Comments on: Blue Security gets spammer testimonial

by: lurkingknight

Sun, 07 May 2006 04:22:52 +0000

I have been a member of blue frog since january. For the first 2 months there was no change in spam volume, hovering about 30-40 a day. Before this attack was carried out, the spam volume was down to 5-6 a day.

For the frog to work, you need to let the application and community propogate your email address out to the spammers. It won’t happen instantaneously, but there is a spam volume tracker on the blue frog website that tracks how many spams you report.

People are blaming Blue Security for redirecting the attack to an old SixApart blog , but you have to understand that someone in a very high position disconnected Blue Security’s main website from the rest of the internet. While this was occuring almost all of the support servers from Blue Security were knocked out. Up until an hour AFTER Blue changed their domain to point to the blog there was no dDoS on bluesecurity.com

It was only after the change that the attack came. I suspect that the dns unlinkage was the primary attempt at disabling the services of Blue Frog, but when they switched to the blog to let their users know what was going on, the spammer probably put a backup plan into effect that started the dDoS, OR that he had planned to do it all along, but the timing was too difficult to pull off in conjunction with the attacks on the support servers.

Blue Frog works and spammers are scared. Whoever does not back down is in the path of a rapidly growing community that is very angry at having to deal with so much junk in their mail boxes.

by: Administrator

Fri, 05 May 2006 10:50:25 +0000

Keep in mind they also got slashdotted, which would bring most normal websites down within minutes. But if they did in fact DDOS Blue Security, that’s of course despiccable.

by: Amm

Fri, 05 May 2006 05:32:46 +0000

http://www.channelregister.co.uk/2006/05/04/blue_security_dos_flak/

This attitude shows that the www is now controlled by somebody who is capable of performing a massive DDoS.
This article gives me a bade taste, why blaming Blue Security and not the group performing this DDoS?
All energy should be used to show up this DDoS performer, instead of blaming the group who irritaded him.

by: My0

Thu, 04 May 2006 23:31:24 +0000

This Blue Security attack continued to snowball. Livejournal was knocked offline for several hours yesterday because Blue Security redirected their domain to its livejournal blog. Some larger US based ISPs were affected by this DDoS as well, but I cannot locate that link right now.

http://news.com.com/Cyberattack+knocks+millions+of+blogs+offline/2100-7349_3-6068344.html?tag=st.rn

Netcraft has some interesting news too:
http://news.netcraft.com/archives/2006/05/03/ddos_on_blue_security_blog_knocks_typepad_livejournal_offline.html

by: Watching Them, Watching Us

Thu, 04 May 2006 20:07:30 +0000

This atrticle in The Register shows that Blue Security managed to ineptly knock Six Apart’s web hosting services offline.

http://www.channelregister.co.uk/2006/05/04/blue_security_dos_flak/

Blue Security offloads DoS attack o”nto blogs
By John Leyden 4 May 2006 16:18

Junk mail registry cops flak

A denial of service attack against Blue Security, distributors of a controversial anti-spam system, has taken the firm’s site offline. Mistakes in the firm’s response to the attack are been linked to a traffic flood that took numerous blogs offline too.

[…]”

by: Some Dude

Wed, 03 May 2006 21:34:40 +0000

My0,

Unfortunately NANAE getting slammed is nothing new, happens most of the time. In this case it’s hipcrime issuing crap because life has been unfair to him, he didn’t get enough hugs, etc.

by: ilikagoodfight

Wed, 03 May 2006 21:19:25 +0000

You know after using blue frog for several months I’ve seen my spam decline to a mere trickle maybe a handfull of spams every few days A few days ago I started seeing a dramatic increase in spam. At least now I have something worth reporting and I’m enjoying the sense of being able to contribute to the fight against spam and being able to see the act of desparation being shown by spammers. The way I see it bring it on, you’re just giving me more spam to report and blue frog makes it soooo easy.

by: glo

Wed, 03 May 2006 14:19:58 +0000

Okay, I understand now. I might even sign up, though I don’t get much spam anymore.

Thanks!

by: My0

Wed, 03 May 2006 12:59:30 +0000

I am new to Blue Security and my reporting agent has worked fine uninterrupted. Its website is now accessible, but I think it is intermittent. http://community.bluesecurity.com/ If you go there, you will see a blog entry with over 60 replies.

Also to note, someone or someone’s script has posted hundreds of nonsense posts on the newsgroup NANAE. http://groups.google.com/group/news.admin.net-abuse.email?lnk=lr&hl=en
I have never seen that happen before, but then again, I am not a regular reader of NANAE.

by: Dylan

Wed, 03 May 2006 04:59:37 +0000

glo

BlueSec sends a maximum of one opt-out request per spam reported. This is not a DDOS. It is a semi-automated unsubscribe request.

Also, these only go to the sites of spammers after careful analysis. It is not automatic, and not every message received generates such an action. Many are reported directly to the FSA, FBI, software vendors, etc instead.

This is unlike the DDOS attack on bluesecurity.com today, which is largescale, directed, and clearly illegal. As well as pointless.