ChanServ changed the topic of #freedesktop to: https://www.freedesktop.org infrastructure and online services || for questions about freedesktop.org projects, please see each project's contact || for discussions about specifications, please use https://gitlab.freedesktop.org/xdg or xdg@lists.freedesktop.org
ximion has joined #freedesktop
jarthur has quit [Read error: Connection reset by peer]
ximion has quit []
kchibisov has quit [Read error: Connection reset by peer]
kchibisov has joined #freedesktop
bluepenquin has joined #freedesktop
Rainer_Bielefeld has joined #freedesktop
alanc has quit [Remote host closed the connection]
<bentiss>
jumping on one running with that SSH: xmrig is using all CPU, and it seems like crypto :(
danvet has joined #freedesktop
<bentiss>
daniels: I cleaned up those users but I kept "sarthakroy2002" as banned, this seemed to be the initiator of this idea, as others were just forking from his tree.
<bentiss>
you can have a look, it's a dumb project
<bentiss>
fortunately, it seems they only started to use ours servers for the past 2 days
<bentiss>
ifreund: I made a gitlab upgrade this morning, so it must be related somehow
<bentiss>
ifreund: that's weird, you're the only one having this issue in the past hour... Or maybe that's because only wlroots work on a Sunday morning :)
<ifreund>
hah, could be :D
<ifreund>
thanks for taking a look
<bentiss>
sigh, the "ssh" guys are coming back, I wonder if I should not disable registration for a while
<bentiss>
let me restart gitaly-2 for the wlroots issue
<bentiss>
ifreund: seems better now
<bentiss>
daniels: I migrated gitaly-2 out of large-6, and that solved the issue. I'm going to reboot this node so other pods don't get the same issue
<ifreund>
bentiss: indeed, thanks!
<ifreund>
Not only wlroots is working sunday morning, fd.o admins are too :P
<bentiss>
heh :)
<bentiss>
I just happened to remember that there was a pending security upgrade, so I figured I should do it while everybody was *not* working :)
<bentiss>
Apologies for the inconvenience, but we are having script kiddies running crypto on the runners, so I enabled account validation by admins before people can use a brand new gitlab account
Rainer_Bielefeld has quit [Remote host closed the connection]
* bentiss
wonders if we should not report https://github.com/Sushrut1101, because those guys just used their github identity to login to gitlab.fdo
jstein has joined #freedesktop
Rainer_Bielefeld has joined #freedesktop
<ishitatsuyuki>
feels more like a case for C&D, although it costs more for sure
<bentiss>
anyway, I've reported that person to github, we'll see if they take any action
<bentiss>
ishitatsuyuki: problem is I tried to have a quick look at the IPs, and they are from various different countries, so either one person with a bot-net, either multiple persons "playing" together
<ishitatsuyuki>
that's annoying indeed
<bentiss>
the point I don't really understand is that if that person was really dumb or just got his/her account hacked -> they actually use the same github account that seems legit
<bentiss>
though with some "free SSH machine in the cloud" kind of projects
ximion has joined #freedesktop
hikiko has quit [Remote host closed the connection]
<bentiss>
robclark, daniels, anholt: can any of you ban that user? this doesn't seem legit. even though 'neutron' almost seems ok but that ses like a waste of resources anyway
<robclark>
sure, how does one do that?
<bentiss>
(still away from home for a few hours)
<bentiss>
robclark: in the admin panel, bring the user and click the three dots in the top right, then ban
<robclark>
ok, think I figured it out
<bentiss>
cool thanks
<robclark>
np
___nick___ has quit [Ping timeout: 480 seconds]
Rainer_Bielefeld has quit [Remote host closed the connection]
jstein has quit [Remote host closed the connection]