Mike Blacker <mikeblac...@github.com> writes: Microsoft and GitHub have investigated the issue and determined that a Github user updated a script within the FFMPeg-Builds project that pulled content from https://gmplib.org. This build was configured to run parallel simultaneous tests on 100 different types of computers/architectures. This activity does not appear to be nefarious. GMPLIB appears to have limited infrastructure that could not sustain the limited, yet simultaneous requests.
While I appreciate to get an explanation, I find your reply really curious. Our machine is pretty powerful, it is a server class machine with many cores and lots of RAM, and its connection is 1 GbE at a top class data centre. What we experienced was tens of thousands requests from 20ish different Microsoft subnets, many of which where apparently repo clone commands which required our server to compress the contents. In total about 8 GiB of compressed data where requested, surely many times more for the server to compress. All in just a few hours before I firewalled the attack IP addresses off. This is NOT legitimate use of any server on the Internet. Your reply seems to suggest that it is our fault, that we ought to have more powerful servers to accommodate this behaviour. Really? I beg to disagree. This traffic was, if not nefarious, very far from acceptable. We will keep the GMP server infrastructure, and we will defend it from irresponsible usage like this in order to keep it available for responsible usage. -- Torbjörn Please encrypt, key id 0xC8601622 _______________________________________________ gmp-devel mailing list gmp-devel@gmplib.org https://gmplib.org/mailman/listinfo/gmp-devel