Freenode has very recently been under DDoS attack[1] and has been dealing with them for at least a year or more[2]. It seems likely that they're getting the same government treatment as Quakenet. Given that Freenode hosts channels for many open source projects, these attacks aren't just annoying bystanders, they're potentially affecting the progress of our technology.
"It seems very likely that they're getting the same government treatment as Quakenet" is not a conclusion that can be drawn from this blog post or the leak. My understanding based on what I read is that "Anon IRC" is on its own network and QuakeNet has nothing to do with anything except apparently relishing any opportunity to publish a political op-ed. IRC servers (and their users) have been DDOSed from the dawn of time by anyone and everyone.
To put it another way - when a body is found in the woods, you don't instantly jump to the conclusion that it must have been government drones because the government is using drones to kill people in Yemen.
Most DDoS attacks directed at IRC networks are not government related. IRC networks have a long and proud history of being one of the most DDoS-prone targets on the internet.
To my understanding to take down an IRC server doesn't even need to be a DDOS (Distrubuted Denial of Service) AKA multiple of computers and connections. One good DoS (Denial of Service) AKA one computer one connection, is all it takes to take it down.
It's a matter of bandwidth. If a single malicious actor can clog the the IRC server's uplink on the internet facing side of their firewall yes, otherwise no.
It's probably the case that lots of people try that, but unless the IRC server(s) are being hosted on their home network then I doubt one or two computers could bring a whole IRC network down.
That's not at all a given. I distinctly recall, for instance, DALnet being the target of crippling DDoS attacks ~15 years ago. IRC servers are incredibly vulnerable in this particular regard.
IRC servers form a spanning tree which makes it really easy to split an IRC network in two. I think this is the protocol's main weakness which should be addressed somehow. It's difficult without overcomplicating the protocol though.
I think that model oversimplifies it a bit, though for some implementations you're correct.
Often however IRC servers are either a hub or leaf. A hub accepts no user traffic directly and its IP address does not need to be publicly known. That makes it difficult to split the network since only the leaf addresses are known to an attacker.
As for the leaf servers, you can prioritize traffic between the leaf and hub over the traffic between the leaf and its users. You can also have them travel over different peers (most of the servers in the network I have experience with are multi-homed). Usually DoS attacks then manifest themselves as a large number of users timing out from their leaf server. Many IRC clients will attempt to connect to other known leaf servers when they cannot reconnect to the one that dropped them, meaning they get back onto a healthy leaf.
An attacker would then need to be able to saturate all (or at least most) of the leaf servers to take down the network. In my experience IRC servers run on networks that far exceed IRC's requirements and taking down all leafs at once would be a tall order for all but the largest botnets.
There have also been anycast IRC implementations which I don't have experience with, but I imagine they would mitigate most simple DoS attacks.
I think you are confusing the use of IRC networks to systematically start a DDoS attack with a bunch of sleeping malware hanging inside an arbitrary channel.
ISPs generally block them because they attract DDoS attacks like flies on... Rice. Attacks have collateral damage to other customers, and consumes a lot of support resources.
Just exactly what purpose would the government be serving by DDoS'ing freenode? I would think if they wanted to spy on us they would want the servers up and running and everyone able to connect so they can monitor. Killing the servers just disconnects everyone and if they continue to do it people will find other places, likely more than 1.
>Given that Freenode hosts channels for many open source projects, these attacks aren't just annoying bystanders, they're potentially affecting the progress of our technology.
Some Minecraft servers I know have been getting DDoSed too. I wonder if they are using IRC for the chat backend, and if that is just getting his by these same things?
To put it another way - when a body is found in the woods, you don't instantly jump to the conclusion that it must have been government drones because the government is using drones to kill people in Yemen.