×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

797 comments

Why does he think it's spammers? (5, Insightful)

seanadams.com (463190) | more than 10 years ago | (#6817435)

Apparently spammers aren't going to sit by...

Has anyone stopped to think that maybe it's not spammers who are doing this? I hate spam with a passion, but words cannot describe my pleasure in seeing these blacklists, especially SPEWS, shut down. They are pure evil in their methods, and largely ineffective against spam while causing massive inconvenience for ISPs and legitimate users of the network.

All of these centralized blacklists have made so many enemies in their history that any finger pointing is simply laughable. They have made powerful enemies, including the large ISPs who happen to be the only ones that in a position to stem these attacks. This is not your normal DDOS: it is not only the originators of the DDOS, but the very network itself that wants them destroyed!

MOD PARENT DOWN. (5, Funny)

Anonymous Coward | more than 10 years ago | (#6817454)

Althought he presents a valid arguement, WE DONT WANT TO HEAR THAT!

MOD PARENT UP (0)

Anonymous Coward | more than 10 years ago | (#6817491)

This is right on target, IMHO.

Why do the authors of --> EVERY -- submission *INSIST* on inserting their 1-sentence editorial at the end of each story?

Re:MOD PARENT UP (0)

Anonymous Coward | more than 10 years ago | (#6817567)

Why do the authors of --> EVERY -- submission *INSIST* on inserting their 1-sentence editorial at the end of each story?

Two reasons:

a) As moderators, they are immune from the -1, troll bitchslap

b) Where better place to troll than the story itself?

I am envious of their trolling capabilities.

MOD PARENT SIDEWAYS (5, Funny)

Anonymous Coward | more than 10 years ago | (#6817525)


Everyone appears to want to direct mod power today, so why not?

Re:Why does he think it's spammers? (1, Troll)

The Old Burke (679901) | more than 10 years ago | (#6817540)

I hate spam with a passion, but words cannot describe my pleasure in seeing these blacklists, especially SPEWS, shut down. They are pure evil in their methods, and largely ineffective against spam while causing massive inconvenience for ISPs and legitimate users of the network.
Pure evil? So beacuse someone sets up a system to block those servers that allow spam this system becomes pure evil?

Legitimate users? I guess that you are refering to users that "accidentaly" rents space at the same place as some spam-house. Innefectiv? Yes maybe today, but not when they where updated and cheched?

All this leads me to the conclucion that since you are defending these spammers so frequently you are probably someone that supports or maybe earns money by harboring spam-bussinesses.

ever tried to get off SPEWS? (4, Insightful)

Barbarian (9467) | more than 10 years ago | (#6817590)

Go to nana-e, and they'll tell you that robots from space run SPEWS, and there's no way to get a hold of them. They start with Class C's, then progress to banning class A's. Some of the crazies who post on nana-e even have the whole country of Brazil banned on their private lists. SPEWS had information too on DNS blackholing (i.e. preventing your users from going to internet sites) and on HTTP blocking. If it was anyone else (the government) who was advocating this, people would be outraged.

Re:ever tried to get off SPEWS? (4, Informative)

sqlrob (173498) | more than 10 years ago | (#6817684)

BZZZT.

They start with the IP, then list class C, then widen the number of class Cs. It takes a fucking lot to get expanded. There is less than 1% of the internet listed by SPEWS (after removing IANA reserved space)

I have Brazil, Argentina, Korea and China tagged on my server. Number of false positives: 0. YMMV.

Re:Why does he think it's spammers? (1, Flamebait)

Gorm the DBA (581373) | more than 10 years ago | (#6817596)

Gee...so daring to think that perhaps the cure is worse than the disease makes someone a spammer sympathizer?

Sounds kinda like McCarthy witchhunts, where those who refused to name names and testify against their friends were branded "Commie Sympathizers"

Oh...I just noticed, the poster is a proud Republican...that explains it. Anyone who feels the need to brag about their conservatism generally has a soft spot for Joe McCarthy.

