[ POOL CLOSED ] Mainframe Mining Cooperative

[flower1024]

hi,

do you have any plans regarding merged mining?
it'll come in 196nmc blocks...

[1714778357]

1714778357

[1714778357]

1714778357

[1714778357]

1714778357

[1714778357]

1714778357

[1714778357]

1714778357

[AnnihilaT]

hi,

do you have any plans regarding merged mining?
it'll come in 196nmc blocks...

https://bitcointalk.org/index.php?topic=44546.msg537256#msg537256

[cyberlync]

Tired of unstable and disconnecting pools? Tired of pool hoppers? Tired of lack of stats and nice graphs?

Join this pool, and your worries will be over, in addition, there is a great staff operating the pool, we have already won several block races!!

Don't hesitate, migrate!

[tiberiandusk]

Anyone want to make me Chrome Extension that pops up a notification window when Mainframe finds a block?

[bayer]

no information here for the orphan block ?

why no payout for block

http://blockexplorer.com/block/0000000000000474ce77f83e8acd371c5ade02013ee90f243ced3a739d8ddec5

?

pls more informations.

[AnnihilaT]

148434 was payed out normally.  The block before that one which is no longer listed (148284 i believe) was orphaned and mainframe has never paid for orphaned/invalid blocks.   Hope this addresses your concerns.

[AnnihilaT]

Mainframe is shutting its doors.   Dont worry we werent hacked and all BTC is safe and will be paid out on the same schedule as normal.

I will write more about this when i get the time.  Sorry it was so sudden.  There was no other choice.

You can still login here via the old stats page to retreive your funds:
http://mining.mainframe.nl/stats

Once logged in you can reach most of the old site and order a manual payout, change payment addresses, etc.  This part of the site will stay up for at least 2 weeks for everyone to get their BTC out (unless the site is brought up on other servers in the meantime)

EDIT:  More information here:
https://bitcointalk.org/index.php?topic=24650.msg589039#msg589039

[Pontius]

Mainframe has shutdown. See forums for more details. All payouts will be made as they confirm.

Mainframe is shutting its doors.   Dont worry we werent hacked and all BTC is safe and will be paid out on the same schedule as normal.

I will write more about this when i get the time.  Sorry it was so sudden.  There was no other choice.

So this is more details??? We could argue on this I guess.
Anyway I'm quite curious about your explaination and hope MMC gets back to service in near future.

[phillipsjk]

I am reading this thread trying to decide if the ~11Gbps DDOS attack is still underway. Just yesterday Slush said he wasn't coming back without implementing a distributed mining pool (has since changed his mind). A better place to get info may be IRC (I haved been using Bitcoin Watch, but that only covers the largest pools).

Vague details can be found here: Mass DDOS part 2.

MagicalTux's post disclosing the magnitude of the attack.

Slush's Giving up post.

Speculation: I suspect the mainframe mining pool was also hit by this DDOS attack. Most webhosts provide 100Mbps connectivity. A 11Gbps DDOS would saturate such a pipe 110 times over. If the datacenter is relatively small, a 11Gbps DDOS may saturate at least one of the pipes going into the datacenter (assuming 10Gbps or smaller). My own webhost has a "Triple OC-3 Backbone". According to Wikipedia, that works out to 148.608 Mbit/s of payload (x3=445.824Mbps). A 11Gbps DDOS would shutdown my webserver's datacenter 25 times over.

When faced with this situation, the hosting provider probably said "find a new provider." If the hosting provider actually has the capacity, the request was probably to upgrade to a more expensive plan.

What can be done? One possibility is to avoid pools: they are easy targets. Of course, so is every individual bitcoin node (but collectively a hard target). If you like the lower variance of a pool, there is at least one hybrid pool that combines pooling and solo mining,

[evlew]

that sucks.  this was a really awesome pool.

[Inaba]

"Fighting fire with fire" is not really practical (never mind the legal implications, which are substantial)... if for no other reason than there is not a single vector of attack that is used to compromise the boxes in question.  Some infections may come from drive by, some from unpatched holes, some from malware, some from email, some from social engineering, some from trojans, etc...  It's also entirely possible that the exploit used to initially infect the box is patched, but the machine is already infected. 

With a huge number of different boxes, each box would have to be handled on a case by case basis.  Each box is exceptionally time consuming.  You'd need an army of people with the skills to accomplish this and I can't think of even one who'd waste his/her time for little or no gain.  Not practical in any sense.  Definitely not legal.

[Eveofwar]

MMC was cool and I was a member there. Not a big fish, but a regular top 10 participant.


There was a great community and the software was neat too.

Are these DDoS attacks really being operated by one or two people with a bad attitude? Surely, with the power a pool has at its disposal (in terms of many members, most of which will have decent internet connections and high-powered hardware), simply finding the perpetrator and then fighting fire with fire may work?

