[prev in list] [next in list] [prev in thread] [next in thread]
List: gnupg-users
Subject: Re: Flooding attack against synchronising keyservers
From: Andrew Gallagher via Gnupg-users <gnupg-users () gnupg ! org>
Date: 2023-04-21 13:35:40
Message-ID: 56BC8465-6A22-41ED-86F6-595C473253D8 () andrewg ! com
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
Hi, all.
pgpkeys.eu is fully operational, is accepting key submissions and is syncing with two \
similarly recovered peers. The number of keys in the dataset is back to pre-flooding \
levels, and site reliability has been significantly improved.
If you are an operator and need assistance recovering your system, please get in \
touch.
Thanks,
A
> On 27 Mar 2023, at 18:47, Andrew Gallagher via Gnupg-users <gnupg-users@gnupg.org> \
> wrote:
> Signed PGP part
> Hi, everyone.
>
> The synchronising keyserver network has been under an intermittent flooding attack \
> for the past five days, resulting in the addition of approximately 3 million \
> obviously-fake OpenPGP keys to the SKS dataset. The fake keys are currently being \
> submitted multiple times per second via a large number of Tor exit relays, making \
> them difficult to block using normal abuse mitigations. If unaddressed, this will \
> eventually fill up the disk of all public synchronising servers.
> Effective immediately, pgpkeys.eu has been temporarily disconnected from all its \
> peers, and is blocking all key submissions. It will remain available for key \
> lookups but will not allow key updates while the flooding attack continues.
> I strongly recommend that other keyserver operators take similar measures, until a \
> more permanent solution can be deployed.
> A
["signature.asc" (signature.asc)]
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEKR55odxVrielLu+DXB7EBNWQZikFAmRCkSwACgkQXB7EBNWQ
Ziln2RAAnHwkBB1ag2rkJK253SehQG1EFFxG/U1XvmWzjIJdwsjxvNuArXMs14X4
7uKd/zOiP54gFyFR/DHXPkqhYEbSkuo7eZysBXsUO0lLPzVY6xx+vnCFgcL+Vv2/
dtkQG4UDWObDMezn5otX54NGMyclYkbpaKdvOH07EkmvqEO+cpb93Lz5pWQ/+QnB
AEf3/81c+ZNyYlJA6DSqJxpxoCNUSLkJwYaFs/dFmY5/puoxz9tBcUCrpez50mIC
1AtMbV3RnSO7oOkhrWIb3XCK89UEaWvIR3K9k9hJzVb/QyY/Yen9LF+DM7rdm0l0
d0dhPwkJHg/ns6TbCOxjAlns7+C3EEl8nBcA15Kkechldg7G9GUYvHv5xVXnNV/7
hriVahEec+zipl23CNjFiTGSIusmr3PNJb/zRtnEM8A6ArzHPupkgxY8GjpBhqzb
Gzb3CrjsO93q6V0V1zYwjQpxCbd44JtebM98u1ziBIbW3oJvkLMJ01XWiLIoXwwO
tg2/AUwikv1PLQpZ+PqId/IbYhQwhNXwDnvdLZT/sCduIaFz/LwQkCA/21ZS4aIK
SjJgvAduceDKf8VAgerWTmvoiay64vkbj8qLXz423Z1WBXkGrPKL5gN8P0EXdfHM
b6dLC7ty+bIE+QG70oyBy4uHDx7WL8/CGbtL2Txvew/E4s9wo3A=
=Q6YP
-----END PGP SIGNATURE-----
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic