Multi ISP DDOS

william(at)elan.net william at elan.net
Thu May 4 23:16:30 UTC 2006


On Thu, 4 May 2006, Martin Hannigan wrote:

> At 11:15 AM 5/3/2006, John Levine wrote:
>> >Uh. Who let the Frog out?
>> >
>> >http://www.wired.com/news/technology/internet/0,70798-0.html?tw=rss 
>> .technology
>> 
>> It's all explained here:
>> 
>> http://weblog.johnlevine.com/2006/05/03
>
> And this just hit wires with quotes from Renesys and SANS ISC.
>
> http://www.infoworld.com/article/06/05/04/78074_HNbluesecurityddos_1.html

I hate to be the bearer of bad news to spammers :) but based on
bluesecurity's tactics I can make a guess about attitude of their
people and its such that DoS attack on them will only cause them
more determination to continue and I suspect to majority of their 
users as well (and publicity is also likely to bring them more users).

Moving the site to TypePad was incorrect way of dealing with attack
though; but its actually not the first time I've heard of the site
using a blog as temporary page while their primary site is down due
to DoS... - some education on what blogs are good for is in order.
But as it is looks like bluesecurity is moving to prolexic which
claim to deal with just such situations.

-- 
William Leibzon
Elan Networks
william at elan.net



More information about the NANOG mailing list