 | | The spam empire strikes back.. Well, because of the international problem, we cannot just push a complete stop against this type of DDOS.
This is practically no different than mad customers blocking the entrance to a shopping center.
Wonder if the enforcement would have been a different story if it had happened to Wal-mart's or other large e-commence on a Black Friday. (Don't bring up the mafiaboy story...) | |
|
 | | | Re: The spam empire strikes back.. Actually, maybe Google should fight spam?
The have the technology, they have the money, they can build it...
If Google, Microsoft, Yahoo, Amazon all got together to crush spam, they probably could probably do it.
I would love to see the search engines try it. Google does a pretty good job blocking spam already on Gmail. Can say across 20 Gmail accounts, I've only ever gotten 1 spam email.
Of course, if these same bunch of misfits (the Russians) want to target AOL, they have my blessing. AOL may stop some spam, but they sure like delivering it! | |
|
|  envoid
join:2002-12-21
Duluth, GA | said by SilenceGold:This is practically no different than mad customers blocking the entrance to a shopping center. But isn't it illegal to block the entrance-way from the street of any establishment? Thought they judged that against the pro-lifers and abortion clinics. | |
|
| | |
|  Jafo232You Can't Spell Democrat Without Rat.Premium
join:2002-10-17
Boonville, NY | I never understood why it is so hard to track down spammers. I mean sheesh, they GIVE you a website to go to. Go to the website, find the owner, subpeona their records, trace the spammer. All together, your talking about 4-5 hours per spammer tops.
This is seriously managable.
--
Write Your News, Find Your News At PingPost.com | |
|
| | | | Re: The spam empire strikes back.. It would depend on jurisdiction and evidence that can be gathered.
Many ISPs would not be turning over the information without the warrant (unless it's AT&T).
Remember wicked VS Steve (GRC). No ISPs were reported to be cooperating to shut down those DDOS bots that wicked used to drop the grc.com website. | |
|
| | | | said by Jafo232:Go to the website, find the owner, subpoena their records.. you lost me right there. how exactly do I subpoena records from a webhost in china? | |
|
| | | | How do I trace a spammer using a stolen credit card to buy web hosting via a proxy? | |
|
 technickPremium
join:2000-12-16
Wheat Ridge, CO
kudos:1 | Quiters... That's weak that they are just quiting like that. What the hell!?!?!?! Just give another win over to the spammers why don't you?!?!
This just pisses me off to no end... But whatever, doesn't matter what I think.
--
"Our greatest glory consists not in never falling, but in rising everytime we fall." - Confucius
Bellsouth Free Since 10/05 - To Hell With Bellsouth
Advocatus Diaboli | |
|
| Reviews:
 ·Comcast
| Re: Quiters... My guess is the cost of doing business is that the isps hosting them just don't want to deal with the trouble they are bringing to their hosts.
The only way to stop stuff like this is to get into the bot nets and start shutting them down. Until an isp starts to help with this problem by allowing us to help fight then there is no use in even fighting.
--
"It's always funny until someone gets hurt......and then it's absolutely friggin' hysterical!" | |
|
|  Combat ChuckToo Many CannibalsPremium
join:2001-11-29
Erie, PA | said by technick:That's weak that they are just quiting like that. What the hell!?!?!?! Just give another win over to the spammers why don't you?!?! It sounds like there was a good deal of collateral damage because of the DOS. Considering that spam really isn't that big of an issue in that it can be effectively dealt with, and having your network taken down is a major issue that really can't it's probably the best decision.
--
Behold the future:
The Sony Playboxwii 361.5DS | |
|
| | | But whatever, doesn't matter what I think. Truer words were never spoken | |
|
|
1 edit | The biggest weaknesses to Blue Security was:
1. It was centralized for validation
2. It is technically still a business with investors who were assuming they had some kind of real business plan
Even after employing the services of Prolexic, it seemed like they were unable to defend against the second much larger DDoS attack.
