i have a question in mind: are ddos attacks really cheap ? i mean attacking lemmy.world only is kinda pointless, rest of instances need to be attacked too if they want lemmy down, but i am no expert on this subject, so just asking :/
They are probably quite expensive, I doubt I could afford one. We’re talking about what amounts to (semi-)organized criminal enterprises offering black hat computer services. I’d be shocked if a real large-scale DDOS can be purchased for less than $10k/day. But I have no data.
according to ur knowledgeable answer, apparently only entities with deep pockets could afford this sort of behaviour, it doesn’t leave much guessing about whichever has this kind of money and has interest in Lemmy being down. also this breaks the myth that users from defederated instances would pursue such attacks (presumably out of spite): they would simply be too poor for this sort of stuff and would be indebted in no time
Right, who would have the motive and resources to pay for sustained DDOS attacks against Lemmy servers? Unless the botnet owners themselves have some beef against lemmy.world or something.
In my first post I said “I have no data”, which is true, but I am a software and systems engineer and do have a bit of knowledge about how these botnets are formed. Somebody has to write successful malware, figure out and execute on a successful and low-risk distrubution method, somebody has to write control software to control the infected computers. Somebody has to run the computers all the bots are calling into, and this computer is at some risk of being identified, unless further efforts to hide are taken. This isn’t something one angry person does on a whim. It is likely lots of work from several people, and because of that, it becomes a service that can be offered to others for a price. And I don’t imagine criminals being low-price leaders.
They should shut it down permanently
i have a question in mind: are ddos attacks really cheap ? i mean attacking lemmy.world only is kinda pointless, rest of instances need to be attacked too if they want lemmy down, but i am no expert on this subject, so just asking :/
We can’t know for sure without knowing the details, but it’s not that expensive according to securelist.com:
best bang for the buck: for the damage it causes, its basically free
They are probably quite expensive, I doubt I could afford one. We’re talking about what amounts to (semi-)organized criminal enterprises offering black hat computer services. I’d be shocked if a real large-scale DDOS can be purchased for less than $10k/day. But I have no data.
according to ur knowledgeable answer, apparently only entities with deep pockets could afford this sort of behaviour, it doesn’t leave much guessing about whichever has this kind of money and has interest in Lemmy being down. also this breaks the myth that users from defederated instances would pursue such attacks (presumably out of spite): they would simply be too poor for this sort of stuff and would be indebted in no time
Right, who would have the motive and resources to pay for sustained DDOS attacks against Lemmy servers? Unless the botnet owners themselves have some beef against lemmy.world or something.
In my first post I said “I have no data”, which is true, but I am a software and systems engineer and do have a bit of knowledge about how these botnets are formed. Somebody has to write successful malware, figure out and execute on a successful and low-risk distrubution method, somebody has to write control software to control the infected computers. Somebody has to run the computers all the bots are calling into, and this computer is at some risk of being identified, unless further efforts to hide are taken. This isn’t something one angry person does on a whim. It is likely lots of work from several people, and because of that, it becomes a service that can be offered to others for a price. And I don’t imagine criminals being low-price leaders.
they certainly aren’t.
also we only count 400k in Lemmy as a whole: which is 0.1% that of the R site user count, and we already getting problems. facking hell