Page 2 of 2
But the speed at which the company folded following the DoS attacks suggests that it was ill-prepared to deal with the consequences
of attacking spammers directly, said Todd Underwood, chief operations and security officer at Renesys, a Manchester, N.H.-based
Internet monitoring company.
"Spammers have a history of launching massive attacks against those who try to stop them," Underwood said. While others have
taken precautions against such attacks by building more redundancy into their networks, Blue Security appears to have been
"woefully under-prepared for the things that happen when you attack spammers," he said.
More importantly, the incident is an alarming reminder of how the vast botnets available to spammers for sending bulk e-mail
can be easily used to launch devastating attacks, said John Levine, chair of the Internet Anti-Spam Research Group.
The attacks against Blue Security caused serious disruptions for five service providers who were hosting the company's servers.
It also interrupted service at Tucows Inc., a major provider of core DNS services based in Toronto. Thousands of blogs being
hosted by San Francisco-based Six Apart were also knocked offline after PharmaMaster launched a DoS attack against a server
hosting a Blue Security blog. In an interview following the attacks, company CEO Eran Reshef said the attacks appear to have
been carried out with the help of someone within a large Internet Service Provider.
The fact that this sort of disruption can be caused because of a "grudge match" between two people is scary, Levine said.
"It points to a fundamental security weakness of the Internet," Levine said. With spammers operating at will from a number
of countries, the issue of stopping them is something that people are going to have to think about from both a legal and technical
standpoint, he said.
For more enterprise computing news, visit Computerworld online. Story
copyright © 2006 Computerworld, Inc. All rights reserved.
