Spam War Takes Out Blog Services 315
munchola writes "Following on from the story about spammers attacking Blue Security's anti-spam system, CBR is reporting that Six Apart, which runs the popular LiveJournal and TypePad blogging services, has become a collateral victim. Six Apart told its millions of bloggers it had experienced 'intermittent and limited availability for TypePad, LiveJournal, TypeKey, sixapart.com, movabletype.org and movabletype.com', before resolving the issue in the early hours of Wednesday. '[The spammers are] trying to rip apart the internet just to make our community stop fighting back against spam,' Blue Security's chief executive Eran Reshef said, adding that he knows who's behind the attack."
Self-hosting (Score:3, Informative)
While Blogger eventually added a captcha to solve the problem (after being non-responsive to support requests), it left a bad taste in my mouth. It was at that point that I decided to go self-hosted. I've never looked back. For the cost of a cheap hosting provider, you can setup a Wordpress installation that looks better, is more feature-rich, and automatically queues suspcious messages rather than allowing them to pass through. So while my site could be DDOSed if it was specifically targetted, it can't be overloaded with spam or used to take down other bloggers.
Re:Guilty of what? (Score:3, Informative)
If I were SixApart, I'd sue the fuck out of Blue Security for deliberately DDOSing them.
Re:Fighting abuse with abuse is bad (Score:3, Informative)
I'm not so sure - read the last paragraph of the article: It seems a little...vague.
I'm thinking there's at least the possibility that Blue Security's 'swamping' program is being used against them (hitting some innocent bystanders on the way).
Even if that's not the case here, it's certainly possible for someone malicious to subvert Blue Security's agent in such a manner.
Re:Shifting attack (Score:5, Informative)
Also, the spam reports that are sent out are sent from a proxy type email address. My normal address wouldn't show up, but username@reports.bluesecurity.com is where it would come from.
Personally, I see nothing wrong with sending 1 unsubscribe request per piece of spam I get. BlueSecurity has just automated this method so I don't have to take the time, and they also handle escalation to the proper authorities if the situation isn't resolved.
If the spammer perceives getting 1 unsubscribe request per spam he sends a DDOS attack then I would think the best course of action would be not to send to those people. Heck, we are the ones who wouldn't buy anything from them anyway.
Also, based on what I have read in the blog itself (when it was still accessible) it was a user in the comments that suggested redirecting the site and error pages to the blog so users would at least have some clue what was going on. It's likely they took the advice without contemplating the potential outcome.
Re:Blame fest (Score:5, Informative)
" Isn't it just another DDOS blame fest when in reality its just the news spreading around the world and all the collective users of all the collective news sites are clicking the links to try to read the story?"
No. Here's what happened:
Believe me, TypePad gets Farked/Dugg/Slashdotted every day. They can handle the normal traffic spikes. This was deliberate, and it was well documented.
"We are all guilty of assisting this DDOS attack. shame on us."
A drop in the ocean. TypePad can absorb these sorts of things. Make no mistake: TypePad was taken down by a deliberate, coordinated DDOS attack.
Re:Best way to eradicate spammers (Score:3, Informative)
You don't honestly believe that do you?!?!
Most spam (in the true sense of the word) IS ALREADY ILLEGAL in that it is fraud.
Spam doesn't operate in a vacuum. There is profit to the ISP hosting spam sites as well as the email accounts of known spammers. Add to that the security exploited machines and it makes email unusable.
To put it in the words of spamhaus.org:
"Although all networks claim to be anti-spam, some network executives factor revenue made from hosting known spam gangs into corporate policy decisions to continue to sell services to spam operations. Others simply decide that closing the holes in their end-user broadband systems that allow spammers access would be too costly to their bottom lines."
In short, if the ISPs were forced to be held accountable for what is on their network, THEN maybe they would take it seriously.
B.
Tucows services still recovering from DDoS (Score:3, Informative)
Ha! All of Tucows services, including the managed dns and email defense services were completely down most of yesterday. The managed DNS service is still impaired until the new IPs of ns1.mdnsservice.com and ns2.mdnsservice.com propagate (they just this morning changed the TTL to 1200 secs %-).
status.tucows.com
Managed DNS Service Degraded Performance - restore time is currently unknown Beginning at approximately noon Wednesday May 3rd the Tucows network was under a severe DDOS attack. To stop the attack, we have changed the IP addresses of the servers. If you are using IP addresses in order to connect to MDNS, you will have to update your records. Also, any nameserver with a long TTL should be updated in order to use the new info. Next Update Time:15:20 UTC, 04 May 2006",/i>
Re:Fighting abuse with abuse is bad (Score:3, Informative)
Then he/she/it sent the people on this resulting list a lot of threatening emails, implicating a breach of BS's security, when in truth nothing like this had to have happened. The people who got "compromised" were already on the spam lists anyway.
The rest is just a DDoS attack, nothing about that reflects on BS's security one way or the other.
Re:Shifting attack (Score:2, Informative)
I signed onto this about five days before the war began. I just hope they get it back up and running again soon. I think critical mass could be reached with all the publicity they've gotten.