Page 2 of 2
But experts expressed doubts about that story.
An analysis of Internet routing records for BlueSecurity.com don't reveal any changes to the way traffic was routed to the
domain in recent days, said Todd Underwood, chief operations and security officer at Renesys of Manchester, N. H., which sells
Internet monitoring and analysis technology.
Instead, Blue Security appears to be the victim of a larger-than-average, but run-of-the-mill distributed denial of service
attack, which has gone on unabated for around three days, said Underwood.
That jives with reports in to the Internet Storm Center (ISC), also, said Johannes Ullrich, CTO at ISC.
That should be expected, given Blue Security's confrontational approach to stopping spam, Underwood said.
"Spammers get pissed off when anti-spammers attack them directly," he said.
Blue Security couldn't do anything to avoid the DDoS attack, but Underwood was critical of the company's reaction to the attack:
moving their home page to a blog hosted at Six Apart's TypePad service shortly after midnight local time on Tuesday.
That brought the wrath of "pharmamaster" to TypePad and Six Apart's other services, which were knocked offline by a denial
of service attack for about seven hours.
A company spokeswoman for Six Apart confirmed the attack, but said Six Apart would not discuss steps that were taken to end
the attack.
"That was not friendly, nor was it clever. It's not a good way to mitigate a denial of service attack," she said.
Reshefsaid he is taking steps to move his domain over to a hosting provider who is capable of withstanding DoS attacks, but
denies that his company's Do Not Intrude list brought the attacks down on his head.
"This has nothing to do with Blue Security. We're a solution to spam that's working. This guy is very desperate and he's willing
to rip apart the Internet to stop (us)," he said.
For more enterprise computing
news, visit Infoworld.com Copyright © 2006
InfoWorld Media Group, Inc.
