0
Microsoft's GitHub Under Fire For DDoSing Crucial Open Source Project Website -...
source link: https://tech.slashdot.org/story/23/06/28/2045228/microsofts-github-under-fire-for-ddosing-crucial-open-source-project-website
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Microsoft's GitHub Under Fire For DDoSing Crucial Open Source Project Websitebinspamdupenotthebestofftopicslownewsdaystalestupid freshfunnyinsightfulinterestingmaybe offtopicflamebaittrollredundantoverrated insightfulinterestinginformativefunnyunderrated descriptive typodupeerror
Do you develop on GitHub? You can keep using GitHub but automatically sync your GitHub releases to SourceForge quickly and easily with this tool so your projects have a backup location, and get your project in front of SourceForge's nearly 30 million monthly users. It takes less than a minute. Get new users downloading your project releases today!Sign up for the Slashdot newsletter! or check out the new Slashdot job board to browse remote jobs or jobs in your area
×
The servers used by the GMP project, an open source arithmetic library at the heart of GCC and other programs, slowed to a crawl earlier this month due to a large amount of network traffic originating from Microsoft servers. The Register reports: Torbjorn Granlund, principal author of GMP, raised the alarm in a note to the project's mailing list. "The GMP servers are under attack by several hundred IP addresses owned by Microsoft Corporation," he wrote. "We do not know if this is made with malice by Microsoft, if it is some sort of mistake, or if [it is one] of their cloud customers ... running the attack. The attack targets the GMP repo, with thousands of identical requests. The requests are cleverly chosen as to cause heavy system load. "We're firewalling off all of Microsoft's IP addresses as an emergency response."
The following day, Mike Blacker, director of threat hunting, operations, and response at Microsoft's GitHub, had identified the culprit: a GitHub Actions Workflow that clones a Mercurial repo and has been forked more than 700 of times. "Microsoft and GitHub have investigated the issue and determined that a GitHub user updated a script within the FFmpeg-Builds project that pulled content from https://gmplib.org," explained Blacker. "This build was configured to run parallel simultaneous tests on 100 different types of computers/architectures. This activity does not appear to be nefarious. [GMP] appears to have limited infrastructure that could not sustain the limited, yet simultaneous requests." [...]
As of last week, the excessive traffic was still an issue. "Our servers are fully available again, but that's the result of us adding all participating Microsoft network ranges to our firewall," the GMP project explains on its webpage. "We understand that we are far from the first project to take such measures against Github." The Register asked Granlund whether he was satisfied with Microsoft-GitHub's response, and he told us he had only heard once from Blacker. "I blocked about 40 IP ranges from accessing our web server," he explained. "A week after this started, there was still intensive traffic from the same IP addresses, perhaps 100 different Microsoft addresses all in all, belonging to about 40 ranges. The difference was that that traffic just caused minuscule load, and a log line in the firewall." "Problem solved. I cannot care less if they no longer can access gmplib.org. I find it interesting how little responsibility Github/Microsoft assume here. They seem to think that they are entitled to bash away at smaller sites."
The following day, Mike Blacker, director of threat hunting, operations, and response at Microsoft's GitHub, had identified the culprit: a GitHub Actions Workflow that clones a Mercurial repo and has been forked more than 700 of times. "Microsoft and GitHub have investigated the issue and determined that a GitHub user updated a script within the FFmpeg-Builds project that pulled content from https://gmplib.org," explained Blacker. "This build was configured to run parallel simultaneous tests on 100 different types of computers/architectures. This activity does not appear to be nefarious. [GMP] appears to have limited infrastructure that could not sustain the limited, yet simultaneous requests." [...]
As of last week, the excessive traffic was still an issue. "Our servers are fully available again, but that's the result of us adding all participating Microsoft network ranges to our firewall," the GMP project explains on its webpage. "We understand that we are far from the first project to take such measures against Github." The Register asked Granlund whether he was satisfied with Microsoft-GitHub's response, and he told us he had only heard once from Blacker. "I blocked about 40 IP ranges from accessing our web server," he explained. "A week after this started, there was still intensive traffic from the same IP addresses, perhaps 100 different Microsoft addresses all in all, belonging to about 40 ranges. The difference was that that traffic just caused minuscule load, and a log line in the firewall." "Problem solved. I cannot care less if they no longer can access gmplib.org. I find it interesting how little responsibility Github/Microsoft assume here. They seem to think that they are entitled to bash away at smaller sites."
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK