Flames as Microsoft and GitHub are launching a DDoS attack on the server of the open source software 'GNU Multi-Precision Library'
Open source software
The GNU MP Bignum Library
https://gmplib.org/
Microsoft's GitHub 'DDoSes' open source GMP project • The Register
On June 16, 2023, Torbjorn Granlund, one of the developers of GMP, reported that ``GMP servers are currently being attacked by hundreds of IP addresses owned by Microsoft.'' 'We don't know if this is a malicious attack by Microsoft, some kind of mistake, or if it's a cloud customer doing the attack. This attack is targeting GMP repositories, and the same request was sent to Thousands are concentrated, and the requests submitted are carefully chosen to put a high load on the system.'
As an emergency response to the DDoS attack on GMP, Granlund reported that 'the firewall blocks access from all Microsoft IP addresses.'
In response to this report, on June 17, 2023, Mike Blacker, director of threat research and operations at Microsoft's GitHub, conducted an investigation and found that the GitHub action workflow cloned the repository and cloned it more than 700 times. It turned out to be forking across. 'Microsoft and GitHub investigated this issue, and it became clear that a GitHub user updated the script in FFmpeg-Builds to collect content from GMP,' said Blacker.
Blacker also said, 'This build was set to run parallel concurrent tests on 100 different types of computers and architectures, so the large amount of traffic that flooded GMP is not malicious. However, the GMP server has limitations and it seems that it was not able to withstand the simultaneous multiple requests.'
However, Mr. Granlund responded to Mr. Blacker's point that ``the server could not withstand sending requests,'' ``our machine is very powerful, a data center-class machine with many cores and RAM.'' 'This attack is not a legitimate use of servers on the Internet. Your point suggests our fault that we should have a more powerful server to deal with this kind of activity.' I feel like that,” he
Also, according to Mr. Granlund, tens of thousands of requests have been sent to the GMP server from about 20 IP addresses owned by Microsoft. Many of the requests consisted of commands to clone repositories that required the server to compress the content. The total amount of compressed data requested per request was about 8GB, and the server needed many times that amount to compress.
Furthermore, according to Granlund, as of June 17, 2023, a large amount of traffic continued to be sent to the server, and GMP continued to deal with it by blocking Microsoft's IP address.
In response, FFmpeg-Builds developer BtbN released a commit warning developers who fork the repository to adjust their workflow scripts.
In published commits, 'Hundreds, thousands of parallel builds can send huge amounts of traffic to external infrastructure', and if you fork the repository and create your own builds, the build time Random scheduled crontab times are desired in order to spread out as much as possible.
However, a week after the issue was first reported, excessive traffic on GMP is still a problem, and the GMP webpage states, 'The GMP servers have fully recovered, but this is a Microsoft This is the result
Mr. Granlund expresses his dissatisfaction with Microsoft's and GitHub's response, saying, 'I was contacted only once by Mr. Blacker.' He also reported that 'so far we have blocked about 40 Microsoft IP addresses so that they cannot access GMP servers.'
Furthermore, ``Even after a week has passed since the first occurrence, there is still concentrated traffic from the same IP address, but because it is blocked by the firewall, the traffic has little impact on the load.'' . In addition, ``I don't care if Microsoft or GitHub lose access to GMP. criticized the response of
At the time of writing, GitHub has not commented on the large amount of traffic to GMP and Mr. Granlund's remarks.
Related Posts:
in Software, Web Service, Posted by log1r_ut