66
FOSS infrastructure is under attack by AI companies
(thelibre.news)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 20 Mar 2025
66 points (100.0% liked)
Technology
71226 readers
2269 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
I too read Drew DeVault's article the other day and I'm still wondering how the hell these companies have access to "tens of thousands" of unique IP addresses. Seriously, how the hell do they have access to so many IP addresses that SysAdmins are resorting to banning entire countries to make it stop?
If you get something like 156.67.234.6, then 7, then 56 etc just block 156.67.0.0/24
Sure, network blocking like this has been a thing for decades but it still requires ongoing manual intervention which is what these SysAdmins are complaining about.
fail2ban will always get you better results than banning countries because VPNs are a thing.
that said, I automatically ban any IP that comes from outside the US because there's literally no reason for anyone outside the US to make requests to my infra. I still use smart IP filtering though.
also, use a WAF on a NAT to expose your apps.
There are residential IP providers that provide services to scrapers, etc. that involves them having thousands of IPs available from the same IP ranges as real users. They route traffic through these IPs via malware, hacked routers, "free" VPN clients, etc. If you block the IP range for one of these addresses you'll also block real users.
Now that makes sense. I hadn't considered rogue ISPs.
It's not even necessarily the ISPs that are doing it. In many cases they don't like this because their users start getting blocked on websites; it's bad actors piggy-packing on legitimate users connections without those users' knowledge.