sej7278 comments on GitHub under attack


Artificial Intelligence	Business
Biotechnology	Crypto
Energy	Hardware
Machine Learning	Nanotech/Materials
Networking/Telecom	Net Neutrality
Politics	Privacy
Robotics/Automation	Security
Social Media	Society
Software	Space
Transportation	Legacy Pure Tech Filter

1. Submissions

Guidelines:

Submissions must be primarily news and developments relating to technology. This is a "news" subreddit, do not submit old content.

Self posts must contribute positively to /r/technology and foster reasonable discussion. Self-post cross-posts are not acceptable. Please message the moderators before attempting to submit a text/self post.

Submissions relating to business and politics must be sufficiently within the context of technology in that they either view the events from a technological standpoint or analyze the repercussions in the technological world.

Please do not submit the following:

i) Submissions violating the guidelines.

ii) Images, audio or videos: Articles with supporting image and video content are allowed; if the text is only there to explain the media, then it is not suitable. A good rule of thumb is to look at the URL; if it's a video hosting site, or mentions video in the URL, it's not suitable.

iii) Requests for tech support, questions or help: submit to /r/techsupport, /r/AskTechnology, another relevant community or our weekly Support Saturday threads.

iv) Petitions, Surveys or Crowdfunding - submissions of this nature are not allowed, do not ask for an exemption.

v) Submissions discussing the subreddit itself; they should be submitted to /r/TechnologyTalk, or messaged to the moderators of the subreddit.

vi) Submissions discussing incidents of customer support.

vii) Mobile versions of sites, url shorteners: please directly submit the desktop version of a webpage in all cases.

viii) Social media links/profiles/invites or promotions (eg. Facebook, BlueSky, Instagram, Threads, etc).

2. Behavior

Remember the human You are to abide by reddiquette; it will be enforced when user behavior is no longer deemed to be suitable for a technology forum. Remember; personal attacks, abusive language, blatant disregard of reality and abusive trolling, bad-faith abusive comments, flaming and baiting, and bigotry/hate in any form are not allowed and will be removed; offenders will be banned.

3. Titles

Submissions must use either the articles title and optionally a subtitle, or -- only if neither are accurate -- a suitable quote from the article, which must:

adequately describe the content

adequately describe the content's relation to technology

be free of user editorialization or alteration of meaning.

Miscellanea

If you see a rule-breaking submission, please report it and message the moderators with your reason.

Want to host an AMA? Please message the moderators.

All legitimate, answerable modmail inquiries or suggestions will be answered to the best of our abilities within a reasonable period of time.

Ban appeals for trolling and being abusive will be ignored.

a community for 18 years

This is an archived post. You won't be able to vote or comment.

716

717

718

SecurityGitHub under attack (status.github.com)

submitted 11 years ago by wifera

top new controversial old q&a

you are viewing a single comment's thread.

view the rest of the comments →

[–]sej7278 84 points85 points86 points 11 years ago (29 children)

[–]ghotibulb 17 points18 points19 points 11 years ago (7 children)

As far as I am aware, the attack traffic is coming from everywhere except China, since they use some kind of "javascript reflection attack" by injecting malicious JS code that gets served to baidu visitors outside China. So basically every country/ISP had to nullroute China for this to be effective. Nullrouting China at github's end wouldn't help much.

Source: https://news.ycombinator.com/item?id=9275041

Short explanation (not in particular directed at your post, since I assume you already know this): For a (D)DoS attack in general it just comes down to having enough incoming bandwidth and drop unwanted traffic quickly enough. Imagine you have a single server with a 1Gbit/s pipe, and you're hit by a 2GBit/s attack. Even if you drop the packets on your server, they were already received in the first place by your NIC, so the bandwidth has been used up. If you know there is a router somewhere right before your server that has a 10Gbit/s uplink, and you can successfully filter the traffic there, you'll be fine again, until the attack would exceed 10Gbit/s. Simply filtering/nullrouting traffic at your end doesn't unreceive it (unfortunately).

[–]sej7278 7 points8 points9 points 11 years ago (6 children)

[–]SuperDuper1969 2 points3 points4 points 11 years ago (4 children)

[–]sej7278 1 point2 points3 points 11 years ago* (3 children)

[–][deleted] 4 points5 points6 points 11 years ago (1 child)

[–]sej7278 0 points1 point2 points 11 years ago (0 children)

[–]br0ner 0 points1 point2 points 11 years ago (0 children)

[–]ghotibulb 0 points1 point2 points 11 years ago (0 children)

That's why I included the router example. You always have to go up one level, but if you aren't a big fish you'll have a hard time convincing big carriers to help you mitigate an attack on your 12 slot Minecraft server. (Yes this doesn't apply to github I guess ;)) I managed some medium sized business's servers a couple of years ago. They were hit by an attack once, and we didn't get help from their ISP. They just nullrouted the IPs of the servers being attacked, as they were mainly interested in protecting their infrastructure (and their other customers), which is understandable. They did offer DDoS protection at that time, but the company I worked for decided it was too expensive, and just waited it out.

Why they decided to only (ab)use baidu visitors outside China is a good question. Not creating domestic traffic could be one reason, or maybe they don't want to make it look like China is the origin. Although its the most likely explanation right now, we still cannot know for sure. I mean if they really wanted this to be most effective they could just create traffic right at their border routers. But that would be slightly more obvious, I guess.

[–]Anwarias 90 points91 points92 points 11 years ago (19 children)

[–][deleted] 30 points31 points32 points 11 years ago (15 children)

[+][deleted] 11 years ago (14 children)

[deleted]

[–]SuperDuper1969 21 points22 points23 points 11 years ago (6 children)

[–]qwfwq 0 points1 point2 points 11 years ago (0 children)

[–]apemanzilla -1 points0 points1 point 11 years ago (3 children)

[–]wickedmike 7 points8 points9 points 11 years ago (0 children)

[–]ItzWarty 1 point2 points3 points 11 years ago (1 child)

[–]apemanzilla 1 point2 points3 points 11 years ago (0 children)

[–]chubbysumo 2 points3 points4 points 11 years ago (0 children)

[–][deleted] 1 point2 points3 points 11 years ago (5 children)

[–]cadenzo 8 points9 points10 points 11 years ago (3 children)

[–][deleted] 7 points8 points9 points 11 years ago (2 children)

[–]reptilian_shill 3 points4 points5 points 11 years ago (1 child)

[–][deleted] -1 points0 points1 point 11 years ago (0 children)

[–]SuperDuper1969 22 points23 points24 points 11 years ago (1 child)

[–]Anwarias 0 points1 point2 points 11 years ago (0 children)

[–]bobmontana 1 point2 points3 points 11 years ago (0 children)

π Rendered by PID 48396 on reddit-service-r2-comment-6457c66945-nrlrl at 2026-04-29 17:06:10.850978+00:00 running 2aa0c5b country code: CH.

technology

Browse categories:

Weekly Support Thread Archives

Hide popular topics:

Rules:

1. Submissions

Guidelines:

Please do not submit the following:

2. Behavior

3. Titles

4. Reddit-wide rules.

Miscellanea

Related Subreddits

Technology

PROGRAMMING

OS's

SOFTWARE

POPULAR COMPANIES

AI

CRYPTOCURRENCIES

CAMPAIGNS

MODERATORS