Spammers declare war on spam blockers?

[Dave Farber <dave () farber net>]

> Date: Thu, 28 Aug 2003 13:49:18 -0700
> From: "Robert J. Berger" <rberger () ibd com>
> Subject: Spammers declare war on spam blockers?
> To: Dave Farber <dave () farber net>, Dewayne Hendricks <dewayne () warpspeed com>
>
> Saboteurs hit spam's blockers
> http://www.boston.com/news/nation/articles/2003/08/28/saboteurs_hit_spams_bl
> ockers/
>
> By Hiawatha Bray, Globe Staff, 8/28/2003
>
> Internet vandals have found a new target: a group of online services that
> seek to block billions of unwanted spam e-mail messages.
>
> The services, called "blocklists," are used by many Internet providers and
> major corporations to shield e-mail recipients from overwhelming amounts of
> junk mail. Subscribers link their e-mail servers to the blocklist, which
> automatically rejects any incoming e-mail from an address that is believed
> to be a source of spam.
>
> Now the blocklisters are being overwhelmed by Internet saboteurs who harness
> large numbers of computers to bombard their victims with vast amounts of
> junk data.
>
> In a technique called a "distributed denial of service attack," vandals
> exploit security flaws to plant programs, called "Trojan horses," on
> thousands of Internet-connected computers. They then order the Trojan horse
> programs to spew useless data at a targeted machine.
>
> It's the equivalent of having 100,000 people dial the same phone number,
> over and over, at the same time. Such attacks can knock a computer offline
> simply by swamping it with more data than it can handle.
>
> In recent weeks, say blocklist operators, a series of such attacks have been
> aimed at their computers, in what they view as a deliberate effort to force
> them off the Internet.
>
> "Bad things are going on, very bad things," said Ron Guilmette, a Roseville,
> Calif., software engineer who runs a blocklist at monkeys.com. Guilmette
> said his service has been battered by distributed denial of service attacks
> since last Tuesday, but so far he has fended off the assault.
>
> "I fortunately was able to withstand the onslaught, at least until now," he
> said.
>
> Spamhaus, one of the most prominent blocklists, has been under fire for 2
> 1/2 months, says its chief executive, Steve Linford.
>
> "We're usually under attack from 5,000 to 10,000 servers at once," Linford
> said, with incoming data flows as large as 100 million bytes per second.
> "They're extremely large attacks that would bring down just about anything."
> But Spamhaus, with 16 servers scattered through 10 countries, has been able
> to ride it out, Linford said.
>
> Julian Haight, creator of Seattle-based blocklist Spamcop, recently signed
> up with a new Internet service that provides enough bandwidth to fend off
> distributed denial of service assaults. "Prior to that," said Haight,
> "Spamcop was down for a few days," knocked off the Internet by ceaseless
> attacks.
>
> Other blocklist operators have fared even worse. Australian antispammer
> Matthew Sullivan says his Spam & Open Relay Blocking System has been under
> constant digital assault for the past month, forcing Sullivan to scale back
> his operation. "I still have two servers null routed [disconnected] and
> unavailable to the world," Sullivan said in an e-mail.
>
> The attackers have managed to drive one popular blocklist entirely offline.
> On Tuesday, Californian Joe Jared shut down his Osirusoft blocklist in an
> unexpected manner. Jared blocklisted all Internet addresses worldwide. As a
> result, businesses that relied on his list were suddenly unable to receive
> any e-mail at all, even legitimate e-mail.
>
> "He said . . . I'm going to blacklist the world. And by golly, he did," said
> Jim Miller, network administrator at Simutronics Corp., a St. Charles, Mo.,
> firm that formerly used the Osirusoft blocklist.
>
> Jared expressed regret for the way he shut down his blocklist. "I thought
> there had to be a better way to do it," Jared said. "But there wasn't."
>
> Jared said his blocklist server also hosted the website for his small
> business, which makes shoe inserts for people with foot problems. He
> couldn't shut down the blocklist server without also closing his business
> website, so he chose to make the blocklist unusable by blocking everything.
>
> He said he'd spent weeks trying to fend off the denial of service attacks
> against his servers, but "they just beat the hell out of them. . . . I just
> can't be attacked like that."
>
> <snip>
> --
> Robert J. Berger - Internet Bandwidth Development, LLC.
> Voice: 408-882-4755 eFax: +1-408-490-2868
> http://www.ibd.com

-------------------------------------
You are subscribed as interesting-people () lists elistx com
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/