TypePad Hit By DDoS Aimed At Blue Frog

Available from CrossTec, Activeworx Security Center includes new features for meeting SOX and HIPAA compliance requirements, improved tools for forensic investigation, and much more.

Top Security News

Politician Sues Google Over Child Porn Ads
Jeffrey Toback, a member of the Nassau County Legislature on Long Island, filed a 16-page complaint against Google in New York State Supreme Court...

Blue Frog Spam War Escalates
A Russian spammer claimed he possesses the email addresses of everyone using Blue Security's anti-spam Blue Frog software and threatened to...

Mac Security Reputation 'is In Tatters'
The SANS Institute released its spring update of the top 20 Internet security vulnerabilities...

Friday: 05.05.06

The Blue Frog fight with a Russian spammer claimed an innocent bystander. TypePad and other sites operated by Six Apart came under attack from a sophisticated DDoS, the company posted on its blog.

Michael Sippey wrote in that entry how Six Apart was being affected by the DDoS, which began on May 2nd:

Since approximately 4:00 pm Pacific Daylight Time, Six Apart has been the victim of a sophisticated distributed denial of service attack. This has affected all of Six Apart's sites, causing intermittent and limited availability for TypePad, LiveJournal, TypeKey, sixapart.com, movabletype.org and movabletype.com.

After nearly twelve hours, Six Apart finally sounded the "all clear" and set their network status back to green. However, it appears Six Apart never should have been victimized in the first place.

Available from CrossTec, Activeworx Security Center includes new features for meeting SOX and HIPAA compliance requirements, improved tools for forensic investigation, and much more.

In a lengthy blog post, Jason Levine wrote that Six Apart's woes could be laid at the feet of Blue Security, the Israeli firm that developed the Blue Frog anti-spam tool.

Blue Frog floods spammers with opt-out or complaint messages when they email users who are members of the Blue Frog Registry. One particularly persistent Russian spammer has been retaliating against the company with those DoS attacks; in fact, Blue Security is completely unavailable as of press time.

Levine thinks Blue Security was responsible for the whole mess. So why did this happen? Levine explained on his blog:

Because according to a post on the North American Network Operators Group mailing list, at some point yesterday the people at Blue Security decided that the best way to deal with the attack was to point the hostname www.bluesecurity.com to their TypePad-hosted weblog, bluesecurity.blogs.com. This effectively meant that the target of the attack shifted off of Blue Security's own network and onto that of Six Apart, and did so as the direct result of a decision made by the folks at Blue Security.

Judging from the outage, it's unlikely that Blue Security gave them any warning...

About the Author:
David Utter is a business and technology writer with WebProNews and SecurityProNews.

About SecurityProNews
SecurityProNews is updated in real time with vital internet security alerts, news and in-depth articles for IT Managers. SecurityProNews understands that IT Management Begins With Security.

SecurityProNews is brought to you by:

SecurityConfig.com	NetworkingFiles.com
ITmanagementNews.com	NetworkNewz.com
DatabaseProNews.com	SQLProNews.com
ITcertificationNews.com	SysAdminNews.com
LinuxProNews.com	WirelessProNews.com

Advertising

Newsletters

Corporate Info

Site Map

Support

email newsletter.

SecurityProNews is part of the iEntry Inc. Network of sites and newsletters.