Re:Why does he think it's spammers? (5, Insightful)

nearlygod (641860) | more than 10 years ago | (#6817643)

The problem is that they are not checked and updated (at least in my experience). My companyies IP (actually my ISP's entire C-block is blacklisted by one list and dispite trying for 6 months, I have had no luck getting removed. I have gotten zero responce from the blacklist dispite many attempts and following their removal instruction to the letter. No other blacklist has us listed and we have never had an open rlay or sent spam. So to me, this particular blacklist is evil and since they are the only one that I have had to deal with, I wouldn't be suprised if others have had the same experience.

Re:Why does he think it's spammers? (5, Informative)

P!Alexander (448903) | more than 10 years ago | (#6817662)

My own email provider (Fastmail.fm) is very proactive about eliminating spammers and has a very strict anti-spam policy; however, it has been erroneously listed on Spamcop on at least one occasion causing problems for all of its legitamite users.

Here's a great blow by blow report [fastmail.fm] of one such incident by Jeremy Howard, one of the directors of the company, as well as some reasons the list doesn't work.

MOD THE PARENT (0)

Anonymous Coward | more than 10 years ago | (#6817578)

Just mod the damn thing.

let them think it's the spammers (0)

Anonymous Coward | more than 10 years ago | (#6817579)

seems like a good way to have two problems solve themselves simultaneously, like two panicking people in a pool who can't swim who grab onto each other.

Re:Why does he think it's spammers? (3, Insightful)

ahodgson (74077) | more than 10 years ago | (#6817598)

Actually SPEWS is very effective. It makes people DO something about spammers they are harbouring or sharing space with. Naturally, that's why you hate them.

MOD PARENT TO GRANDPARENT (-1, Flamebait)

NetMagi (547135) | more than 10 years ago | (#6817605)

why are u looking here. .if you didn't laff yet the show's over. .now go away

MOD PARENT FLAMEBAIT (0)

Anonymous Coward | more than 10 years ago | (#6817607)

The proof is in the pudding, is it not?

Re:Why does he think it's spammers? (1)

geeveees (690232) | more than 10 years ago | (#6817615)

"it is not only the originators of the DDOS, but the very network itself that wants them destroyed!"

whoa

thats deep man

indeed (5, Insightful)

Trepidity (597) | more than 10 years ago | (#6817616)

Even if you happen to like the blocklists and agree with their methods, it's clearly irresponsible to assume they're being attacked by spammers -- there are a lot of non-spammers who would love to take them out.

Re:Why does he think it's spammers? (1)

hypovex (639352) | more than 10 years ago | (#6817626)

I agree completely. Having had to deal with spammers directly on a pretty regular basis over the last 3-4 years, I would doubt the vast majority are technically competent enough to pull something like this off. Spews/Osirusoft have long since pissed off enough people through their excessive blacklisting that some sort of backlash was pretty inevitable. The anonymity of spews won't save em from this. I'm surprised this didn't happen a long time ago.

Re:Why does he think it's spammers? (5, Insightful)

fmaxwell (249001) | more than 10 years ago | (#6817642)

I hate spam with a passion, but words cannot describe my pleasure in seeing these blacklists, especially SPEWS, shut down.

I will be equally happy when someone uses a DoS to keep you from posting comments with which I disagree. As you point out, a DoS is a valid way to suppress free speech.

They are pure evil in their methods,

How is it "evil" to publish a list of IP addresses that match a listing criteria? You don't want to block e-mail from Nigeria? Fine. Don't use nigeria.blackholes.us. You don't like SPEWS listing criteria? Don't use them. (I don't because I don't like their criteria).

and largely ineffective against spam while causing massive inconvenience for ISPs and legitimate users of the network.

Absolutely untrue. I use several of the blacklists for my domain and the quantity of spam blocked is tremendous with very little collateral damage. Without those blacklists, I would be seeing far more spam than legitimate e-mail every day.

They have made powerful enemies, including the large ISPs who happen to be the only ones that in a position to stem these attacks.

Yeah, the same large ISPs who, in many cases, were writing "pink contracts" for spammers and making money from spam. Those are the large ISPs that really hate the blacklists. And if it wasn't for the blacklists, more and more ISPs would be writing pink contracts.

