GitHub hit by DDoS attack second day in a row(thenextweb.com) |
GitHub hit by DDoS attack second day in a row(thenextweb.com) |
"Mike, remember that project you did for us last year? Yeah, we've been shipping it with our product for a while - working great, thanks! Say... I don't suppose you might happen to still have a copy of the source code anywhere? I know, you probably deleted it after the project was over, but you were always so good about making backups - do you suppose you could rummage through your old backup tapes and see if there's anything? No, it's nothing like that! Well, we seem to have lost all our copies of the source and really hope you could help us out."
True story.
Pretty please?
This is a service I pay for and my business relies on. Having it down three times in three days impacts our work.
What amounts to throwing a massive amount of hardware at the problem (i.e., boxes that can handle 10-100+gbps of traffic, filter out the attacks, and pass only legit stuff down to your servers) is expensive[1], and casuses all sorts of unexpected behavior: API clients mysteriously break, good traffic gets mistakenly dropped, latency is added to the whole process, etc. It gets even weirder on SSL-protected sites. And it's all dependent on attackers not getting the IP of your actual servers which they could then just attack directly.
[1] For sites with even not a whole lot of traffic, you're talking a one-year contract easily in the range of an engineer's salary. I wouldn't be surprised if the cost to protect sites with as much traffic as Github exceeded $1m/year. Even if you have plenty of cash in the bank, that's one hell of a pill to swallow.
When you say things like "And it's all dependent on attackers not getting the IP of your actual servers" this makes me wonder how much you understand the subject matter. There are many, many options.
"UGH GitHub down again, I guess I have to go work on something equally as important for upwards of an hour"
I call shenanigans on you, good sir.
Since never. At least for businesses that want to remain an ongoing concern.
I wonder if there's a way to host Git repositories with static files, say, on Amazon S3... That would be neat.
This meme is getting really, really tiresome. Github being down is NOT a central point of failure. Most people know that setting up your own git server is trivial, literally a 3-4 step process. We know that we don't lose our files, our history, our working tree, etc.
The "git" in Github is easily replaced. The "hub" part has its own value. The communication tools, the well-presented diffs, the inline-editing capability, issues, wiki, etc. That's the value people are gnashing their teeth over.
http://ozmm.org/posts/when_github_goes_down.html has a good summary of quick ways to keep using git without github.
http://blog.spearce.org/2008/07/using-jgit-to-publish-on-ama...
Initially we blocked all Ec2[1] & spamhaus ip list. But then realized Flipboard proxies[2], some blog aggregation proxies etc are based on Ec2 machines.
What would be a good way to block such rogue machines? Is there a community sponsored list or Ec2/Rackspace ips that are creating issues?
Fighting DDoS attacks is not trivial, especially if you're against a sophisticated botnet, and your code has multiple slow parts.
No data will be compromised, but it will still be a pain in the .. head.
I know this because I was told this by prolexic while configuring our servers to sit behind their scrubbing servers while we're under an equally crippling DDOS (one that took down half the customers in our datacenter, not just us). So while I haven't examined their tech stack under a magnifying glass, I'm not exactly talking out of my ass here.
Yes, there are other options but those don't take an hour to implement like signing a contract and changing a few DNS entries does. And when these conditions exist, you need an answer that can be implemented in an hour.
Your comment about iptables is odd. I don't know why iptables would be relevant here; I suspect we are talking about implementations several orders of magnitude different in size. Certainly one would drop traffic at the edges and not do filtering on end nodes.
Yes, it sounds like our scales here are quite different. I'm referring to a few machines in a single data center, not hundreds being geographically distributed.
A small entity like github should be trivial to saturate.
hyuk, hyuk
Why would they go for github of all things?
A malicious attack by a third party is different from, say, the gym allowing black mold to grow in the locker room. I'd quit a gym if they had black mold. That's mismanagement. I wouldn't quit a gym if malicious third party intervention inconvenienced me.
Besides, GitHub is obviously more concerned about this than you or I could ever be. And having money doesn't make infrastructure magically appear.
I pay GitHub too. My company relies on it. I, too, was slightly inconvenienced this week. I was also slightly inconvenienced when I had to make a u-turn because the Battery Tunnel southbound on-ramp was closed. So what?
In summary: shenanigans! Good day sir!
You can reliably predict and protect against things like network outages, server failures, full datacenter failures (black mold)--you can directly measure their impact and plan failover paths. A DB server goes out? Whatever! That's why you have a hot backup or two online and ready to go.
What you can't predict is exactly how far a malicious third party will go to hurt you. You can't predict how many dollars they'll spend on their botnet minutes. You don't know if they're going to attack your infrastructure or the DNS. Can buying more bandwidth fix the problem? If so, how much more? And will the attacker simply up the ante when they see that you're recovering? Can filtering requests fix the problem? If so, will the attacker provision different resources to attack you with?
This isn't simply a matter of infrastructure, buying the right equipment, or setting things up "just right" precisely because there is a sentient actor trying to hurt you. It's more like a game of chess.
I find it slightly ironic that the entire point of git is that it is distributed version control but 90% of git use seems to be focused around a product from a single company.
Issues are normally mirrored to e-mails (caveat: you don't get mail for your own comments), so you can mostly pick up existing threads if your e-mail address book can find the github users involved. If they didn't obscure recipients (at least within an organisation — because I don't think address-book lock-in is worth inconveniencing paying clients), and made an auto self-bcc of your activity, issues would be entirely disaster resistant.