![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Stupidity at Bluesecurity
May. 7th, 2006 01:20 pmRegarding my recent post about the DDoS on Bluesecurity, it turns out that they were being a little stupid after all. Take a look at this:
http://www.infoworld.com/article/06/05/04/78074_HNbluesecurityddos_1.html
So, Bluesecurity loses one point for actually believing the spammer's lies for not checking his claims out. I'd say that the spammer loses anohter point for lieing, but he has already hit rock bottom (and started to dig).
And SixApart got screwed over because Bluesecurity reacted to the attack in a clueless manner. :-(
http://www.infoworld.com/article/06/05/04/78074_HNbluesecurityddos_1.html
Among other things, Reshef said that “pharmamaster” claimed to have a contact at UUNET who would do his bidding. Rather than launch a denial of service attack against BlueSecurity.com, the spammer instructed the contact to alter the routing tables so that traffic from outside Israel would not reach the company's servers. Technical staff at Blue Security saw traffic to the company's site drop precipitously shortly after 4:30 p.m. local time on Tuesday, Reshef said.
But experts expressed doubts about that story.
An analysis of Internet routing records for BlueSecurity.com don't reveal any changes to the way traffic was routed to the domain in recent days, said Todd Underwood, chief operations and security officer at Renesys Corp. of Manchester, N. H., which sells Internet monitoring and analysis technology.
Instead, Blue Security appears to be the victim of a larger-than-average, but run-of-the-mill distributed denial of service attack, which has gone on unabated for around three days, said Underwood.
That jives with reports in to the Internet Storm Center (ISC), also, said Johannes Ullrich, CTO at ISC.
That should be expected, given Blue Security's confrontational approach to stopping spam, Underwood said.
"Spammers get pissed off when anti-spammers attack them directly," he said.
Blue Security couldn't do anything to avoid the DDoS attack, but Underwood was critical of the company's reaction to the attack: moving their home page to a blog hosted at Six Apart's TypePad service shortly after midnight local time on Tuesday.
So, Bluesecurity loses one point for actually believing the spammer's lies for not checking his claims out. I'd say that the spammer loses anohter point for lieing, but he has already hit rock bottom (and started to dig).
And SixApart got screwed over because Bluesecurity reacted to the attack in a clueless manner. :-(