Blacklists' downfall (2, Interesting)

Nonac (132029) | more than 10 years ago | (#6817439)

I'm not condoning this DDoS, but the perpetrator is probably just some sysadmin running a legitimate, secure server that found its way onto some blacklists and got frustrated by all the red tape getting off the lists. This may be his last hope to get off their list.

I wonder how many people really rely on blacklists anymore. I've tried using them before only to find out that over half of my legitimate email was being filtered and a significant amount of spam was still getting through.

Bayesian is the only affective method I've seen for significant spam reduction.

Re:Blacklists' downfall (1, Insightful)

Eric Ass Raymond (662593) | more than 10 years ago | (#6817595)

got frustrated by all the red tape getting off the lists.

If there is any red tape to get off the list.

Most spam-blockers seem to have an implicit policy of never unblocking the IPs.

Re:Blacklists' downfall (1)

martyros (588782) | more than 10 years ago | (#6817659)

Hmm, this is like the theory of Saddam & Osama working together. The US is in Saudi Arabia to protect it against Saddam; Osama doesn't like infidels in his holy homeland, so he attacks the US and teams with Saddam, rather than attacking Saddam, so that the US can just leave. (I'm aware that there's no evidence of Saddam & Osama teaming up: I'm saying that the idea of them teaming up is even more strange, since Saddam is the very reason the US is in Saudi in the first place.)

It seems to me that a better idea for said 'legitimate' sysadmin would be to DDOS all the spam sites, driving *their* bandwidth cost through the roof. But who says angry people are rational...

As has been discussed much in the previous post about Osirus going down, the purpose of blacklists was never to decrease your own spam, but to put pressures on ISPs to stop hosting spammers. With no 'collateral damage', an ISP has no economic incentive to shut down spammers. With the collateral damage, an ISP can chose between the money from the spammer, or the money from all its other customers adversely affected by the blacklist.

Quite a few actually. (3, Informative)

AltGrendel (175092) | more than 10 years ago | (#6817670)

There are many people on both the SpamAssassin and qmail-scanner list that are talking about this. Any software that uses RBLs may have to be reconfigured.

And depending on just Bayesian filtering is putting all of your eggs in one basket, IMHO (though it is a pretty darn good basket). There are many spammers out there trying to poison Bayes databases by adding random dictonary words to their HTML based emails.

Best defense is a good offense (5, Funny)

Lead Butthead (321013) | more than 10 years ago | (#6817442)

So when do we get to launch our DDoS against the spammers again?

Re:Best defense is a good offense (2, Funny)

dewdrops (79519) | more than 10 years ago | (#6817517)

So when do we get to launch our DDoS against the spammers again?

Let's send them tons of unwanted emails advertising p0rn and herbal supplements.

It's illegal (4, Insightful)

mabu (178417) | more than 10 years ago | (#6817445)

Would someone please remind the federal government that DOS attacks are illegal? Anyone want to encourage them to take action against these people? Can they stop playing golf long enough to do their job?

It's whose ears you own... (1)

Lead Butthead (321013) | more than 10 years ago | (#6817539)

[sarcasm]
Well, spammers has varies "online marketing association" that owns the ears of some politicians in the capital. And the anti-spammers has...?
[/sarcasm]

Attack against anti-spammers is a vigilanti action. Attack against spammers is a federal felony.

Re:It's illegal (2, Interesting)

Popsikle (661384) | more than 10 years ago | (#6817544)

See the thing about DoS attacks is that they are normally (at least now-a-days) DDoS. Distrubuted Denial of Service.
Attempting to find who is launching these attacks (its not right that the media assumes its the spammers) is VERY VERY unlikley.
The only thing you can really do is filter the attack. You cant really block 1000's of different legitamite, even if they are comprimised, from your services.

Unless you can find the IRC Bot, which 99.9% of these attacks are controlled from, you cant determine who started the DDoS. Even if you find a IRC hostname, chances are its BNC'd anyway, and what good would that do you.

Yes it might be illegal, but the internet is still very much like the wild wild west, sherrifs have no control and there are too many wide open spaces to hide.

The $25,000 Question (1)

overshoot (39700) | more than 10 years ago | (#6817575)

The FBI (who have jurisdiction) don't investigate crimes with less than $25,000 provable damages. Well, that or $25,000 in campaign contributions. Either way, the blocklist maintainers (who all work pro bono publico) can't prove the damages, so the law effectively doesn't apply.

