andreasdotorgMay 29, 2023
This is why we can't have nice things.
Show threadKevin Karhan May 29, 2023
@andreasdotorg if I were @internetarchive I'd limit the amount of traffic and connections #AWS can make to 1 per IPv4 & 1 per IPv6 @ 64kbit/s and automatically abuse-report and temporarily soft-block the source IPs via #blackholing [like any #DDoS] if not the entire #AWS #AS!
Show threadSimon LucyMay 29, 2023

@kkarhan @andreasdotorg @internetarchive

With swarms of serverless harvesters?
In the end you still end up with CIDR blocking.

Show threadKevin Karhan May 29, 2023

@simon_lucy @andreasdotorg @internetarchive

Then that's a necessary sacrifice one needs to do.

If #aws doesn't combat #abuse then it's only valid to #DROP [#DontRouteOrPeer] their systems...

And yes, I do yeet hostile networks as an act of self- and mutual ITsec...
https://github.com/greyhat-academy/lists.d/blob/main/blocklists.list.tsv

lists.d/blocklists.list.tsv at main · greyhat-academy/lists.d

List of useful things. Contribute to greyhat-academy/lists.d development by creating an account on GitHub.

GitHub
Show threadSimon LucyMay 29, 2023

@kkarhan @andreasdotorg @internetarchive

The point I was making is that IP specific rules aren't sufficient.

Show threadKevin Karhan May 29, 2023

@simon_lucy @andreasdotorg @internetarchive OFC you'd have to block all CIDRs associated to the ASN of AWS...

Which is relatively easy considering that said assignments are public...

Show threadSimon LucyMay 29, 2023

@kkarhan @andreasdotorg @internetarchive

Yes, and that negates archive.org, so it's a very temporary mitigation. I imagine AWS knows and have begun limiting the customer.

Show threadKevin Karhan 
@simon_lucy @andreasdotorg @internetarchive which they should've done IMHO.
May 29, 2023 at 7:00pmWeb