this post was submitted on 30 Jul 2023
56 points (75.5% liked)
Fediverse
17724 readers
104 users here now
A community dedicated to fediverse news and discussion.
Fediverse is a portmanteau of "federation" and "universe".
Getting started on Fediverse;
- What is the fediverse?
- Fediverse Platforms
- How to run your own community
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Distributed denial of service.
That first D is the one that makes the attack a real problem.
Yep, this is key. If you’re getting a bunch of malicious traffic from one source, that’s easily fixed. Just drop the traffic.
But when that traffic is coming from hundreds or thousands of sources, that becomes much harder to address. Can you just drop traffic from those sources? Sure! But then you also risk dropping legitimate traffic.
There are also services that can automate the detection and prevention of DDOS attacks such as CloudFlare and Akamai, but these can get expensive very quickly, so it can significantly increase the cost to running the instance in question.
I honestly forgot what the first D was at that moment lol. While I agree it technically can be done pretty badly without distributed attacks. I read in the past couple of years of an approach attackers used was to make an application DOS itself from a single request. I think it required a vulnerability in the application in this instance though.
Twitter did this recently lol