The Internet is (once again) awash with IoT botnets delivering record DDoSes
(arstechnica.com)
Bigger, badder DDoSes are flooding the Internet. Dismal IoT security is largely to blame.
Bigger, badder DDoSes are flooding the Internet. Dismal IoT security is largely to blame.
LWN sluggish due to DDoS onslaughts from AI-scraper bots
(kernel.org)
Should you be wondering why @LWN #LWN is occasionally sluggish... since the new year, the DDOS onslaughts from AI-scraper bots has picked up considerably. Only a small fraction of our traffic is serving actual human readers at this point. At times, some bot decides to hit us from hundreds of IP addresses at once, clogging the works. They don't identify themselves as bots, and robots.txt is the only thing they *don't* read off the site. This is beyond unsustainable.
Should you be wondering why @LWN #LWN is occasionally sluggish... since the new year, the DDOS onslaughts from AI-scraper bots has picked up considerably. Only a small fraction of our traffic is serving actual human readers at this point. At times, some bot decides to hit us from hundreds of IP addresses at once, clogging the works. They don't identify themselves as bots, and robots.txt is the only thing they *don't* read off the site. This is beyond unsustainable.
Should you be wondering why LWN is occasionally sluggish
(kernel.org)
Should you be wondering why @LWN #LWN is occasionally sluggish... since the new year, the DDOS onslaughts from AI-scraper bots has picked up considerably. Only a small fraction of our traffic is serving actual human readers at this point. At times, some bot decides to hit us from hundreds of IP addresses at once, clogging the works. They don't identify themselves as bots, and robots.txt is the only thing they *don't* read off the site.This is beyond unsustainable.
Should you be wondering why @LWN #LWN is occasionally sluggish... since the new year, the DDOS onslaughts from AI-scraper bots has picked up considerably. Only a small fraction of our traffic is serving actual human readers at this point. At times, some bot decides to hit us from hundreds of IP addresses at once, clogging the works. They don't identify themselves as bots, and robots.txt is the only thing they *don't* read off the site.This is beyond unsustainable.
Law enforcement takes down 'DDoS-for-Hire' sites in Operation PowerOFF
(scworld.com)
The hackers got more time off this Christmas as a present from law enforcement: Europol this week coordinated a takedown with 15 countries worldwide that seized 27 of the most popular distributed-denial-of-service (DDoS) platforms and took them offline.
The hackers got more time off this Christmas as a present from law enforcement: Europol this week coordinated a takedown with 15 countries worldwide that seized 27 of the most popular distributed-denial-of-service (DDoS) platforms and took them offline.
Korea arrests CEO for adding DDoS feature to satellite receivers
(bleepingcomputer.com)
South Korean police have arrested a CEO and five employees for manufacturing over 240,000 satellite receivers pre-loaded or later updated to include DDoS attack functionality at a purchaser's request.
South Korean police have arrested a CEO and five employees for manufacturing over 240,000 satellite receivers pre-loaded or later updated to include DDoS attack functionality at a purchaser's request.
DDoS site Dstat.cc seized and two suspects arrested in Germany
(bleepingcomputer.com)
The Dstat.cc DDoS review platform has been seized by law enforcement, and two suspects have been arrested after the service helped fuel distributed denial-of-service attacks for years.
The Dstat.cc DDoS review platform has been seized by law enforcement, and two suspects have been arrested after the service helped fuel distributed denial-of-service attacks for years.
Cloudflare auto-mitigated world record 3.8 Tbps DDoS attack
(cloudflare.com)
Since early September, Cloudflare's DDoS protection systems have been combating a month-long campaign of hyper-volumetric L3/4 DDoS attacks.
Since early September, Cloudflare's DDoS protection systems have been combating a month-long campaign of hyper-volumetric L3/4 DDoS attacks.
Cloudflare auto-mitigated world record 3.8 Tbps DDoS attack
(cloudflare.com)
Cloudflare's DDoS protection systems have been combating a month-long campaign of hyper-volumetric L3/4 DDoS attacks.
Cloudflare's DDoS protection systems have been combating a month-long campaign of hyper-volumetric L3/4 DDoS attacks.
Ask HN: Is it possible to avoid Bandwidth DDoS attacks without Cloudflare?
(ycombinator.com)
Hi. If I implement IP-based rate-limiting in my web application hosted on a VPS, it can help in preventing over-usage of paid API etc. But what if someone tries to exhaust the bandwidth that the VPS host allocates to my box, by simply making HTTP requests en masse? Even if I return 429 for all of them, my bandwidth is still gone, right? Is there any solution for this apart from seeking protection of Cloudflare and the like?
Hi. If I implement IP-based rate-limiting in my web application hosted on a VPS, it can help in preventing over-usage of paid API etc. But what if someone tries to exhaust the bandwidth that the VPS host allocates to my box, by simply making HTTP requests en masse? Even if I return 429 for all of them, my bandwidth is still gone, right? Is there any solution for this apart from seeking protection of Cloudflare and the like?