[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Flooding attack against synchronising keyservers
|
From: |
Andrew Gallagher |
|
Subject: |
Re: Flooding attack against synchronising keyservers |
|
Date: |
Fri, 21 Apr 2023 14:35:40 +0100 |
Hi, all.
pgpkeys.eu is fully operational, is accepting key submissions and is syncing
with two similarly recovered peers. The number of keys in the dataset is back
to pre-flooding levels, and site reliability has been significantly improved.
If you are an operator and need assistance recovering your system, please get
in touch.
Thanks,
A
> On 27 Mar 2023, at 18:47, Andrew Gallagher via Gnupg-users
> <gnupg-users@gnupg.org> wrote:
>
> Signed PGP part
> Hi, everyone.
>
> The synchronising keyserver network has been under an intermittent flooding
> attack for the past five days, resulting in the addition of approximately 3
> million obviously-fake OpenPGP keys to the SKS dataset. The fake keys are
> currently being submitted multiple times per second via a large number of Tor
> exit relays, making them difficult to block using normal abuse mitigations.
> If unaddressed, this will eventually fill up the disk of all public
> synchronising servers.
>
> Effective immediately, pgpkeys.eu has been temporarily disconnected from all
> its peers, and is blocking all key submissions. It will remain available for
> key lookups but will not allow key updates while the flooding attack
> continues.
>
> I strongly recommend that other keyserver operators take similar measures,
> until a more permanent solution can be deployed.
>
> A
signature.asc
Description: Message signed with OpenPGP
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- Re: Flooding attack against synchronising keyservers,
Andrew Gallagher <=