#DDoS Attacks on the Rise, but How Can You Prevent One?
DDoS attacks are increasing each year. But what actually are they? And how can your business prevent them from occurring?
Tech.co · DDoS Attacks on the Rise, but How Can You Prevent One?
Recent searches
Search options
Administered by:
#DDoS
8 posts7 participants0 posts today
I'm having trouble figuring out what kind of botnet has been hammering our web servers over the past week. Requests come in from tens of thousands of addresses, just once or twice each (and not getting blocked by fail2ban), with different browser strings (Chrome versions ranging from 24.0.1292.0 - 108.0.5163.147) and ridiculous cobbled-together paths like /about-us/1-2-3-to-the-zoo/the-tiny-seed/10-little-rubber-ducks/1-2-3-to-the-zoo/the-tiny-seed/the-nonsense-show/slowly-slowly-slowly-said-the-sloth/the-boastful-fisherman/the-boastful-fisherman/brown-bear-brown-bear-what-do-you-see/the-boastful-fisherman/brown-bear-brown-bear-what-do-you-see/brown-bear-brown-bear-what-do-you-see/pancakes-pancakes/pancakes-pancakes/the-tiny-seed/pancakes-pancakes/pancakes-pancakes/slowly-slowly-slowly-said-the-sloth/the-tiny-seed
(I just put together a bunch of Eric Carle titles as an example. The actual paths are pasted together from valid paths on our server but in invalid order, with as many as 32 subdirectories.)
Has anyone else been seeing this and do you have an idea what's behind it?
Sales pitch toward the end.
Akamai: DDoS Attack Trends in 2024 Signify That Sophistication Overshadows Size https://www.akamai.com/blog/security/ddos-attack-trends-2024-signify-sophistication-overshadows-size @akamai_research #cybersecurity #infosec #DDoS
Replied in thread
Nachdem diverse #ki #ai #crawler besonders respektvoll mit den öffentlichen Ressourcen von Open Source Projekten umgehen, habe ich mich dazu entschlossen eben diese auszusperren. Wir hatten in der Vergangenheit crawls, die im #monitoring als #ddos gewertet wurden.
Diverse AS erfreuen sich nun einem dauerhaften 429, einige wenige die es für alle kaputt machen…
Replied in thread
@Prozak @seanfobbe Lets say @Codeberg did suffer some serious #DDoS (which OFC isn't their fault) so I'd rather see #SelfHosting as a better option...
- Needless to say I'm likely considering as a #public #mirror / #public #git once I'd actually change my setups.
It's just.currently.not.my.priority, but *my.priorities.ain't authoritative...
Replied in thread
@seanfobbe personally I'd consider #gitea and #SelfHosting.
- As of now I abude #github as free, #DDoS-protected hosting and something #Microsoft burns money in.
Once any of my projects would gain traction I'd move from there away.
- I just am not a huge fan of @Codeberg even tho they are a better option.
I jist move to either SelfHosting or nowhere...
The Dutch web hosting company Argeweb has experienced performance issues for over a week now.
Replied in thread
@LunaDragofelis Consider #blackholing entire #ASN|s like #aws and all the ofther #GAFAMs instead.
- It's the only way to stop these #DDoS attacks!
I'm getting #DDOS-ed by #AIcrawlers right now, even though I have a strict robots.txt.
Outgoing traffic suddenly increased (more or less 10 times regular traffic).
I have to block their crap using my firewall. That's NOT OK.
TechCrunch · Open source devs are fighting AI crawlers with cleverness and vengeance | TechCrunchAI web crawling bots are the cockroaches of the internet, many developers believe. FOSS devs are fighting back in ingenuous, humorous ways.
Replied in thread
Ars Technica · After DDOS attacks, Blizzard rolls back Hardcore WoW deaths for the first time
Devs say AI crawlers dominate traffic, forcing blocks on entire countries - Software developer Xe Iaso reached a breaking point earlier this year when... - https://arstechnica.com/ai/2025/03/devs-say-ai-crawlers-dominate-traffic-forcing-blocks-on-entire-countries/ #machinelearning #biz #ddos #ai
Ars Technica · Open source devs say AI crawlers dominate traffic, forcing blocks on entire countries
Who could have guessed that an industry whose entire business model is based on theft would behave like malware attacks on the Internet? 
