Distributed Denial of Service on security.debian.org by DSA 816

To: Debian Curiosa <debian-curiosa@lists.debian.org>
Subject: Distributed Denial of Service on security.debian.org by DSA 816
From: Martin Schulze <joey@infodrom.org>
Date: Mon, 19 Sep 2005 15:46:24 +0200
Message-id: <[🔎] 20050919134624.GP27161@finlandia.infodrom.north.de>

This morning, at about 11 o'clock (CEST, i.e. UCT +0200) a distributed
denial of service attack on the host that serves security.debian.org
has been initiated.  Since then the host has an output rate of about
60 MBit/s constantly.  There are more than 500 Apache processes and
more than 130 FTP daemon proceses running in parallel, sending out
data.  (Although, the machine is quite responsive when being logged in
via SSH...)

This was..  err.. not intentional, but we had to update XFree86 in
woody and sarge (DSA 816)... so apparently the DDoS by our users was
sort of unavoidable.  It seems that Debian has a lot more users than
during the last XFree86 update.

There are discussions about how to avoid similar situations in the future.

http://klecker.debian.org/mrtg/klecker.eth0-day.png
http://master.debian.org/~joey/klecker.eth0-day.png


Regards,

	Joey

-- 
The MS-DOS filesystem is nice for removable media.  -- H. Peter Anvin

Please always Cc to me when replying to me on the lists.

Reply to:

Prev by Date: Re: BOFH excuse
Next by Date: give her something to smile about
Previous by thread: unsuscribe
Next by thread: give her something to smile about
Index(es):
- Date
- Thread