Page MenuHomePhabricator

Develop tools and processes for attributing outbound cloud-vps traffic to a specific instance or user
Open, HighPublic

Description

After a run-in with a rogue bot flooding libera with requests, @Bstorm pointed out that there are ways to track down network traffic and pin it to an originating VM, at least approximately.

Let's automate that, or at least document it.

Event Timeline

Restricted Application added a subscriber: Aklapper. · View Herald Transcript

To be more specific on that, we can know what traffic is happening before it hits NAT, and the packets might let us know the destination to some extent, which may allow us to track down problematic VMs. That seems like it should be a quicker procedure than it currently is. It should require less creativity.

Andrew triaged this task as High priority.Aug 10 2021, 4:23 PM