Re: Multi ISP DDOS

North American Network Operators Group

Re: Multi ISP DDOS

From: william(at)elan.net
Date: Thu May 04 19:18:50 2006

On Thu, 4 May 2006, Martin Hannigan wrote:

At 11:15 AM 5/3/2006, John Levine wrote:
>Uh. Who let the Frog out?
>
>http://www.wired.com/news/technology/internet/0,70798-0.html?tw=rss .technology

It's all explained here:

http://weblog.johnlevine.com/2006/05/03
And this just hit wires with quotes from Renesys and SANS ISC.

http://www.infoworld.com/article/06/05/04/78074_HNbluesecurityddos_1.html

I hate to be the bearer of bad news to spammers :) but based on
bluesecurity's tactics I can make a guess about attitude of their
people and its such that DoS attack on them will only cause them
more determination to continue and I suspect to majority of their users as well (and publicity is also likely to bring them more users).

Moving the site to TypePad was incorrect way of dealing with attack
though; but its actually not the first time I've heard of the site
using a blog as temporary page while their primary site is down due
to DoS... - some education on what blogs are good for is in order.
But as it is looks like bluesecurity is moving to prolexic which
claim to deal with just such situations.

--
William Leibzon
Elan Networks
[email protected]

Follow-Ups:
- Re: Multi ISP DDOS Martin Hannigan

References:
- Re: Multi ISP DDOS Martin Hannigan
- Re: Multi ISP DDOS Martin Hannigan