News
News
5/5/2006
06:05 PM
Connect Directly
RSS
E-Mail
50%
50%

Blue Security Denies It's At Fault In Blog Outage

In another twist to this tale of denial-of-service attacks, spammers, and anti-spam security, the CEO of one security firm staunchly defends his company.

Blue Security's chief executive Friday denied that the server he repointed at a TypePad blog earlier this week brought along a denial of service attack that caused that blogging service, and others hosted by Six Apart, to crash.

"When we changed the domain name server to point to TypePad, there was no traffic flowing into our corporate server at www.bluesecurity.com," said Eran Reshef, Blue Security's CEO.

"I'm one of the victims here," Reshef said.

The dispute over the whats and hows and whens of the incident, which dropped Six Apart's TypePad, LiveJournal, and MessagePad blogging services offline for approximately 8 hours late Tuesday and early Wednesday U.S. time, was fueled Thursday by analysts who said Reshef's story didn't add up.

Friday, Reshef acknowledged that some of his company's servers had been subjected to a large denial-of-service (DoS) attacks for days, but said those were operational, or back-end, servers, and not connected to his anti-spam company's front door at bluesecurity.com. Earlier, he had denied that any DoS was underway.

"I just discovered that today," he said.

"There was no DoS on the corporate server," when he repointed the URL to a dusted-off blog on TypePad's blogs.com domain to get out the word that the site was unavailable outside Israel, where Blue Security is based.

Reshef had earlier said that a Russian spammer, dubbed "PharmaMaster," had bribed a worker at a "major ISP" to reroute Internet traffic so that no page requests reached Blue Security's Web site from outside the country. Friday, Reshef said that further investigation now led him to believe that a "blackhole filter," a technology often applied in DoS defenses, was maliciously used to block incoming traffic.

Reshef provided TechWeb with copies of Blue Security's Web logs that showed a drop in access from locales outside Israel over an hour and 45 minute span. During the last 7 minutes of that log, only 28 percent of the site accesses originated outside Israel.

"It wasn't the best decision to reroute traffic to TypePad," Reshelf said. But he again defended the repointing, saying that if he had suspected the attacker would follow Blue Security to the TypePad blog, he would have done things differently. "I would have just put out a press release," he said.

Reshef said that TypePad readers were able to add comments to the blog for at least 30 minutes after Blue Security repointed its servers. Blue Security redirected its site to TypePad at 11:20 p.m. (GMT) on Tuesday, May 2, he said. But comments were posted from 11:27 to 11:57 p.m., at which point the string broke, not to be resumed for more than two hours. Six Apart said this week that the DoS attack began at approximately 4:00 p.m. PDT (midnight GMT, May 3), or about 40 minutes after Blue Security said their site was redirected.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
The Business of Going Digital
The Business of Going Digital
Digital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - August 27, 2014
Who wins in cloud price wars? Short answer: not IT. Enterprises don't want bare-bones IaaS. Providers must focus on support, not undercutting rivals.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Howard Marks talks about steps to take in choosing the right cloud storage solutions for your IT problems
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.