> On Jun 25, 2026, at 8:34 PM, Bill Cole <[email protected]> wrote:
> 
...
> 
> Please be aware that while this same sort of attack is hitting a lot of 
> sites, it is not universal and it is not untargeted. I get a sense that it is 
> also not unmonitored as a DDoS, as it does seem that when I've found a useful 
> tactic and worked it for a while (e.g. whack-a-mole blocking) eventually the 
> new hits just stop coming. As if they've stopped to revise their tactics. 
> That sort of lull is present now, after about an hour of heavy pounding after 
> I deployed the current defense.

It's been incredibly frustrating watching the current push for online ID stuff 
knowing that at the end of the day, spammers and every other bad actor out 
there will still be free to operate without any real consequences. I mean, I 
know it's old news, but after being slammed with some DNS DDoS attack (not an 
attack per-se, they were trying to use us to amplify but we don't even support 
the query type they use) I realized that there are still a ton of places that 
allow spoofed IP traffic, I don't even want to look up how old BCP-38 is.

Good luck, hope ASF has the resources to do this long-term.

Charles


> 
> -- 
> Bill Cole
> [email protected] or [email protected]
> (AKA @[email protected] and many *@billmail.scconsult.com addresses)
> Please keep discussion mailing list replies *on-list*
> Not Currently Available For Hire

Reply via email to