this post was submitted on 22 Jul 2023
2103 points (98.7% liked)

Lemmy.World Announcements

29099 readers
6 users here now

This Community is intended for posts about the Lemmy.world server by the admins.

Follow us for server news ๐Ÿ˜

Outages ๐Ÿ”ฅ

https://status.lemmy.world/

For support with issues at Lemmy.world, go to the Lemmy.world Support community.

Support e-mail

Any support requests are best sent to [email protected] e-mail.

Report contact

Donations ๐Ÿ’—

If you would like to make a donation to support the cost of running this platform, please do so at the following donation URLs.

If you can, please use / switch to Ko-Fi, it has the lowest fees for us

Ko-Fi (Donate)

Bunq (Donate)

Open Collective backers and sponsors

Patreon

Join the team

founded 2 years ago
MODERATORS
 

Today, like the past few days, we have had some downtime. Apparently some script kids are enjoying themselves by targeting our server (and others). Sorry for the inconvenience.

Most of these 'attacks' are targeted at the database, but some are more ddos-like and can be mitigated by using a CDN. Some other Lemmy servers are using Cloudflare, so we know that works. Therefore we have chosen Cloudflare as CDN / DDOS protection platform for now. We will look into other options, but we needed something to be implemented asap.

For the other attacks, we are using them to investigate and implement measures like rate limiting etc.

you are viewing a single comment's thread
view the rest of the comments
[โ€“] [email protected] 9 points 1 year ago* (last edited 1 year ago) (1 children)

Whats the motivation to DDOS? How mutch is specific malice to lemmy or lemmy.world itself and how much is genaric.

[โ€“] [email protected] 12 points 1 year ago* (last edited 1 year ago) (1 children)

The kinds of people who do these things can have different motivations.

Some DDOS operators are "hired goons" who will DDOS whomever they're paid to. However, in order to demonstrate their capabilities, they need to do some damage first. If they can cause a big outage, they can later point to that outage and say "we did that" as proof that they're capable of doing damage.

Some DDOS operators are ideological or identity/drama-driven. They decide that they have a Cause, and that this justifies doing some damage. The same groups might do DDOS and also harassment, doxxing, spamming, etc. โ€” their goal is to cause misery to the Bad People and "drive them off the Internet" by whatever means they find handy.

Some DDOS operators are just plain extortionists. They crash a site once or twice, then threaten to keep doing it forever until the site owner pays them off.

Some DDOS operators are bored kids making trouble.

Some DDOS operators are nation-state agencies trying to censor foreign sites that say things they don't like. In one case, the China government attacked GitHub to get at the anti-censorship site GreatFire.

[โ€“] [email protected] -4 points 1 year ago (3 children)

The Chinese do their best to make everyone hate them, don't they?

[โ€“] [email protected] 7 points 1 year ago (3 children)

Good god, out of all that, you had to point out how much you hate Chinese. Thought I'd escaped it when I stopped using Reddit.

[โ€“] [email protected] 2 points 1 year ago

I don't hate the Chinese population, I just don't like how the Chinese government operates and how they use and manipulate their population. How they seem to be deliberately antagonizing diplomatic relations. Granted they aren't going as far as the Russian government is, but they are going pretty far to try to paint every western country as the bad guys.

And yes I know western countries aren't perfect - no country is perfect. But the actions of the Chinese government seems to be painting us in a light that is far worse than reality.

They tend to stick to the old Soviet way of relieving internal issues by giving the people an external force or government to hate rather than trying to fix their own issues. That "saving face" culture they have is really detrimental to their ability to move forward and fixing their internal problems.

[โ€“] [email protected] 2 points 1 year ago* (last edited 1 year ago)

The specific attack they were talking about involved 126.9 million network requests per second, over a sustained period of time, and it was a widespread attack where the source was millions of individual computers, suspected to be regular desktop PCs from (or adjacent to) China. In other words the attack involved malware that was rapidly installed on vast numbers of computers at the same time.

Due to the massive size of the attack, it was investigated thoroughly and the only sensible conclusion was that it was state sponsored. Specifically China likely to have used their widespread censorship tools to install malware that quietly attacked Github, likely without the owner of the PC from even knowing it had happened (the attack wasn't serious enough to disrupt the infected PC)..

That's not "hating Chinese" it's just pointing out a simple fact. Some DDoS attacks are state sponsored. And only a small number of states gate involved in such attacks.

[โ€“] [email protected] 1 points 1 year ago (1 children)

Yeah I don't blame Chinese people for their government's actions. It's like hating Americans for what Trump says. Simply invite real Chinese people to post on Lemmy and give their honest opinions on GreatFire, and stop hurting their feelings.

[โ€“] [email protected] 1 points 1 year ago* (last edited 1 year ago)

I dpnt know of thats racism or bad communication, i want to say its not but I cant

(edit: the comments above you, not you)

I think "chinese" as a synonym for "chinese nation state" is misleading

[โ€“] [email protected] 1 points 1 year ago

Shh, the Tankies will get us.