I think this quote from their CEO sums it up:
""The lesson to be learned, Reshef said, is that large ISPs and governments need to recognize that spammers are connected to criminal syndicates and that they, not a small startup, are the only ones who can shut down these networks."" | |
|
|  tsu9
join:2001-08-17
Wheeling, IL | You do know that the spammers were directly threatening BlueSec's clients, right?
It isn't as simple as "quitting." | |
|
| |  keith2468Premium,MVM
join:2001-02-03
Winnipeg, MB | Spam a bigger problem than you can imagine When you say spam is not that big a problem you are probably thinking just of the impact on students and recreational computer users.
Actually spam is a major problem costing industry as a whole and governments billions of dollars a year in wasted manpower and interrupted communications.
Information desks and sales people can't simply rely on automated spam filters, and this means going through their email piece by piece, and given the volume this means great expense, plus there is the possibility of manual error, meaning an important piece of email could be lost.
As well, spam, and how spamming is done, creates major security problems inevitably involving national security concerns, corporate security concerns, and personal identity theft concerns, as insecure software is installed without permission on victim computers to facilitate spam botnets.
The easily seen costs to ISPs of increased server and communications line needs to to the waste of spam, and support costs to aid customers infected with spam bots are merely the tip of the iceberg -- and maybe not even that.
When you understand the technical details of how it is done, and what is going one, spam really is a major organized crime and national security issue.
As far as I'm concerned, any ISP that tolerates spammers should be denied peering privileges by other ISPs.
Any country that tolerates spammers should have all its IP addresses blocked at our country's borders.
And any IT professional that aids spammers (and who do you think writes the spambot software) should be blackballed from the profession for 10 years (on a first offense).
--
(Virus&Hijacking FAQ + Submit suspected malware + Backups FAQ + Security FAQ TOC) | |
|
| | |  Rogue WolfAte Your Homework, And Framed The Dog
join:2003-08-12
Troy, NY | Re: Spam a bigger problem than you can imagine said by keith2468:Any country that tolerates spammers should have all its IP addresses blocked at our country's borders. You do realize that the U.S. is consistently ranked as one of the most prolific sources of spam Email, don't you? Would you like it if the rest of the world cut off our access?
Let's just dismantle the Internet and build a whole bunch of little intranets, one for each country. Not that it would do a thing to spam mail.
--
Non impediti ratione cogitationis.  | |
|
| | | | | | Re: Spam a bigger problem than you can imagine said by Rogue Wolf:said by keith2468:Any country that tolerates spammers should have all its IP addresses blocked at our country's borders. You do realize that the U.S. is consistently ranked as one of the most prolific sources of spam Email, don't you? Would you like it if the rest of the world cut off our access? Let's just dismantle the Internet and build a whole bunch of little intranets, one for each country. Not that it would do a thing to spam mail. This goes back to some ISPs and their "pink" contracts. Some of them should be knocked off until they deal with the problem. Even my dad's email was spoofed and MSN cut off his email.
If you blocked Comcast or Verizon because of spam bots, you would see a definite change in that they would cut off those machines that are infected and force the owners to clean it up or get kicked off. No different than the invisible caps some people deal with.
I have said for years, go after the people selling the stuff since 99% of them are scams anyway. | |
|
| | | Combat ChuckToo Many CannibalsPremium
join:2001-11-29
Erie, PA | said by keith2468:When you say spam is not that big a problem you are probably thinking just of the impact on students and recreational computer users. Let me think...a crapload of spam or people being blasted off the net.
Spam as a problem pales in comparison to having no access to the net because someone hosted at the same place as me is getting DDOS'd.
Spam is manageable, being DDOS'd is not.
--
Behold the future:
The Sony Playboxwii 361.5DS | |
|
| | Why not filter Russia? If they know the Spammer DDOS is coming from the country of Russia, why can't their peer provider simply not block that country's entire IP block space?
I find it silly that DDOS still works with such great ease and effectiveness these days and none of the connectivity providers can do jack about it.
No wonder the US Federal Government would never host a site like Blue Security, they be chicken, too. | |
|
|  TsumePremium
join:2004-02-23
Johnson City, TN | Re: Why not filter Russia? DDoS = Distributed Denial of Service.