I'm looking at it from the old-bloke hacker perspective - try to fuck with my network and I'll fuck with yours. It's harder with DDoS due to the fact that the 'attackers' are idiots with unsecured Windows boxes who don't even know that they're being exploited.

But if there's a way to trace back to the originator... certainly something could be done.

Another potential trick - let's assume the DDoS is carried out by vulnerable Windows boxes, controlled by some evil piece of crap. If the perpetrator doesn't immediately secure the Windows box (and he can't - because he needs to send messages to the zombie box to attack a particular pool) then what's to stop our pool operators from breaking into the zombie box *too* and changing the hosts file to point the pool DNS names to localhost?

Basically I'm saying fight them at their own level. If they have got a way into a zombie box and not secured it, then a pool operator (or a hired hacker for the pool) can get in too, and then subvert the zombie's own DNS resolution system to ensure that the well-known pool DNS names resolve to localhost (or nowhere) - on that machine only.

This would only harm the zombies if they were also legitimately mining - and any miner with an IQ above room temperature would notice his/her hash rate disappear as the machine bombs the pool he/she is trying to mine with...


Yes, I know it's immoral. But we're dealing with criminals here. Sometimes it's the only way... only the pool operators will know, but if they're banning entire botnets, then they will have a list of IP addresses of members of the botnet. That list of IPs can be given to someone who will take down all the zombies' ability to attack certain DNS names (i.e. those of the pool)... make sense?

So you're advocating for pool operators to illegally break into compromised machines that are attacking them ?

I just want to get this straight...you expect a pool operator to break into ALL of the zombie boxes (at ~11 Gbps, how many potential machines do you think that is ?)...

It's bad enough in my opinion that BTCGuild has made a "deal" with the botnet operators.

Get real.

[Littleshop]

Another potential trick - let's assume the DDoS is carried out by vulnerable Windows boxes, controlled by some evil piece of crap. If the perpetrator doesn't immediately secure the Windows box (and he can't - because he needs to send messages to the zombie box to attack a particular pool) then what's to stop our pool operators from breaking into the zombie box *too* and changing the hosts file to point the pool DNS names to localhost?

Actually the zombie boxes are infected with very sophisticated software.  Sometimes the zombie command and control networks have been taken over by some advanced hackers, but most of the time it is near impossible.  The machines once infected are usually secured against other takeovers and get patches that don't interfere with their own software.  It is very hard to completely remove the software from the machine without a reformat.  The command and control of these machines is usually done with types of encrypted keys as well.  Without the key, you don't get to do much to the machine. 

[AnnihilaT]

Speculation: I suspect the mainframe mining pool was also hit by this DDOS attack.

Close.  We got word that we were next on the "hit list" and that a large scale attack was imminent (more than 11gbps).   I had very little time to make a decision.

Faced with this situation and knowing that my datacenter didnt have the capacity to cope with an attack of this scale i made the decision to spare other mission critical services, colleagues, employees, and other paying customers the loss of revenue, headaches, and inconvenience an attack of the scale would have caused.

I resent being forced into this situation.  It doesnt feel right to shut Mainframe down.

Now i have also had to re-evaluate the entire situation and realize that there simply is not enough revenue being generated from this pool for it to support itself outside of my own network and the danger to my other clients, colleagues, etc. is too great to justify keeping this personal hobby project of mine up and running at the detriment of everyone else in this network.   (In case its not clear,  i co-own the company where the pool was hosted so the bandwidth and server costs were negligible as long as it was hosted in my own network)   

At any rate,  the pool just doesnt make enough to pay for the type of hardware and bandwidth needed to run it properly and the person who was donating this hardware and bandwidth (me) can no longer do it.  I cant say im really happy about any of this (Im not) but sometimes the most logical action is not always the most popular one or the one you really feel like doing.  I just dont see any other options right now.

It was fun.  I wish it could go on.  Im proud of 0 downtime and 0 problems during our 3 month run.  We had a good service which was stable, reliable and just worked and we had the best miners in the community.  I guess its not a bad record to go out with.   

- Anni

[cyberlync]

Thank you for the service that was provided! I wish you all the best with any future endeavors. Had some great times at the pool, and as stated above, the fellow miners were a great bunch. Perhaps if Vladimirs pool gets done we can all meet again. Viribus Unitis

[Shevek]

I'll be thinking about setting up another pool which would be more long term viable than MMC turned out to be and which would be able to resist multi   Tbps DDoS attacks, in a phoenix like fashion. But so far it is all on drawing boards, so nothing much to talk about.

Vladimir, with your mining power perhaps you can contribute an idea like p2pool to stabilize. No more DDoS, distributed mining (and distribute reward) in the spirit of the whole Bitcoin project.

