Hello, we experienced the same thing from the same IP's about 6 months ago. This happened simultaneously with some IPv6 classes. Can't supply the IP's however, we blocked all the netblocks we could identify as belonging to China. On 10/26/23 15:00, centos-mirror-request at centos.org wrote: > Send CentOS-mirror mailing list submissions to > centos-mirror at centos.org > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.centos.org/mailman/listinfo/centos-mirror > or, via email, send a message with subject or body 'help' to > centos-mirror-request at centos.org > > You can reach the person managing the list at > centos-mirror-owner at centos.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of CentOS-mirror digest..." > > > Today's Topics: > > 1. Re: DDoS attack (Dominik Nowacki) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Wed, 25 Oct 2023 12:14:55 +0000 > From: Dominik Nowacki <dominik at clouvider.co.uk> > To: Mailing list for CentOS mirrors. <centos-mirror at centos.org> > Subject: Re: [CentOS-mirror] DDoS attack > Message-ID: <1CE1A3D7-BD4F-4BED-85BB-8AF3707C2E29 at clouvider.co.uk> > Content-Type: text/plain; charset="utf-8" > > And same here. > One of our mirror servers was impacted. > > Kind Regards, > D > > Sent from my iPhone > >> On 25 Oct 2023, at 12:40, ariel sabiguero yawelak <asabigue at fder.edu.uy> wrote: >> >> ?We had to implement equivalent filtering rules during the weekend from network 223.67.0.0/16... and after your experience, we will start blocking 182.255.33.0/24 too. >> >> regards >> >> >> ariel >> >>> On 25/10/23 8:24, Alex Iribarren wrote: >>> Hi all, >>> >>> This morning we stopped a DDoS attack on our mirror coming from China. The traffic was somewhat similar to what we've discussed in the past[1], except this time they weren't range requests, they were downloading the full iso files. The worst offenders were 223.67.0.0/16 and 182.255.33.0/24, in case you want to check your mirrors for signs of abuse. >>> >>> Cheers, >>> Alex >>> >>> >>> [1] https://lists.centos.org/pipermail/centos-mirror/2022-April/077440.html >>> _______________________________________________ >>> CentOS-mirror mailing list >>> CentOS-mirror at centos.org >>> https://lists.centos.org/mailman/listinfo/centos-mirror >> _______________________________________________ >> CentOS-mirror mailing list >> CentOS-mirror at centos.org >> https://lists.centos.org/mailman/listinfo/centos-mirror > ------------------------------ > > Subject: Digest Footer > > _______________________________________________ > CentOS-mirror mailing list > CentOS-mirror at centos.org > https://lists.centos.org/mailman/listinfo/centos-mirror > > > ------------------------------ > > End of CentOS-mirror Digest, Vol 221, Issue 2 > *********************************************