Hi Borna/All,

I understand, and it's absolutely fine for Cloudflare Spectrum. However, my next question is whether the Arch Linux Team has an allocated budget for this solution.

If no budget is available, I recommend setting up a free-tier alternative such as Fail2Ban. This tool can help monitor known attack vectors using publicly available threat intelligence. As part of our IOC (Indicators of Compromise) strategy, we should proactively block public IPs identified through these sources within the Fail2Ban configuration.

Without implementing a mitigation solution, these DDoS attacks are likely to persist. Once such details are exposed publicly, it becomes extremely difficult to prevent further exploitation unless appropriate controls are in place within the infrastructure.

Please let me know your thoughts

Thanks

Shresth Paul

On Tue, Oct 7, 2025 at 7:04 PM Borna Punda <borna@bornapunda.com> wrote:

Greetings,

Great point; however, this applies only to HTTP applications (which the AUR isn't exclusively; it's also available over SSH). We would need something like Cloudflare Spectrum, which isn't a part of Galileo as far as I am aware.

Best regards,
Borna Punda

Oct 7, 2025, 13:53 by shresthpaul133@gmail.com:

> Hello Team,
>
> I hope you're doing well. So recently we noticed that the ARCH linux is facing a lot of DDOS attacks. What if we were to use Project Galileo to avoid these DDOS? This is completely free of cost by CloudFlare.
>
> Project Galileo | Cloudflare <https://www.cloudflare.com/galileo/>
>
> Thanks
> Shresth Paul
> Website: - > Shresth Paul | Cybersecurity Professional <https://secbyshresth.github.io/Portfolio/>
>