Requests from Microsoft IP Addresses
Torbjörn Granlund
tg at gmplib.org
Sat Jun 17 12:52:39 CEST 2023
Mike Blacker <mikeblacker at github.com> writes:
Microsoft and GitHub have investigated the issue and determined that a
Github user updated a script within the FFMPeg-Builds project that pulled
content from https://gmplib.org. This build was configured to run parallel
simultaneous tests on 100 different types of computers/architectures. This
activity does not appear to be nefarious. GMPLIB appears to have limited
infrastructure that could not sustain the limited, yet simultaneous
requests.
While I appreciate to get an explanation, I find your reply really
curious.
Our machine is pretty powerful, it is a server class machine with many
cores and lots of RAM, and its connection is 1 GbE at a top class data
centre.
What we experienced was tens of thousands requests from 20ish different
Microsoft subnets, many of which where apparently repo clone commands
which required our server to compress the contents. In total about 8
GiB of compressed data where requested, surely many times more for the
server to compress. All in just a few hours before I firewalled the
attack IP addresses off.
This is NOT legitimate use of any server on the Internet. Your reply
seems to suggest that it is our fault, that we ought to have more
powerful servers to accommodate this behaviour. Really?
I beg to disagree. This traffic was, if not nefarious, very far from
acceptable. We will keep the GMP server infrastructure, and we will
defend it from irresponsible usage like this in order to keep it
available for responsible usage.
--
Torbjörn
Please encrypt, key id 0xC8601622
More information about the gmp-devel
mailing list