http://www.channelregister.co.uk/2006/05/04/blue_security_dos_flak/ By John Leyden 4 May 2006 A denial of service attack against Blue Security, distributors of a controversial anti-spam system, has taken the firm's site offline. Mistakes in the firm's response to the attack are been linked to a traffic flood that took numerous blogs offline too. Blue Security has established a 'Do Not Intrude Registry' (akin to the Do Not Call Registry for telemarketing) with around 450,000 members. Participants download a small tool, called Blue Frog, which systematically flood the websites of spammers with opt-out messages. Depending on your point of view, this initiative can either be viewed as community action or vigilantism. Earlier this week members of the Blue community received aggressive spam messages from an unknown group in an attempt to intimidate users into dropping out of Blue Security's network. Ordinary punters who had nothing to do with Blue Security also received the same messages proving, if proof were needed, that the belligerent junk mail campaign was a scatter-shot affair. This campaign of intimidation was followed by a denial of service attack against Blue Security's website on Wednesday. Posts in the North American Network Operators Group mailing list report that during the ongoing attack traffic heading for bluesecurity.com was offloaded to the firm's TypePad-hosted weblog, bluesecurity.blogs.com. This configuration change is blamed for taking the website of blogging outfit Six Apart, which runs TypePad and Live Journal, offline too leaving the information superhighway temporarily bereft of the outpourings of numerous bloggers. Six Apart, rather gallantly, has been careful not to blame Blue Security but others have criticised the latter firm for redirecting the flood it was receiving. Six Apart restored services to normal early on Thursday morning while Blue Security's website was still unavailable by tapas time on Thursday. A spokeswoman for Blue Security confirmed that its site was under attack. She added that the firm regretted making configuration changes, since amended, that hit Six Apart's services. ® _________________________________ Attend the Black Hat Briefings and Training, Las Vegas July 29 - August 3 2,500+ international security experts from 40 nations, 10 tracks, no vendor pitches. www.blackhat.com
This archive was generated by hypermail 2.1.3 : Thu May 04 2006 - 22:54:03 PDT