I'm willing to bet 90% of the bogus traffic coming in was indeed NOT from Russia. | |
|
| keith2468Premium,MVM
join:2001-02-03
Winnipeg, MB | The traffic may not be, but what needs to happen is that penalties are levied against accessories and accomplices to the crimes of theft of computer services and theft of telecommunications services -- just like penalties are levied against those who participate in other crimes.
This means ISPs that fail to cut off spammers in reasonable time.
This means advertisers who use spammers.
This means countries that fail to enforce reasonable laws and hand out reasonable prison sentences to cyber criminals.
--
(Virus&Hijacking FAQ + Submit suspected malware + Backups FAQ + Security FAQ TOC) | |
|
|
b10010011Whats a Posting tag?
join:2004-09-07
Bellingham, WA Reviews:
·Comcast Formerl..
| Just goes to show you... That stooping to their level...
Reshef's Silicon Valley company, Blue Security Inc., simply asked the spammers to stop sending junk e-mail to his clients. But because those sort of requests tend to be ignored, Blue Security took them to a new level: it bombarded the spammers with requests from all 522,000 of its customers at the same time. Is not a long term soultion because the low life will always stoop lower.
Then, earlier this month, a Russia-based spammer counterattacked, Reshef said. Using tens of thousands of hijacked computers, the spammer flooded Blue Security with so much Internet traffic that it blocked legitimate visitors from going to Bluesecurity.com, as well as to other Web sites. The spammer also sent another message: Cease operations or Blue Security customers will soon find themselves targeted with virus-filled attacks.
Today, Reshef will wave a virtual white flag and surrender. The company will shut down this morning and its Web site will display a message informing its customers about the closure.
| |
|
 fireflierCoffee. . .Need CoffeePremium
join:2001-05-25
Limbo | Bad milestone So that's it then? Anyone who gets in the way of spamming and/or other illegal activities gets taken down. This would seem to set a very bad precedent. What happens if an agency of our own or another country's government goes after these people? What happens if another group tries to thwart spam? They get blown out of the water. This defeat would seem to suggest that the dark side of the internet has the upper hand and there's no obvious way to change that.
What next? DSL Reports and other forums with security info get taken down because they interfere? Damn scary if you ask me.
--
I'd kill for a Nobel peace prize! | |
|
|  ThrowDemsOutIf you can't convince 'em, confuse 'emPremium
join:2002-03-03
Mullica Hill, NJ
kudos:4 | Re: Bad milestone said by fireflier:So that's it then? Anyone who gets in the way of spamming and/or other illegal activities gets taken down. This would seem to set a very bad precedent. What happens if an agency of our own or another country's government goes after these people? What happens if another group tries to thwart spam? They get blown out of the water. This defeat would seem to suggest that the dark side of the internet has the upper hand and there's no obvious way to change that. That is what happens when organized crime organizations get involved. And in Russia they are so powerful that the state doesn't even go after them. The Russian organized crime groups have businessmen killed when they don't pay extortion over there.
--
--
Join Red Room Forum
BLOG tkjunkmail.blogspot.com
My Web Page | |
|
| keith2468Premium,MVM
join:2001-02-03
Winnipeg, MB
1 edit | Actually DSL reports and other security sites have been taken down by DoS attacks in the past.
My belief is that how hard you are taken down depends on how trouble you are creating for the bad guys. The more trouble you create for them, that they are aware of, the more severe the retribution they will try to levy against you.
By this measure Blue Security must have been on the right track. | |
|
1 edit | Fighting fire with fire "This attack really was like trying to take out a mosquito with an atomic bomb," Noss said.
Looks like they messed with the wrong guys. Not very smart of them to threaten this and not see retaliation in their future.
