Mike Blacker <mikeblac...@github.com> writes: Microsoft and GitHub have investigated the issue and determined that a Github user updated a script within the FFMPeg-Builds project that pulled content from https://gmplib.org. This build was configured to run parallel simultaneous tests on 100 different types of computers/architectures. This activity does not appear to be nefarious. GMPLIB appears to have limited infrastructure that could not sustain the limited, yet simultaneous requests.
Note that this abusive traffic is still ongoing, but it is subsiding as I keep adding more and more Microsoft subnets to the firewall rules. I have much better things to do than defend a public service web server against corporate abuse! What would you advise me to do, should I contact a US lawyer and have them send a cease and desist letter? I've copied a short excerpt from the current logs (these subnets are now going into the firewall rules too, of course). Last afternoon (UTC) it was about 10 times worse than shown here. These logs are only the ones which repeatedly downloads large parts of the repository. There are many other indefinitely repeated requests, but these below are the ones which really cause significant CPU load and network traffic. 20.57.73.47 - - [17/Jun/2023:15:28:49 +0200] "GET /repo/gmp/?cmd=getbundle HTTP/1.1" 200 5788851 "-" "mercurial/proto-1.0 (Mercurial 6.3.2)" 20.172.10.64 - - [17/Jun/2023:15:28:58 +0200] "GET /repo/gmp/?cmd=getbundle HTTP/1.1" 200 5788842 "-" "mercurial/proto-1.0 (Mercurial 6.3.2)" 20.185.158.94 - - [17/Jun/2023:15:29:45 +0200] "GET /repo/gmp/?cmd=getbundle HTTP/1.1" 200 5789473 "-" "mercurial/proto-1.0 (Mercurial 6.3.2)" 20.57.73.47 - - [17/Jun/2023:15:30:06 +0200] "GET /repo/gmp/?cmd=getbundle HTTP/1.1" 200 14612259 "-" "mercurial/proto-1.0 (Mercurial 6.3.2)" 20.185.158.94 - - [17/Jun/2023:15:30:15 +0200] "GET /repo/gmp/?cmd=getbundle HTTP/1.1" 200 5788753 "-" "mercurial/proto-1.0 (Mercurial 6.3.2)" 20.172.10.64 - - [17/Jun/2023:15:30:35 +0200] "GET /repo/gmp/?cmd=getbundle HTTP/1.1" 200 5788836 "-" "mercurial/proto-1.0 (Mercurial 6.3.2)" 172.176.188.82 - - [17/Jun/2023:15:31:31 +0200] "GET /repo/gmp/?cmd=getbundle HTTP/1.1" 200 5788889 "-" "mercurial/proto-1.0 (Mercurial 6.3.2)" 20.49.37.18 - - [17/Jun/2023:15:31:36 +0200] "GET /repo/gmp/?cmd=getbundle HTTP/1.1" 200 5788866 "-" "mercurial/proto-1.0 (Mercurial 6.3.2)" 20.172.10.64 - - [17/Jun/2023:15:31:45 +0200] "GET /repo/gmp/?cmd=getbundle HTTP/1.1" 200 5788864 "-" "mercurial/proto-1.0 (Mercurial 6.3.2)" 20.185.158.94 - - [17/Jun/2023:15:31:50 +0200] "GET /repo/gmp/?cmd=getbundle HTTP/1.1" 200 5788767 "-" "mercurial/proto-1.0 (Mercurial 6.3.2)" 172.177.96.47 - - [17/Jun/2023:15:32:09 +0200] "GET /repo/gmp/?cmd=getbundle HTTP/1.1" 200 5790455 "-" "mercurial/proto-1.0 (Mercurial 6.3.2)" 20.49.37.18 - - [17/Jun/2023:15:32:31 +0200] "GET /repo/gmp/?cmd=getbundle HTTP/1.1" 200 5788838 "-" "mercurial/proto-1.0 (Mercurial 6.3.2)" 20.172.10.64 - - [17/Jun/2023:15:33:22 +0200] "GET /repo/gmp/?cmd=getbundle HTTP/1.1" 200 5788838 "-" "mercurial/proto-1.0 (Mercurial 6.3.2)" 20.49.37.18 - - [17/Jun/2023:15:33:44 +0200] "GET /repo/gmp/?cmd=getbundle HTTP/1.1" 200 5788851 "-" "mercurial/proto-1.0 (Mercurial 6.3.2)" 65.52.35.13 - - [17/Jun/2023:15:33:50 +0200] "GET /repo/gmp/?cmd=getbundle HTTP/1.1" 200 14613459 "-" "mercurial/proto-1.0 (Mercurial 6.3.2)" -- Torbjörn Please encrypt, key id 0xC8601622 _______________________________________________ gmp-devel mailing list gmp-devel@gmplib.org https://gmplib.org/mailman/listinfo/gmp-devel
