DOS in progress ?

Marshall Eubanks tme at
Thu Aug 6 23:06:16 CDT 2009

On Aug 6, 2009, at 10:26 PM, Bill Woodcock wrote:

>      On Thu, 6 Aug 2009, Marshall Eubanks wrote:
>> Mr. Woodcock said this
>> particular attack consisted of a wave of spam e-mail messages,  
>> which began
>> infiltrating Twitter
> Uh...  Yes, well, the gist of my explanation of how joe-jobs work  
> may have
> eluded the reporter, but the point I was trying to get across was  
> that I
> was aware of a joe-job, but not aware of a botnet.

Pity he just couldn't have used the phrase. It would have cleared it  
up some for me at least.

>> While I certainly trust PCH, I would be curious as to the evidence  
>> for
>> this.
> Google "cyxymu" and you should begin to see copies of the joe-job  
> spam, as
> well as the earlier and archived postings this guy has made in the  
> past.
> These URLs may be of interest, if you're really curious about the  
> politics
> behind the attack:

> Note that this is a deeply-layered conflict, with both sides trying to
> pass off actions as those of the other, and I don't know of anyone  
> who's
> asserted that they have any means of determining whether this was a
> Georgian attack on an Abkhazian blogger, or a Russian or Abkhazian
> faux-martyring of an Abkhazian blogger that few people cared about
> yesterday, but who will have his seven minutes of fame in tomorrow's
> press.

Given that the start of major hostilities there was 1 year ago today  
(the Georgian bombing and attack on Tskhinvali) and the war continued  
for 6 more days (until August 12th) I would not be surprised if there  
was more mischief in store. Let's hope this doesn't become a tradition.

Thank you for the information.


> I don't have an opinion on the matter, and I don't think many in our
> community will probably take any interest in the underlying politics.
> What matters is that smart people in our community at Google and  
> SixApart
> and Twitter communicated and coordinated quickly and effectively, and
> established a lot of connections that will serve them well in  
> responding
> to things of this sort again in the future.  INOC-DBA and NSP-Sec  
> and the
> Anti-Spam list all got a workout today, and they all functioned  
> exactly as
> they were intended to.
>                                -Bill

More information about the NANOG mailing list