Re:It's illegal (0)

Anonymous Coward | more than 10 years ago | (#6817651)

It's no spammers doing the DDOS, it's terrorists doing the DDOS. Maybe the US government wakes up, if we call our enemies by their name: it's Osama BinLaden, AlQuaeda and all those terrorists attacking our network infrastructure!

First Post. (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#6817447)

SEEEEEEEEEEEXXXXX!

No Surprise Here (0)

Anonymous Coward | more than 10 years ago | (#6817457)

Spam, DDoS attacks, both clog networks, cost businesses money. We already know that spammers would do these kinds of thing so this comes as no surprise

Site is becomming slashdotted - heres the text. (-1, Troll)

Anonymous Coward | more than 10 years ago | (#6817459)

Saboteurs hit spam's blockers

By Hiawatha Bray, Globe Staff, 8/28/2003

Internet vandals have found a new target: a group of online services that seek to block billions of unwanted spam e-mail messages.
ADVERTISEMENT

The services, called "blocklists," are used by many Internet providers and major corporations to shield e-mail recipients from overwhelming amounts of junk mail. Subscribers link their e-mail servers to the blocklist, which automatically rejects any incoming e-mail from an address that is believed to be a source of spam.

Now the blocklisters are being overwhelmed by Internet saboteurs who harness large numbers of computers to bombard their victims with vast amounts of junk data.

In a technique called a "distributed denial of service attack," vandals exploit security flaws to plant programs, called "Trojan arses," on thousands of Internet-connected computers. They then order the Trojan arse programs to spew useless data at a targeted machine.

It's the equivalent of having 100,000 people pound the same ass hole, over and over, at the same time. Such attacks can knock a computer offline simply by swamping it with more data than it can handle.

In recent weeks, say blocklist operators, a series of such attacks have been aimed at their computers, in what they view as a deliberate effort to force them off the Internet.

"Bad things are going on, very bad things," said Ron Guilmette, a Roseville, Calif., software engineer who runs a blocklist at monkeys.com. Guilmette said his service has been buggered by distributed denial of service attacks since last Tuesday, but so far he has fended off the assault.

"I fortunately was able to withstand the onslaught, at least until now," he said, smiling.

Spamhaus, one of the most prominent blocklists, has been under fire for 2 1/2 months, says its chief executive, Steve Linford.

"We're usually under attack from 5,000 to 10,000 servers at once," Linford said, with incoming data flows as large as 100 million bytes per second. "They're extremely large attacks that would bring down just about anything." But Spamhaus, with 16 servers scattered through 10 countries, has been able to ride it out, Linford said.

Julian Haight, creator of Seattle-based blocklist Spamcop, recently signed up with a new Internet service that provides enough bandwidth to fend off distributed denial of service assaults. "Prior to that," said Haight, "Spamcop was down for a few days," knocked off the Internet by ceaseless attacks.

Other blocklist operators have fared even worse. Australian antispammer Matthew Sullivan says his Spam & Open Relay Blocking System has been under constant digital assault for the past month, forcing Sullivan to scale back his operation. "I still have two servers null routed [disconnected] and unavailable to the world," Sullivan said in an e-mail.

The attackers have managed to drive one popular blocklist entirely offline. On Tuesday, Californian Joe Jared shut down his Osirusoft blocklist in an unexpected manner. Jared blocklisted all Internet addresses worldwide. As a result, businesses that relied on his list were suddenly unable to receive any e-mail at all, even legitimate e-mail.

"He said . . . I'm going to blacklist the world. And by golly, he did," said Jim Miller, network administrator at Simutronics Corp., a St. Charles, Mo., firm that formerly used the Osirusoft blocklist.

Jared expressed regret for the way he shut down his blocklist. "I thought there had to be a better way to do it," Jared said. "But there wasn't."

Jared said his blocklist server also hosted the website for his small business, which makes shoe inserts for people with foot problems. He couldn't shut down the blocklist server without also closing his business website, so he chose to make the blocklist unusable by blocking everything.

