GITHUB has emerged victorious from its battle against a distributed denial of service (DDoS) attack, and has managed to get workarounds in place and settle back to normal operations after some 120 hours.
The firm has played out the story of the attack and its efforts to beat it off over Twitter. Its latest posts suggest that the battle is over and that things can get back to normal.
The updates, which come after 113, 118 and 122 hours on the battlefield, announce the calm.
After 113 hours of sustained DDoS attacks our defenses are holding. We will keep our status at yellow until the threat has subsided.— GitHub Status (@githubstatus) March 30, 2015
China was blamed for the DDoS attack on the GitHub code repository, and criticised for its repeated efforts to quash free speech.
Hour 118: Mitigation remains effective and service is stable.— GitHub Status (@githubstatus) March 31, 2015
The last post confirms that "Everything [is] operating normally," and this message is confirmed on the dedicated status page.
China is often blamed for attacking web properties, governments, businesses, industries, utilities and its own people's civil liberties, so to find it fingered again is no surprise.
The GitHub attacks began late last week and were described by the code host as "the largest DDoS attack" that it has ever seen.
The post adds that the attack is powerful and sophisticated. "The attack began around 2AM UTC on Thursday, March 26, and involves a wide combination of attack vectors," GitHub explained on the firm's security blog.
"These include every vector we've seen in previous attacks as well as some sophisticated new techniques that use the web browsers of unsuspecting, uninvolved people to flood github.com with high levels of traffic."
GitHub does not pin the attack on anyone but it does appear to be taking advice from external sources.
"Based on reports we've received, we believe the intent of this attack is to convince us to remove a specific class of content," the firm added.
"We are completely focused on mitigating this attack. Our top priority is making sure github.com is available to all our users while deflecting malicious traffic."
One report, by Chinese security blogger [email protected] on the Insight-labs forum, said that the attack targets two sections of GitHub that relate to Chinese censorship watchdog Greatfire.org and a local version of The New York Times.
An update to the GitHub status pages earlier today talks about 100 percent service thanks to workaround efforts, but a later note explains that the "DDoS attack has evolved" and that the site is still having problems.
Dave Larson, CTO of Corero Network Security, praised GitHub for its response, but wondered how long the site will be able to keep its defences up while relying on its current tools.
"We are seeing more often that DDoS attacks against web servers evolve over a period of 24-48 hours until they take down a site or their perpetrators give up and move on. GitHub has done the right thing in keeping its users informed of the status of the attacks," he said.
"But when the attackers are sufficiently motivated and have extensive resources, which is common when the perpetrators are powerful syndicates or state actors, as may be the case here, it is difficult to stay ahead of the attack if your response methodology relies on human analysts." µ
You can't fault them for speed
Investigation reveals that malicious code was injected into the firm's payment page
Plus the three-for-free
And it's not just on Ubuntu, neither