At 07:16 PM 5/4/2006, william(at)elan.net wrote:
On Thu, 4 May 2006, Martin Hannigan wrote:
At 11:15 AM 5/3/2006, John Levine wrote:
Uh. Who let the Frog out?
http://www.wired.com/news/technology/internet/0,70798-0.html?tw=r ss .technology It's all explained here: http://weblog.johnlevine.com/2006/05/03
And this just hit wires with quotes from Renesys and SANS ISC.
http://www.infoworld.com/article/06/05/04/78074_HNbluesecurityddos_1.html
I hate to be the bearer of bad news to spammers :) but based on bluesecurity's tactics I can make a guess about attitude of their people and its such that DoS attack on them will only cause them more determination to continue and I suspect to majority of their users as well (and publicity is also likely to bring them more users).
Moving the site to TypePad was incorrect way of dealing with attack though; but its actually not the first time I've heard of the site using a blog as temporary page while their primary site is down due to DoS... - some education on what blogs are good for is in order. But as it is looks like bluesecurity is moving to prolexic which claim to deal with just such situations.
I hate to be the bearer of bad news to BS' VC's, but BS moving their DNS to UltraDNS and hosting to Prolexic was likely not part of the business plan. "They ain't cheap". The spammers can now theoretically force them to spend all time and all their money responding to attacks. The killer here is that they asked a lot of people a year ago whether this was a good idea and everyone said no. Read John Levine's blog and pointer to a few of his previous articles. He wasn't the only person they asked. There's a WHOLE lot more to this than is public. Spammers: 2 Blue Security: 0 NANOG: -2 (vigilante time sink) -M< -- Martin Hannigan (c) 617-388-2663 Renesys Corporation (w) 617-395-8574 Member of Technical Staff Network Operations hannigan@renesys.com