Feed: Slashdot
Feed Link: https://slashdot.org/
---

Title: The FSF Faces Active 'Ongoing and Increasing' DDoS Attacks

Link: https://news.slashdot.org/story/25/07/06/1737...

The Free Software Foundation's services face "ongoing (and increasing)
distributed denial of service (DDoS) attacks," senior systems administrator
Ian Kelling wrote Wednesday. But "Even though we are under active attack,
gnu.org, ftp.gnu.org, and savannah.gnu.org are up with normal response times
at the moment, and have been for the majority of this week, largely thanks to
hard work from the Savannah hackers Bob, Corwin, and Luke who've helped us,
your sysadmins." "We've shielded these sites for almost a full year of
intense attacks now, and we'll keep on fighting these attacks for as long as
they continue." Our infrastructure has been under attack since August 2024.
Large Language Model (LLM) web crawlers have been a significant source of the
attacks, and as for the rest, we don't expect to ever know what kind of
entity is targeting our sites or why. - In the fall Bulletin, we wrote about
the August attack on gnu.org. That attack continues, but we have mitigated
it. Judging from the pattern and scope, the goal was likely to take the site
down and it was not an LLM crawler. We do not know who or what is behind the
attack, but since then, we have had more attacks with even higher severity. -
To begin with, GNU Savannah, the FSF's collaborative software development
system, was hit by a massive botnet controlling about five million IPs
starting in January. As of this writing, the attack is still ongoing, but the
botnet's current iteration is mitigated. The goal is likely to build an LLM
training dataset. We do not know who or what is behind this. - Furthermore,
gnu.org and ftp.gnu.org were targets in a new DDoS attack starting on May 27,
2025. Its goal seems to be to take the site down. It is currently mitigated.
It has had several iterations, and each has caused some hours of downtime
while we figured out how to defend ourselves against it. Here again, the goal
was likely to take our sites down and we do not know who or what is behind
this. - In addition, directory.fsf.org, the server behind the Free Software
Directory, has been under attack since June 18. This likely is an LLM scraper
designed to specifically target Media Wiki sites with a botnet. This attack
is very active and now partially mitigated... Even though we are under active
attack, gnu.org, ftp.gnu.org, and savannah.gnu.org are up with normal
response times at the moment, and have been for the majority of this week,
largely thanks to hard work from the Savannah hackers Bob, Corwin, and Luke
who've helped us, your sysadmins. We've shielded these sites for almost a
full year of intense attacks now, and we'll keep on fighting these attacks
for as long as they continue. The full-time FSF tech staff is just two
systems administrators, "and we currently lack the funds to hire more tech
staff any time soon," Kelling points out. Kelling titled his post "our small
team vs millions of bots," suggesting that supporters purchase FSF
memberships "to improve our staffing situation... Can you join us in our
crucial work to guard user freedom and defy dystopia?" Kelling also points
out they're also facing "run-of-the-mill standard crawlers, SEO crawlers,
crawlers pretending to be normal users, crawlers pretending to be other
crawlers, uptime systems, vulnerability scanners, carrier-grade network
address translation, VPNs, and normal browsers hitting our sites..." "Some of
the abuse is not unique to us, and it seems that the health of the web has
some serious problems right now."

Read more of this story at Slashdot.

---
VRSS v2.1.180528