"We're hearing from federal law enforcement that they are getting more than one new case of online extortion each day," Paller said.
kind of like the fight against net neutrality. The second quote must be refering to the big telcos. | |
|
amungusPremium
join:2004-11-26
America Reviews:
 ·AT&T DSL Service
1 edit | wowsers just absurd, and kind of sad.
two wrongs don't make a right, they make a very upset botman I guess...
extortionate tactics are not cool...
what strikes me is how much effort has been put into the whole ddos madness. before that buzzword, there was an "online sit-in protest" against the wto site... a java client with 3 rows of 3 windows all hitting 3 wto sites... imagine networks upon networks doing this... the media quickly labeled it an attack, though a voluntary one by tons of people, and it did have an effect. once it was labeled as bad, nobody dared touch it with a ten foot pole. that was 1999... »www.fraw.org.uk/ehippies/papers/op1.html
see also: »www.metroactive.com/papers/sonom···035.html
and ddos is apparently still a major issue despite all the safeguards that have been implemented.
shame these guys caved in the fight against spam. even worse that they got shut down by threats of ddos, totally not cool.
edit: added another link for an article about previous link... | |
|
 jig
join:2001-01-05
Hacienda Heights, CA | pthpt
wussies. | |
|
 LilYodaFeline with squirel personality disorderPremium
join:2004-09-02
Mountains
1 edit | How about? 1) Some company like Blue and others, maybe the ISPs, gather a list of IPs or emails the spammers are using
2) someone makes a client that downloads this list every once in a while
3) the client sends 1 email a day to each of the entries in the list
Once enough people are using it, the amount of anti spam emails being sent out could be enough to literally kill businesses running spam based advertising...
This way, we fight evil spam, with good spam. And since it's not centralized, if someone takes down the host of the blacklist, then the current anti spam still targets the latest version of the list...
Fight botnets operators with a botnet. A botnet where members know they are part of one, and know that when the botnet starts, they might be dDoS'd back for a bit, but at least for people using DSL, cable or dialup, all it takes is a reset of your modem to get a new IP... | |
|
| |  Stop spam
1. Go after the businesses that use these spamming ads to start with. If no one is paying these less then legit companies to advertise for them them these less than legit companies wouldnt exist to start with.
2. Stop Joe Moron Email User from replying and sending money to the companies that use this form of "advertising".
I am not really sure who the brainiacs are that buy items from unsolicited emails with really bad spelling and grammar, but if they would stop giving their money away it would stop spam as well. But then door to door rip offs still occur as well. Lots of clueless people out there I suppose. | |
|
| | | Re: Stop spam said by stoppingspam :
2. Stop Joe Moron Email User from replying and sending money to the companies that use this form of "advertising".
I am not really sure who the brainiacs are that buy items from unsolicited emails with really bad spelling and grammar, but if they would stop giving their money away it would stop spam as well. But then door to door rip offs still occur as well.
I'd like it to go one step further... stop Joe Moron from owning a computer... period. It kills me that even .5% of the population would crack open an email that says 'Get VIAGRA and other pharmacuticals' (exact spelling of a spam I received days ago). | |
|
| | take them out i say track them and hunt them down. if let these people spam and do what they want, they'll walk over us in no time, if were willing to to wage war on terror but let people cause major problems on then internet. you know what Never mind. soon enough people wont care. and leave them unchecked | |
|
| | | Time to go old school. Isn’t Blue Security an Israeli company? Why not just have them ask the Mossad to out and deal with the spammer the old fashioned way?
If the government won’t go after the spammers, maybe it’s time for a lynching. | |
|
 nixenRockin' the BoxenPremium
join:2002-10-04
Alexandria, VA | Interesting Read... Over at »q.queso.com/archives/security/main. While Blue Security was fighting spammers, both their methods for doing so and their methods of trying to defend themselves from the retailiation were a bit scummy. Net/net of all this is that it may not be so bad that Blue Security's gone (assuming the Queso article is accurate).
-tom
--
"Experience should teach us to be most on our guard to protect liberty when the government's purposes are beneficial. The greatest dangers to liberty lurk in insidious encroachment by men of zeal, well meaning but without understanding." -Louis D Brandeis | |
|
|
|
·
·