Conversation
Codeberg@social.anoxinon.de

Codeberg.org

"Nabend" (German good evening) everyone. Some new actor just popped up and is scanning Codeberg for security issues. We are identifying the IP addresses to block and should be back online in a few minutes.

2
0
1
getimiskon

gettie (neocat_googly_woozy arc) OwOid verified_neko neocat_flag_ace neocat_flag_nb

Reply to @Codeberg@social.anoxinon.de
@Codeberg nabend! blobcatwave
hope you'll kick their ass
0
0
2
chaosmonkey@masto.ai

Martijn 🇪🇺🇳🇱

Reply to @Codeberg@social.anoxinon.de

@Codeberg Out of curiosity: what are you guys using to detect threats like this?

3
0
0
Codeberg@social.anoxinon.de

Codeberg.org

Reply to @chaosmonkey@masto.ai

@chaosmonkey grep on access logs, mostly. It's the first time that this has had a big impact, and it seems to be due to the length of the search query and the amount of requests that Codeberg is suffering so much.

1
0
0
mattesilver@101010.pl

Zło To

Reply to @chaosmonkey@masto.ai
Edited 15 days ago

@chaosmonkey @Codeberg asking for a friend? 😉

1
0
0
chaosmonkey@masto.ai

Martijn 🇪🇺🇳🇱

Reply to @mattesilver@101010.pl

@mattesilver @Codeberg Mostly interested in different solutions people come up with for real world problems. Occupational curiosity I guess.

1
0
0
mattesilver@101010.pl

Zło To

Reply to @chaosmonkey@masto.ai

@chaosmonkey @Codeberg sure, but a security related question is always a risk of an adversary asking for help defeating the defences

1
0
0
chaosmonkey@masto.ai

Martijn 🇪🇺🇳🇱

Reply to @mattesilver@101010.pl

@mattesilver @Codeberg I can only half agree. Security by obscurity is not a great idea either. Anyway, its not important so if codeberg wants to remain quiet about it, that's also fine. 😊

0
0
0
lamp@neon.nightbulb.net

lamp

Reply to @chaosmonkey@masto.ai
@Codeberg@social.anoxinon.de

They took a little leprechaun in a G-man suit and built him an apartment inside the computer case then moved him in there. Nothing gets past Paddy's radar.
0
0
0
chaosmonkey@masto.ai

Martijn 🇪🇺🇳🇱

Reply to @Codeberg@social.anoxinon.de

@Codeberg Thanks for the response. 😀 I am going to be running a small service and was looking around for solutions so I got curious.

1
0
0
samirx@infosec.exchange

samir x

Reply to @chaosmonkey@masto.ai

@chaosmonkey @Codeberg if you’re running a small service you can use Cloudflare to proxy your traffic - they offer basic DDoS and AI scraping protections on the free plan

1
0
0
Codeberg@social.anoxinon.de

Codeberg.org

Reply to @samirx@infosec.exchange

@samirx

... and they watch all your user's traffic, including passwords, in the meantime. A scary thing for us, nothing we would ever deploy.

~f
@chaosmonkey

0
0
0
About Γκωμμουνηστικό Κώμα Φέντιβερς

Terms of Service

Last update: 2024-06-16

Contents

About this instance
Rules
Federation Policy
Support

About this instance

This is an instance based on Akkoma. It's one of the services that comprises the "Fediverse", a network of federated services like Mastodon, Misskey and others. For more information about the Fediverse, you can check out fediverse.party.

The instance is being run by getimiskon and it's a part of their services.

In order to keep the instance sustainable for as long as possible as well as to make easier to deal with moderation, we don't have open registrations. But feel free to ask for an invite.

Important: Some blocklists for ad blocking add-ons may cause issues, like hiding the "Follow" button. It's understandable that you may not want to disable your ad blocker, but make sure to configure it for this instance. This instance does not rely on ads and it will never be.


Rules

The following rules apply on this instance:

  • Don't spam

  • Don't harass anyone inside and outside this instance

  • Don't dox any user (sharing personal information without their consent)

  • Tag NSFW (not safe for work) content accordingly

  • Don't upload any material that includes minors (SFW or not)

  • Avoid posting anything illegal, specifically illegal in Germany, as the server is being hosted there

  • Sexism, racism, fascism and nazism are not welcome here

  • Boosted content is being treated like posts. Don't boost content that breaks this instance's rules

Non-compliance with these rules may result to the termination of your account


Federation Policy

We generally don't want to block instances. Because of the decentralized nature of the Fediverse, there might be content from other instances that don't comply with our rules and might be displayed at the "Known Network" tab. We may remove instances that host those posts from that tab. You will still be able to communicate with people from these instances if you want to.

We may block some instances for the following reasons:

  • Promote fascism, nazism, racism etc.
  • Host NSFW content including minors
  • Instances that are run by corporations who don't support Free Software
  • Instances that cause problems to our users

We also don't block instances for the following reasons:

  • Federation with instances we disagree with
  • Personal issues with the owners of other instances
  • Because a blocklist maintainer told us to do so

If there are any issues or mistakes that we should be aware of, feel free to contact the admin of this instance.


Support

While the server is free to use, unfortunately hosting it is not. In order to continue running it and our services, as well as improving them, support is needed by its users.

You can support the instance and all the services by donating at Liberapay. Keep in mind that donations at Liberapay are recurring, so if you plan to do a one-time donation, it may not be the best option for you.

For more information about supporting this instance, contact the admin.