Does anybody have any wider context regarding this attack? Is it the first time a massive DDoS like that was mitigated, with just minor disruptions to the victim?
Not by a long-shot; this was reported as a big deal (and I'd love to have more insight and data available), but this kind of thing has been going on for many years.
Ask your local DNS admin for some war stories. :-)
It also gained notoriety because it seemed like an attempt by a Chinese actor (possibly the PRC) to force Github to take down two repositories that helped to circumvent the Great Firewall.
Github itself has weathered DDoS attacks before, but I'm not sure how different this attack was in scale.
Interestingly, GitHub seem's to be allowing logged-in users to access those pages, but using a incongnito tab shows unicorns. I'm guessing they've just disabled access for unauthenticated requests.
20 comments
[ 2.9 ms ] story [ 51.7 ms ] threadhttps://status.github.com/messages
From a state sponsored attacker I would have expected to see a BGP attack..
Ask your local DNS admin for some war stories. :-)
Github itself has weathered DDoS attacks before, but I'm not sure how different this attack was in scale.
http://techcrunch.com/2015/03/19/anti-censorship-service-gre...
See links around this article, similar attacks have happened before:
http://www.netresec.com/?page=Blog&month=2015-03&post=China%...
Update: its working now, but it was definitely not working earlier.
Is this simply a temporary precautionary measure because of the initial JS DDOS, or has GitHub permanently taken those two repos down?
If it's the latter, then I'm really disappointed and it would seem the PRC was able to get what it wanted.