019-09-21T14:33:44Z

The Unix command: journalctl -u electrumx -f
shows that electrumxx (1.12) keeps writing the following line over and over again:

attempting to crash old client with version 3.2.2

Is that still due to the DDOS attacks? Or is something else going on?

Note that I run with the configuration variables:

COST_SOFT_LIMIT=0
COST_HARD_LIMIT=0

to allow connections over TOR without running into resource limit problems.

See below for part of the actual output from journalctl:

jun 17 17:26:46 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464225] attempting to crash old client with version 3.2.2
jun 17 17:26:46 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464226] attempting to crash old client with version 3.2.2
jun 17 17:26:46 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464227] TCP 1.22.9.5:56594, 104 total
jun 17 17:26:46 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464228] TCP 125.234.108.210:56466, 105 total
jun 17 17:26:46 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464228] attempting to crash old client with version 3.2.2
jun 17 17:26:46 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464227] attempting to crash old client with version 3.2.2
jun 17 17:26:46 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464229] TCP 5.117.58.150:12812, 104 total
jun 17 17:26:46 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464229] attempting to crash old client with version 3.2.2
jun 17 17:26:46 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464230] TCP 117.2.32.37:53663, 104 total
jun 17 17:26:46 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464230] attempting to crash old client with version 3.2.2
jun 17 17:26:46 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464231] TCP 36.72.128.141:57894, 104 total
jun 17 17:26:46 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464231] attempting to crash old client with version 3.2.2
jun 17 17:26:47 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464232] TCP 115.79.24.21:58693, 104 total
jun 17 17:26:47 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464232] attempting to crash old client with version 3.2.2
jun 17 17:26:47 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464233] TCP 171.243.208.209:59166, 104 total
jun 17 17:26:47 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464233] attempting to crash old client with version 3.2.2
jun 17 17:26:47 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464234] TCP 61.5.94.195:8705, 104 total
jun 17 17:26:47 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464234] attempting to crash old client with version 3.2.2
jun 17 17:26:47 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464235] TCP 172.58.11.53:44157, 104 total
jun 17 17:26:47 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464236] TCP 39.52.37.101:57752, 105 total
jun 17 17:26:47 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464236] attempting to crash old client with version 3.2.2
jun 17 17:26:47 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464237] TCP 49.48.149.130:58928, 105 total
jun 17 17:26:47 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464237] attempting to crash old client with version 3.2.2
jun 17 17:26:47 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464238] TCP 111.125.235.3:54829, 105 total
jun 17 17:26:47 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464238] attempting to crash old client with version 3.2.2
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464239] TCP 116.97.243.38:10096, 105 total
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464239] attempting to crash old client with version 3.2.2
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464240] TCP 113.53.232.201:61325, 105 total
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464240] attempting to crash old client with version 3.2.2
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464241] TCP 1.54.200.190:49750, 105 total
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464241] attempting to crash old client with version 3.2.2
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464242] TCP 58.82.189.193:6510, 105 total
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464243] TCP 200.216.76.170:53583, 106 total
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464244] TCP 36.84.227.150:53694, 107 total
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464245] TCP 200.216.76.170:54113, 108 total
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464246] TCP 171.241.230.65:52231, 109 total
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464247] TCP 115.74.212.110:55269, 110 total
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464248] TCP 36.82.47.109:57148, 111 total
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464242] attempting to crash old client with version 3.2.2
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464243] attempting to crash old client with version 3.2.2
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464244] attempting to crash old client with version 3.2.2
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464245] attempting to crash old client with version 3.2.2
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464246] attempting to crash old client with version 3.2.2
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464247] attempting to crash old client with version 3.2.2
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464248] attempting to crash old client with version 3.2.2
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464249] TCP 156.210.61.107:52506, 112 total
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464249] attempting to crash old client with version 3.2.2
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464250] TCP 43.250.242.15:12298, 105 total
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464250] attempting to crash old client with version 3.2.2
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464251] TCP 117.6.121.13:54389, 105 total
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464251] attempting to crash old client with version 3.2.2
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464252] TCP 24.146.232.193:54348, 105 total
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464253] TCP 47.11.141.203:53031, 106 total
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464253] attempting to crash old client with version 3.2.2
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464254] TCP 27.72.47.245:26202, 106 total
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464254] attempting to crash old client with version 3.2.2
jun 17 17:26:48 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464255] TCP 118.172.127.41:52989, 106 total
jun 17 17:26:49 user-Aspire-E1-572 electrumx_server[5680]: INFO:ElectrumX:[1464255] attempting to crash old client with version 3.2.2

github12101 · 2020-07-10T23:16:03Z

There is variable to configure this. If you are using run_electrum.sh (on Raspberry Pi for example), put this into it:

# drop clients older than 3.3
export DROP_CLIENT="3\.[0-2]\.\d+"

This will tell ElectrumX to drop connections to clients 3.0* - 3.2*. That would ban this pesky 3.2.2 client.

kyuupichan closed this as completed Aug 28, 2019

erols mentioned this issue Aug 28, 2019

bitbox-wallet not working with ElectrumX server 1.12 digitalbitbox/bitbox-wallet-app#499

Closed

wartjugger mentioned this issue Oct 29, 2019

SSL only solves repeated "3.2.2 crash" requests? #914

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Electrumx continuously attempting to crash old client. #842

Electrumx continuously attempting to crash old client. #842

ghost commented Jun 17, 2019

peleion commented Jun 17, 2019 •

edited

ghost commented Jun 17, 2019

peleion commented Jun 17, 2019 •

edited

benma commented Aug 5, 2019 •

edited

SomberNight commented Aug 5, 2019

benma commented Aug 7, 2019

theblains commented Aug 11, 2019

erolgobel17 commented Sep 21, 2019

erolgobel17 commented Sep 21, 2019

github12101 commented Jul 10, 2020

Electrumx continuously attempting to crash old client. #842

Electrumx continuously attempting to crash old client. #842

Comments

ghost commented Jun 17, 2019

peleion commented Jun 17, 2019 • edited

ghost commented Jun 17, 2019

peleion commented Jun 17, 2019 • edited

benma commented Aug 5, 2019 • edited

SomberNight commented Aug 5, 2019

benma commented Aug 7, 2019

theblains commented Aug 11, 2019

erolgobel17 commented Sep 21, 2019

erolgobel17 commented Sep 21, 2019

github12101 commented Jul 10, 2020

peleion commented Jun 17, 2019 •

edited

peleion commented Jun 17, 2019 •

edited

benma commented Aug 5, 2019 •

edited