From the sounds of it their architecture may not support this. If they had a SAN solution capable of replication to multiple data centers like HP LeftHand's product or a multiple master DRBD configuration they may be able to host github from multiple active datacenters and announce the block equally so that providers route traffic to them because their ASN is closest.
Who knows, maybe they do all of this?
Other than the added complexity, can you share any details about the cost? It seems like theoretically some managed hosting providers could offer this assuming they were in multiple datacenters, but I haven't seen any that do.
A few days ago we had a 30 Gbit DDoS. Our server host just blackholed any IP that was touched by it. They kept moving it around to target different bits of our infrastructure (unlike previous attacks that just targeted our website).
We lost 6 servers, but thankfully not enough to take us fully offline though some customers would have experienced problems during that time.
If they had just been a bit more persistent we might have been in serious trouble.
At that level of DDoS your server host doesn't care about keeping you online. They want the traffic off their network.
Now the bad guys knows that they should just have tried a bit longer.
Now maybe that because you were DROP'ing / blacklisting IPs maybe they just ran out of zombies but still...
If I was the attacker and read your message and wanted to be bad, I'd just hammer you a bit more to put you in trouble.
Besides that there are some ISPs who do care about both keeping you online and fighting the low-life scums: the ISP XS4ALL from the Netherlands is (was at least) notoriously famous for that.
Might be just me, but I don't like this trend. I'm seeing "the chinese" & "hacking" used too much together without proof more often than not. Almost as if they are being made into the next boogeyman to be afraid of.
Get used to it, you're going to be seeing it for what is likely a few decades at least. We need an enemy. The Chinese are the new Red Army; something to blame Western problems on.
That sounds really ignorant. DDoS is not a situation of east versus west.
In case you've missed the memo, they're threatening all of their neighbors outright with kinetic military force. Japan is no trivial country to threaten force against, so the diplomatic climate has changed and more information is being shared publicly in anticipation of an outright military conflict.
There are conflicting interests between individuals that lead to physical fights and the same applies to sovereign nations whose interests run contrary.
It was, at least in some political magazines.
http://www.heise.de/tp/artikel/7/7551/1.html (German article from 2001)
And besides Internet, just for the record https://www.fas.org/irp/news/1999/06/990602-275397.htm
Every time someone gets ddosed and complains on hosting forums, the #1 reaction is "who did you piss off?".
Github either pissed someone off, or it's about "street cred".
I was interviewing a candidate about a year ago. Who bragged to me that he hacked the North Broward Hospital District.
And I was like, "why would you hack a hospital?"
His answer, "It was there."
I was dumb-founded. I mean I hired him, but still. :)
Interviewer: (sings) Good night, ring-ding-dingy. (shouts) Five, four, three, two, one!
Candidate: (cackles like a chicken)
Interviewer: (writing) Good! Very good, indeed!
Typically large services are targeted by some some form of cyber-criminal. As an example only, if the Russian Business Network* were attempting to extort money from github they could use a DDOS and go away when paid (for a while).
This happens to some larger media sites during large events such as the Olympics.
This view makes DDoS seem more normal or even romantic/heroic, and spreads the tools/know-how more widely. So, pulling off a DDoS becomes a more plausible and attractive aspiration, for a larger set of surly people with marginal reasoning skills and destructive impulses.
The DDoS tactic should be rejected as dishonorable censorship and vandalism, no matter the cause under which it is launched.
The default assumption when you see someone unwilling to leave a bar is not that they are noble, and neither should it be the default assumption for a DDoS. That said, I don't think it is reasonable to say no DDoS could ever be noble, just that the vast majority of the time it is just someone being an asshole.
I don't know anything about any of Github's attackers, but from other incidents I know of at other services, it could be anything. A billing dispute. Anger that something was taken down... or not taken down in response to an unreasonable request. Anger that an account was suspended... or that some feud-rival's account wasn't suspended. People throwing "do it my way or I'll take your site down" tantrums may not make sense to anyone other them themselves.
I'm starting to think this is some kind of grab for intellectual property; maybe even a targetting of private repos to somehow gain access.
As far as motive goes, if github can be electronically terrorized, laws to protect them and everyone from future electronic terrorism only make sense, right?
Always do what you can to understand motive!
The tree is built up automatically but you can weight the paths and also which is the start node of the tree. There are also a lot of settings that may or may not completely fuck you over or fix a problem.
Also you really want to disable STP on ports going to servers as this will 1) speed up recovery 2) prevent any malicious packets going out from them.
With all the exploits out there coming out on a nearly daily basis it's not exactly either as if having an army of a few tens of thousands of zombies was expensive...
Technically now ISPs could throttle the bandwith (or even disallow net access) to zombies boxen used in DDoS attacks in all the countries applying "x-strikes" rules.
So there may be light at the end of the tunnel.
It's not exactly as if DDoS was a fatality and nothing could be done about it.
Most ISPs charge for bandwidth. Outside of governmental coercion, is there any incentive for them to do this?