Please, take a glance and consider a testing period on it.

https://bitcointalk.org/index.php?topic=18313.0

[Jack of Diamonds]

Fair enough, that was a very hot-headed post from me because I was, and still am, pretty angry about the situation where we've effectively got an Internet run by people with power but no responsibility.

Idiots with the virtual equivalent of major first-world armies at their command, but without the restraint to use them only in times of justified war; it's the equivalent of the USA bombing the hell out of anyone just for teh lulz. Fucking anarchy.

The fact is that two pools now have publicly stated that they've appeased the bullies, and done what they've been ordered. These words will sting Anni (sorry, I respect you and I really enjoyed being part of your pool, but this has become a bigger moral debate) and the BTCGuild guy, but it's true.

What next? Given that Anni's just said that his paying clients were important and that the size of the DDoS would cripple his datacentre, then the criminals operating these zombie botnets will presumably now be requesting protection money. Some things never change... 'nice datacentre you've got here... would be a shame if it got DDoS'd, my boys can take care of that for a fee'...

I don't want to be involved in a world like that. There's giving up, abandoning the enterprise, giving the criminals money, or just letting the whole thing fall apart until everyone gets bored. But there must be *active* preventative measures - not just defence, but offence as well - surely?

Defensively - why not run the pool on a P2P basis, with signed code to prevent each pool member *not* distributing the earnings amongst the network (actually, the entire Bitcoin 'reward' system could be rewritten to pay *every* contributing miner a proportional basis of the money supply - eliminating 'luck' and pool-hopping entirely, but it'd also remove the ability of 'being a pool' - that's probably deserving of its own thread, but I'm sure someone has thought of this already)?

Offensively - I admit there's little point in attacking zombie machines (though my opinion has *always* been that if you're unskilled enough to secure your own machines / network, and your machines are used as attack vectors, then your machines should be taken off the network for the network's good) but there are only two points where a DDoS can be stopped; either at the zombie bot, or the zombie bot's ISP. If the ISP can't give a damn, then they are just as complicit. Massive traffic identified as a DDoS attack can be stopped by the ISP refusing to forward on the zombie's packets before they end up, along with all the other zombies, filling up someone's pipe. And stopping the attack at the zombie machine itself requires hacking the zombie machine, which is unethical as per responses above.

Is there any way to ask the router *upstream* of your datacentre to filter packets on a certain-number-per-originator basis? All source IPs would get through but only at a restricted rate. This wouldn't affect normal operation but would slow down 'flood' type attacks...

It's a fucking shame, an absolute fucking shame. I understand why Anni did what he did, and on a business basis it makes sense (unless it leads to threats of financial extortion) but the whole situation could snowball into causing mistrust in the Bitcoin community, the further devaluation of the BTC, and eventual total financial loss for those who have invested in the enterprise.

Perhaps I'm being somewhat pessimistic, but right now, with organised crime assaulting the Bitcoin mining infrastructure, I don't see the likelihood of Bitcoin actually *succeeding* being very high any more. I think my investment in hardware will be wasted and mining eventually ending. Organised crime doesn't gain anything from this outcome - maybe the vested interests of established fiat currencies may gain, but I wouldn't expect them to approach the problem *this* way.

Again it comes down to power without responsibility - such idiots shouldn't be allowed to have such heavy weapons...


I truly hope that something rises from the ashes of MMC... I was proud to be a member of that pool and I'd be back in a heartbeat. I don't have the facilities to offer but will help in any other way - I'm hoping Vladimir has something up his sleeve

Everyone pays for protection from the stronger. Even you pay for protection by taxes.

At some point DDoS protection will be an ordinary business expense
just as guarding & security services purchased by corporations and stores in the physical world.

Tor is not the ideal protection method either as an attacker with relatively low bandwidth can bring down the network very easily

(Fake TLS handshakes, attacking directory services and all active routers on the network, consuming the network bandwidth grinding it to a halt)

[ydenys]

Sorry, Annhila, i feel for you being almost ddos’s/Vladimir leaving/etc. But do you mind telling me why you failed to auto pay me (far above the limit) forcing me to pay you the fee to withdraw the last of my BTCs? Anyway, thanks for letting me to withdraw them, I guess. Keep the change, beware of those bad people on the webs. All the bestest. Ta.

[AnnihilaT]

But do you mind telling me why you failed to auto pay me (far above the limit) forcing me to pay you the fee to withdraw the last of my BTCs? Anyway, thanks for letting me to withdraw them, I guess.

1) you never set a threshold for auto payments.  It was still set at 0 which means its turned off.  If you would have read the instructions you would have already known this.

2) Even if you had, the min. threshold amount is .10 (also clearly stated) and you never mined more than ~0.05 BTC with us anyway which was paid out when you requested.   

Some people are impossible to please.  Do you really come here to bitch about .0005 BTC TX fees?  Tsss...

[DeathAndTaxes]

.05 BTC.  LOLZ.  Some people are just sad.