mastodon.me.uk is one of the many independent Mastodon servers you can use to participate in the fediverse.
Open, user-supported, corporation-free social media for the UK.

Administered by:

Server stats:

499
active users

@amcewen We're still curious about attack scenarios that interact with this draft. Was this a Simple Amplification Attack or was anything more fancy involved? Would the system also have been flagged as a DDoS amplification vector if it had adhered to the RFC9175 2.4 item 3 numbers and sent (depending on what your 60/540 bytes include) 136 bytes plus UDP/IP headers?

@chrysn Ah, thanks for getting in touch! Wasn't sure who/where to report this more widely.

It was a simple attack, and the 60/546 includes the IP packet and ethernet frame. It was a repeated GET request for '/', plus a 5 byte random trailer in the UDP payload.

I've got a wireshark dump of a bunch of traffic, if that's useful?

I'll have a read of RFC9175 now.

@chrysn now I've read RFC9175 (got sidelined the other day, and we'd mitigated the attack by then) it would have been flagged as DDoS amplification.

I've also raised it with Thingsboard, to hopefully get it plugged/improved upstream.