He said he'd spent weeks trying to fend off the denial of service attacks against his servers, but "they just beat the hell out of them. . . . I just can't be attacked like that."

Jared isn't sure he'll ever run a blocklist again. "What I am going to do is take a vacation," he said. "I need one."

News of the attacks on blocklist servers comes as the Internet is still reeling from a series of attacks by fast-spreading worm programs. One of the worms, Blaster, was designed to launch distributed denial of service attacks against Internet computers run by Microsoft Corp. Another, SoBig.F, planted Trojan horse software on infected computers, which could also have been used to carry out such attacks.

Computer security experts say there's no reason to assume a connection between the recent worms and the attacks on blocklist sites. They said that millions of computers worldwide were already infected with Trojan horse programs, even before the recent spate of worms. Vandals can take control of these machines and launch Internet attacks at will.

"I don't think the people who do this sort of thing need a SoBig," said Alfred Huger, senior director of engineering for the security response team at antivirus software maker Symantec Corp. "There are many worms out there that plant programs for doing denial of service attacks. Lots of them."

None of the victims have any idea who is behind the attacks. The FBI is investigating the SoBig worm, but tracking down the creator of a worm or Trojan horse is extremely difficult. Spamcop's Haight theorizes that the increasingly sophisticated attacks suggest a link with organized crime, but admits he hasn't a shred of evidence.

"We all would love to know who it is," Haight said, "but nobody does."

Hiawatha Bray can be reached at bray@globe.com.
(C) Copyright 2003 Globe Newspaper Company.

-1 REDUNDANT IT IS NOT GETTING SLASHDOTTED (0)

Anonymous Coward | more than 10 years ago | (#6817515)

fucking karma whores

Karma Whore? (1, Informative)

Anonymous Coward | more than 10 years ago | (#6817556)

How can he be whoring for karma if he posted AC?

Re:Site is becomming slashdotted - heres the text. (1)

JaredOfEuropa (526365) | more than 10 years ago | (#6817526)

Trojan arses
Ehh? Time to re-read Homer, I think I missed something here.

you posted the way to make goatse (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#6817532)

Re:Site is becomming slashdotted - heres the text. (0)

Anonymous Coward | more than 10 years ago | (#6817552)

"It's the equivalent of having 100,000 people pound the same ass hole, over and over, at the same time."

Was this text really in the article? Specifically, the part about 100,000 people pounding the same ass hole? Mods on Crack? Again?


Very clever little troll mr submitter.

THE POST ALTERS THE ARTICLE'S TEXT, MOD IT DOWN (0, Troll)

analog_line (465182) | more than 10 years ago | (#6817562)

Mod it down. I'd heard trolls were doing this. Boston.com isn't even near being slashdotted.

Re:THE POST ALTERS THE ARTICLE'S TEXT, MOD IT DOWN (1)

Potent (47920) | more than 10 years ago | (#6817664)

Mod it down?

Hell, this is the funniest thing I've seen all week! :)

Re:Site is becomming slashdotted - heres the text. (0)

Anonymous Coward | more than 10 years ago | (#6817571)

Well not really that clever, but it serves a socially useful purpose if it persuades mods to actually READ what they are modding! Honestly.

Re:Site is becomming slashdotted - heres the text. (1)

fatboy (6851) | more than 10 years ago | (#6817584)

It's the equivalent of having 100,000 people pound the same ass hole, over and over, at the same time. Such attacks can knock a computer offline simply by swamping it with more data than it can handle.

Hahaha! Too bad that was not in the real article.

Re:Site is becomming slashdotted - heres the text. (0, Offtopic)

Damn_Canuck (702128) | more than 10 years ago | (#6817673)

Maybe it's just me, but looking at the points that he has received for this post (which was interesting since I couldn't access the original)... a +1 mod was received, with a total of only 90% listed below.. what happened to the other 10%? Did the same MIT Mathematicians who SCO hired manage to get mod status here?

whitelisting or pay for e-mail needed? (1)

pwarf (610390) | more than 10 years ago | (#6817461)

It may be easier to just go to white-listing or have some people go to a pay per e-mail thing (or spend computational time on protein-folding, as suggested earlier).

