[ISN] Blue Security offloads DoS attack onto blogs

From: InfoSec News (isn@private)
Date: Thu May 04 2006 - 22:26:23 PDT


By John Leyden 
4 May 2006 

A denial of service attack against Blue Security, distributors of a
controversial anti-spam system, has taken the firm's site offline.  
Mistakes in the firm's response to the attack are been linked to a
traffic flood that took numerous blogs offline too.

Blue Security has established a 'Do Not Intrude Registry' (akin to the
Do Not Call Registry for telemarketing) with around 450,000 members.  
Participants download a small tool, called Blue Frog, which
systematically flood the websites of spammers with opt-out messages.  
Depending on your point of view, this initiative can either be viewed
as community action or vigilantism.

Earlier this week members of the Blue community received aggressive
spam messages from an unknown group in an attempt to intimidate users
into dropping out of Blue Security's network. Ordinary punters who had
nothing to do with Blue Security also received the same messages
proving, if proof were needed, that the belligerent junk mail campaign
was a scatter-shot affair.

This campaign of intimidation was followed by a denial of service
attack against Blue Security's website on Wednesday. Posts in the
North American Network Operators Group mailing list report that during
the ongoing attack traffic heading for bluesecurity.com was offloaded
to the firm's TypePad-hosted weblog, bluesecurity.blogs.com. This
configuration change is blamed for taking the website of blogging
outfit Six Apart, which runs TypePad and Live Journal, offline too
leaving the information superhighway temporarily bereft of the
outpourings of numerous bloggers.

Six Apart, rather gallantly, has been careful not to blame Blue
Security but others have criticised the latter firm for redirecting
the flood it was receiving. Six Apart restored services to normal
early on Thursday morning while Blue Security's website was still
unavailable by tapas time on Thursday.

A spokeswoman for Blue Security confirmed that its site was under
attack. She added that the firm regretted making configuration
changes, since amended, that hit Six Apart's services. 

Attend the Black Hat Briefings and
Training, Las Vegas July 29 - August 3
2,500+ international security experts from 40 nations,
10 tracks, no vendor pitches.

This archive was generated by hypermail 2.1.3 : Thu May 04 2006 - 22:54:03 PDT