[racket-dev] Pinging BYU people!! (was: DOS attack on planet?)

From: Eli Barzilay (eli at barzilay.org)
Date: Sun Sep 22 16:50:24 EDT 2013

Update: bringing it down for a few minutes didn't help, and the
offending process continues its merciless traffic.  I've added a
temporary rule that effectively blacklists planet access from that IP
address.  (Apologies in case that's a shared machine.)  All I see now,
are failed attempts to get "/servlets/pkg-info.ss" (which are answered
with a 403 to that IP).

Can someone at BYU look into this?

20 minutes ago, Eli Barzilay wrote:
> I just looked into that, and it seems that there's something bad going
> on with some machine at BYU which started yesterday.  (Ping: Jay.)
> The offending traffic comes from "fltr5.byu.edu", at a very high rate.
> The new log file for the week had started at 2013-09-22 03:40 local
> time (about 12.5 hours ago) with 92000 queries for this period, and
> 85% of this traffic (about 78k, about a 100 hits per second) is coming
> from this BYU IP.  Looking back, it seems that it's something recent
> that had started just yesterday, so whatever it is, it's new.  Most of
> the traffic is basically a repeating loop of these 8 lines, shown below.
> (I will restart the server now, in an attempt to get whatever it is
> that causes this mess to crash.)

          ((lambda (x) (x x)) (lambda (x) (x x)))          Eli Barzilay:
                    http://barzilay.org/                   Maze is Life!

Posted on the dev mailing list.