KiwiFlare

[Maldavius Figtree]

The recent attacks have been either downloading our entire bandwidth at once (which I've limited) or are attacking the HTTP itself. The most recent ones were using exploits in HTTP2.

Thanks for taking the time to explain this stuff!

There’s only so much that can be done against bandwidth based attacks without just physically scaling up the hardware/network stuff, right? Since you would need to receive the package before deciding if it should be dropped.
Exploits in the HTTP2 protocol itself or the implementation of your firewall?

Currently fighting intermittent DDoS attacks myself, and while we are able to use Cloudflare, there’s still some bottlenecks. At this point I feel like there is nothing that can be done if the attacker simply has far more resources

 

[Null]

if you're on cloudflare you should not be having any issues. they basically take care of everything.

 

[XYZpdq Jr.]

dumb question here so as to not explicitly bug Dear Feeder

if I'm with Jimmy Jonny's Wonder Widgets, and we want to get kiwiflare because cloudflare is fake and gay (but still use our other web host), is that like a thing that operates independent of 1776 Hosting and the general Farms orbit, or if Gone Dong or some other no-good-nik decides to blow another check on DDOS would that then impact Wonder Widgets

 

[y a t s]

A little while ago, I saw github traffic insights said someone was linked to one of my github repos from chatgpt.com. This got me curious as to how much AI knows about software I wrote, so I figured I'd put my checkmark to use and ask Grok some general questions. I was surprised by the quality of its responses and the lack of overt moralfagging.

Based on the answer it gave, it seems like it's pulling info from discussions on this site. It's nice to think stuff written on here may inform its answers, including answers about certain people and consent accidents they want to cover up, giving the site's often legitimately useful content much wider reach.

It also gave me a surprisingly insightful (though slightly outdated) overview of the solver library I wrote. It recognizes and acknowledges that the site has ongoing attacks and networking fuckery against it:

I like the note it gave at the end about computational complexity vs secrecy/obscurity too. What I like most is that it gives reasonably informed answers about the site and treats us with a basic level of legitimacy instead of calling us a hivemind of cyber-terrorists who are worse than Hitler. Cool stuff.

 

[Russell Coight]

Did this kiwiflare script ever get released to the plebs or is that highly verboten

 

[Kapitan Bomba]

The UK geoblock has been playing up for me. I browse clearnet-through-Tor, and I sometimes get the Ofcom page with non-UK exits. Just got another through a Russian one, I think the IP was 185.40.4.92.

 

[Kapitan Bomba]

Can't edit, doubleposting instead. Just had it happen again, this time under 185.40.4.132 / 2a0e:4005:1002:ffff:185:40:4:132, seems to be the same host though. The geolocation of that network seems to be fucked in general, Tor displays a Russian flag, whois claims Russia as well, but MaxMind claims Seychelles, and ipinfo claims Norway. At least the "New Tor circuit" button fixes it.

 

[Empryean]

Can't edit, doubleposting instead. Just had it happen again, this time under 185.40.4.132 / 2a0e:4005:1002:ffff:185:40:4:132, seems to be the same host though. The geolocation of that network seems to be fucked in general, Tor displays a Russian flag, whois claims Russia as well, but MaxMind claims Seychelles, and ipinfo claims Norway. At least the "New Tor circuit" button fixes it.

MaxMind GeoIP locates that IPv6 to the United Kingdom (here), this would explain it if you connected to the site via IPv6. From my own experience I'd put it down to MaxMind taking their time updating specific ranges to a country-accurate degree.