Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
bayindirh 2 hours ago

I mean, they're battling with DDoS all the time. I follow their account on Mastodon, and they're pretty open about it.

I believe the correct question is "Why they are getting DDoSed this much if they are not something important?"

For anyone who wants to follow: https://social.anoxinon.de/@Codeberg

Even their status page is under attack. Sorry for my French, but WTF?

exceptione 2 hours ago | parent | next [-]

Crazy. Who would have an incentive to spend resources on DDoS'ing Codeberg? The only party I can think of would be Github. I know that the normalization of ruthlessness and winner-takes-all mentality made crime mandatory for large parts of the economy, but still cannot wrap my mind around it.

Kelteseth 2 hours ago | parent | next [-]

Not just them. For example, Qt self hosted cgit got ddos just two weeks ago. No idea why random open source projects getting attacked.

> in the past 48 hours, code.qt.io has been under a persistent DDoS attack. The attackers utilize a highly distributed network of IP addresses, attempting to obstruct services and network bandwidth.

https://lists.qt-project.org/pipermail/development/2025-Nove...

rcxdude an hour ago | parent | prev | next [-]

DDoS are crazy cheap now, it could be a random person for the lulz, or just as a test or demo (though I suspect Codeberg aren't a bit enough target to be impressive there).

Sammi an hour ago | parent [-]

Is it because the s in iot stands for security? I'm asking genuinely. Where are these requests coming from?

sznio an hour ago | parent | prev | next [-]

>The only party I can think of would be Github.

I think it's not malice, but stupidity. IoT made even a script kiddie capable of running a huge botnet capable of DDoSing anything but CloudFlare.

Ygg2 2 hours ago | parent | prev | next [-]

> Who would have an incentive to spend resources

That's not how threat analysis works. That's a conspiracy theory. You need to consider the difficulty of achieving it.

Otherwise I could start speculating which large NAS provider is trying to DDoS me, when in fact it's a script kiddie.

As for who would have the most incentives? Unscrupulous AI scrapers. Every unprotected site experiences a flood of AI scrapers/bots.

theteapot an hour ago | parent [-]

Actually I think that's roughly how threat analysis works though.

Ygg2 3 minutes ago | parent [-]

For threat analysis, you need to know how hard you are to break in, what the incentives are, and who your potential adversaries are.

For each potential adversary, you list the risk strategy; that's threat analysis 101.

tonyhart7 an hour ago | parent | prev [-]

its easier for MS to buy codeberg and close it than to spent time and money to DDOS things

matrss an hour ago | parent [-]

How do you buy an e.V.?

tonyhart7 20 minutes ago | parent [-]

You goes to BYD dealership???

letmetweakit 2 hours ago | parent | prev [-]

That's rough ... it is a bad, bad world out there.

bayindirh 2 hours ago | parent [-]

Try exposing a paswordless SSH server to outside to see what happens. It'll be tried immediately, non-stop.

Now, all the servers I run has no public SSH ports, anymore. This is also why I don't expose home-servers to internet. I don't want that chaos at my doorstep.

letmetweakit 2 hours ago | parent | next [-]

Yeah, I have been thinking about hosting a small internet facing service on my home server, but I’m just not willing to take the risk. I’d do it on a separate internet connection, but not on my main one.

bayindirh an hour ago | parent [-]

You can always use a small Hetzner server (or a free Oracle Cloud one if you are in a pinch) and install tailscale to all of your servers to create a P2P yet invisible network between your hosts. You need to protect the internet facing one properly, and set ACLs at tailscale level if you're storing anything personal on that network, though.

letmetweakit an hour ago | parent [-]

I would probably just ssh into the Hetzner box and not connect it to my tailnet.

gear54rus 2 hours ago | parent | prev [-]

this can be fixed by just using random ssh port

all my services are always exposed for convenience but never on a standard port (except http)

bayindirh an hour ago | parent [-]

It reduces the noise, yes, but doesn't stop a determined attacker.

After managing a fleet for a long time, I'd never do that. Tailscale or any other VPN is mandatory for me to be able to access "login" ports.