[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] Search returns 500 MB blob
|
From: |
Andreas Puls |
|
Subject: |
Re: [Sks-devel] Search returns 500 MB blob |
|
Date: |
Mon, 3 Jun 2019 19:27:02 +0200 |
|
User-agent: |
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.7.0 |
Hi Sascha,
maybe you can block the request to those keys.
In Feb '19 we had something like a DDoS, a key which made about 90% of
the traffic.
See here:
https://www.mail-archive.com/address@hidden/msg06498.html
I create an additonal nginx config, fail2ban will be triggered on error
code 444
Br
Andreas
Am 03.06.2019 um 15:40 schrieb Sascha Rommelfangen:
> Hi all,
>
> Is nobody else affected by this issue?
> Nobody able to reproduce it?
>
> Cheers,
> Sascha
>
>
>> On 27 May 2019, at 15:27, Sascha Rommelfangen <address@hidden> wrote:
>>
>> Hi all,
>>
>> We’re just running into a situation where we looked up a key for the email
>> address address@hidden All keyservers we tried, including our very own one
>> at pgp.circl.lu, returned a blob of 500 MB.
>> Some key servers return a timeout after 30 seconds. The situation can also
>> be tested with key ID 0x62cfc8f5, however, the returned blob is much smaller
>> (23 MB).
>>
>> Has anyone else seen this or similar cases and investigated the root cause
>> and what can be done to prevent systematically the exhaustion of resources?
>>
>> Thank you very much and with kind regards,
>> Sascha Rommelfangen
>>
>
>
> _______________________________________________
> Sks-devel mailing list
> address@hidden
> https://lists.nongnu.org/mailman/listinfo/sks-devel
>