Ars Technica · Open source devs say AI crawlers dominate traffic, forcing blocks on entire countries
DrayTek routers in the UK (and to a lesser extent elsewhere) are having A Bad Weekend. Lots of "spontaneous" reboots.
Also, DrayTek's UK website is unreachable. So this looks like a concerted attack.
Details are patchy, but ISP Review is tracking the problem: https://www.ispreview.co.uk/index.php/2025/03/broadband-isps-report-uk-connectivity-problems-with-vulnerable-draytek-routers.html
Applying firmware upgrades and disabling VPN services will help. Search your networks for indicators of compromise.
ISPreview UK · Broadband ISPs Report UK Problems with Vulnerable DrayTek Routers UPDATE3A number of broadband ISPs from across the United Kingdom (and possibly other countries too), such as ICUK and Andrews & Arnold (AAISP), have this weekend n
Replied in thread
@osm_tech personally, I'd block all the #GAFAMs by their entire #ASN|s!
Fuck the crawlers; #Blackholing of their #DDoS attacks is the only feasible option!
Also send an #AbuseReport everytime they try that shite to them and all the providers from you till them...
LLM crawlers continue to DDoS SourceHut | sr_ht status
「 SourceHut continues to face disruptions due to aggressive LLM crawlers. We are continuously working to deploy mitigations. We have deployed a number of mitigations which are keeping the problem contained for now. However, some of our mitigations may impact end-users 」
status.sr.htLLM crawlers continue to DDoS SourceHut | sr.ht statusSourceHut continues to face disruptions due to aggressive LLM crawlers.
We are continuously working to deploy mitigations. We have deployed a number of
mitigations which are keeping the problem contained for now. However, some of
our mitigations may impact end-users.
In particular, we have deployed Nepenthes to certain routes which are
associated with large volumes of LLM-related traffic. You may encounter certain
pages which are not usable as a result, especially if you are not logged in.
Artificial intelligence companies are creating incredibly large scale denial of service situations on the infrastructure of Open Source Networks.
Now Network owners need to waste time on Finding ways of sending All These requests of the rogue AI insects to /dev/null
#DDoS #DenialOfService #AI #LLM #KDE #crawler #programming #Alibaba #IP #FOSS #attack #OpenSource
https://thelibre.news/foss-infrastructure-is-under-attack-by-ai-companies/
![screenshot of a messaging app conversation. The main text at the top reads: "Then, yesterday morning, KDE GitLab infrastructure was overwhelmed by another AI crawler, with IPs from an Alibaba range; this caused GitLab to be temporarily inaccessible by KDE developers." Below this, there are several messages in a chat interface. The first message is from a user named "bcooksley" at 11:35, stating: "Invent is getting Denial of Service'd by an Alibaba IP range." The second message is from a user named "Akseli" at 11:38, saying: "LLM bots again?" The third message is from a user named "svuorela" at 11:39, with the text: "* svuorela ([@]_irc_svuo...). The background of the screenshot is black, and the text is in white and pink.](https://media.bsd.cafe/bsdmmedia01/media_attachments/files/114/195/734/343/199/515/original/8f9170d5856a4852.jpg "screenshot of a messaging app conversation. The main text at the top reads: \"Then, yesterday morning, KDE GitLab infrastructure was overwhelmed by another AI crawler, with IPs from an Alibaba range; this caused GitLab to be temporarily inaccessible by KDE developers.\" Below this, there are several messages in a chat interface. The first message is from a user named \"bcooksley\" at 11:35, stating: \"Invent is getting Denial of Service'd by an Alibaba IP range.\" The second message is from a user named \"Akseli\" at 11:38, saying: \"LLM bots again?\" The third message is from a user named \"svuorela\" at 11:39, with the text: \"* svuorela ([@]_irc_svuo...). The background of the screenshot is black, and the text is in white and pink.")
Replied in thread
@Viss #CloudFlare is a #RogueISP known to offer Services in #Russia and to #CyberCriminals...
#ClownFlare is also a #ValueRemoving #rentseeker who's core product / service is essentially a #Racketeering Scheme and should not exist as any competent hoster offers #DDoS protection free of charge...