

GitHub was experiencing a DDoS - trevorhartman
https://status.github.com/?utm=1

======
topbanana
Do we really need to be notified every time GitHub or Twitter go down
temporarily? It's inconsequential in the grand scheme of things.

~~~
darkchasma
There is a reason there are controls to allow you to upvote, or downvote
stories. If you don't like a story, and have nothing to contribute to the
story, downvote it. If the story is in the top few, it's because people (that
aren't you) are interested in knowing that github is getting attacked.

EVERYTHING is inconsequential in the grand scheme of things.

Edit: Heh, there are no downvotes on HN for stories. My bad.

~~~
scribu
OT: How much karma do I need to have to see the downvote button?

~~~
InclinedPlane
There is no downvote button on submissions only upvote and flag.

~~~
nonchalance
Should there be downvote buttons for submissions?

~~~
InclinedPlane
Maybe? I could go both ways. I think downvoting is important but it's also
very easily abused. I like stackexchange's downvoting system where it comes at
a cost.

------
dj-wonk
Chances are good that the attackers are DDOS'ing Github using software
consisting of some open source components... hosted for free on Github.

------
Proleps
Why would someone DDoS GitHub? Is there some movement against GitHub? Or is it
just for fun?

~~~
BrenNG
I manage newgrounds.com which gets quite a bit of traffic. We'll get what I
think are DDoS attacks at least once a month. I can see our connection
tracking stats go up to the millions and traffic spikes way up of course.

I don't know WHY they do this, but last time it happened we got an abuse
report saying that we were reported for port scanning from our main firewall /
proxy box. Somehow they had reflected traffic off our firewall / proxy to make
it try to connect to a bunch of IPs on a known trojan port.

I have no idea how they did this, but it appears that this time around we were
being used to scan ports. This is just a stock Debian box with a firewall and
port 80 open. Scary.

~~~
Proleps
> _I don 't know WHY they do this, but last time it happened we got an abuse
> report saying that we were reported for port scanning from our main firewall
> / proxy box. Somehow they had reflected traffic off our firewall / proxy to
> make it try to connect to a bunch of IPs on a known trojan port._

How did you solve it?

~~~
BrenNG
Not sure it's solved, but I added some additional firewall rules to block
certain types of ICMP packets that they were sending and added some additional
logging for when it happens again.

------
regularfry
This is your periodic reminder that deploying directly from Github is a bad
plan.

------
domodomo
Isn't Github having it's annual employee family picnic this week in SF?

This is literally going to ruin someones picnic.

------
adyus
Coincidentally, I just finished setting up Gitlab and Gitlab CI on a private
server. If I could set up repo mirroring between it and Github, it would add a
layer of protection for getting critical work done (security by
distribution?).

~~~
mitchty
Just have both gitlab and github as upstreams and push to both every time. aka
in your .git/config:

    
    
        [remote "origin"]
          url = https://github.com/somerepo.git
          url = https://gitlab.yourdomain.tld/somerepo.git
          fetch = +refs/heads/*:refs/remotes/origin/*
    

And nothing to worry about when github is down.

~~~
jimktrains2
Huh. I wasn't aware you could do that.

What happens if the repos aren't in sync and you pull?

~~~
mitchty
I honestly don't know, should test it and find out. Will look at it later
today.

Edit: curiosity got the better of me
[https://gist.github.com/mitchty/0c2089445c1400d46cb9](https://gist.github.com/mitchty/0c2089445c1400d46cb9)

Basically exactly what you'd think.

------
kclay
Someone doesn't like GitHub, this has been going on for months.

~~~
pplante
there are individuals/groups out there who launch a ddos attack against a
site, then contact the owners demanding money and they will stop.

------
joshuak
Subversion rebels attack again!

~~~
areski
They joined force with the Bazaar empire!

------
mackwic
Even if there are attacks everyday everywhere, I wonder how/if it can be
linked with recent attacks of Apple, Ubuntu forums, and OVH networks.

That's a lot of techies services attacked for such a short time.

EDIT: typo

------
lewisflude
Who would do something like this?

~~~
bencollier49
Russian mafia?

------
mconstable
everyone ping github to show your support

------
WestCoastJustin
If you are looking to host an internal git server, then you should watch my
screencast, where I talk about how to configure a central git server and
manage user access with gitolite.

[http://sysadmincasts.com/episodes/11-internal-git-server-
wit...](http://sysadmincasts.com/episodes/11-internal-git-server-with-
gitolite)

------
dkhenry
I really need to start monitoring GitHub vrs Bitbucket for uptime. I can't
think of the last time Bitbucket was down.

~~~
woah
It was down a few weeks ago, right in the middle of the last big deploy I did.
Just had to laugh honestly.

~~~
DrJokepu
That was scheduled maintenance, however. They had big banners with warnings
everywhere on Bitbucket for several days before the event.

~~~
dkhenry
I think the problem with BitBucket and GitHub is that i never need to go to
the website for most things. All the interfacing I do is thought the Git or
mercurial Interface.

------
j546
Anyone know what they put at the front of their stack? Nginx? Varnish?
HAProxy?

------
octo_t
There was another one of these, slightly older, that just got deleted...

Also the red banner looks a bit off to me, the "More Status History" just
seems plonked in the middle of it.

------
nonchalance
Github seems to attribute every issue initially to a DDoS

~~~
aroch
I'm willing to give them the benefit of the doubt and operate under the
impression that they know more about their network than you or I do.

------
fotcorn
Does someone now what "Pages Builds Failure Rate" means on the page? 4.5%
Server errors is a bit much...

~~~
asdfaoeu
I think they could be talking about github pages. Considering that's user
uploaded content 4.5% seems pretty low.

------
JeremyMorgan
If there is a hell, anyone who would attack GitHub has an express ticket
there.

------
ancarda
Looks like everything is still up though. What is being DDOS'd exactly?

~~~
yaddayadda
Distributed Denial of Service -
[https://en.wikipedia.org/wiki/Ddos](https://en.wikipedia.org/wiki/Ddos)

~~~
mrweasel
I don't think that was the question. The question was, I assume: Which
services are being ddos'ed?

------
guiomie
You must be really evil if you are attacking github!

------
hearty777
This is akin to robbing a police convention.

------
Intermernet
Seems to be working again...

Hopefully didn't type too soon

------
asitkumar
ah no! plzzzzz hackers don't ddos github! this is just not fair