Re:whitelisting or pay for e-mail needed? (1)

Mephie (582671) | more than 10 years ago | (#6817629)

Pay per email would be pretty interesting. General email at a low cost per message sent, if it crosses network borders. And between hosts would cost, like from msn.com to aol.com, but would not cost if sent to someone with the same host; aol.com to aol.com. It'd be almost like a phone company with local v. long distance calling rates.

Heck it could even be set up so that someone who sends a lot of mail could purchase a package that includes X number of free emails per month.

I'd think that would be extremely difficult to effectively set up, logistically, though, and the business world would likely (understandably) have an absolute fit if the idea were ever seriously considered.

Then again, maybe it'd save enough money in terms of bandwidth that it would be worth it.

Try as they may... (4, Funny)

grasshoppa (657393) | more than 10 years ago | (#6817462)

Apparently spammers aren't going to sit by and let people try to ignore their unwanted pitches.Too bad my users and I are behind a trained spamassassin, then, eh?

justice (0)

NetMagi (547135) | more than 10 years ago | (#6817465)

this is rediculous. . . they get away with hitting us with tens of thousands of unwanted CRAP every day and now they can ddos one of the best solutions we currently have.

Maybe it's time for some vigilante justice.

Spammers HAVE to have a weaknes. .

Re:justice (3, Funny)

grasshoppa (657393) | more than 10 years ago | (#6817516)

Spammers HAVE to have a weaknes. .

I find most people, when a hammer is liberally applied to the head, find their weakness to be blunt objects.

They tend to dislike them.

Might not be spammers (4, Interesting)

G-funk (22712) | more than 10 years ago | (#6817468)

Of course it probably is spammers, but it wouldn't suprise me if some people who've had themselves blacklisted unfairly would like to ddos some blacklist servers into the beyond.

Personally I don't believe blacklists are the way to go, I think simply intelligent filtering should be installed wherever possible, and eventually spam will die out. I know spammers are smart and work their way around all sorts of blocks, but so are we, and there's a lot more of us than there are of them.

ObDisc:Don't bother flaming me about "collateral damage" or any of that crap, since I'm not the one ddosing the servers, and I've yet to find myself blacklisted, so I'm not interested.

Re:Might not be spammers (1)

johny_qst (623876) | more than 10 years ago | (#6817573)

I'm not trying to flame you or pester you, but could you please change the backround on your site the next time you go through a redesign process... I hate it when you are watching me read about your work.

it could be anybody (-1, Redundant)

Anonymous Coward | more than 10 years ago | (#6817472)

so let's not jump to conclusions

SoBig (5, Interesting)

ifreakshow (613584) | more than 10 years ago | (#6817474)

Earlier this week when people talked about the writer of SoBig leasing his virus network for spamming [slashdot.org] many people said spammers wouldn't want to be involved with virii/attacks. I think the DOSing of black list sites pretty much shows that the people sending spam have little moral problem with invading your computer to break the law.

Solution (4, Funny)

alphax45 (675119) | more than 10 years ago | (#6817479)

Why don't we just offer all the main spammers a free seminar on some small island in the south pacific or somewhere where no one will care, then when they all get there..

NUKE IT!!!

Problem solved :)

Funding and source for these attacks? (1)

rickthewizkid (536429) | more than 10 years ago | (#6817482)

I wonder... Is it the people who are paying for the SPAM also paying for these attacks? I can imagine a campaign among these sleazeballs drumming up support for a DDOS of the spam blacklists...

Just my act-now-to-get-a-six-foot-penis worth...
RickTheWizKid

Re:Funding and source for these attacks? (0)

Anonymous Coward | more than 10 years ago | (#6817583)

I dunno where the money's coming from, but I bet it buys a shitload of Viagra.

Soon you'll be able to tell a spammer because they'll be walking around like a tripod mumbling something about "spam doesn't work" and "I used the excess stock"...

Mark my words. Next primaries, look for the dude with the scout tent in his pants. He's the guy with the spam campaign.

Re:Funding and source for these attacks? (1)

The_K4 (627653) | more than 10 years ago | (#6817606)

I would doubt that. If the case where they are paying spamers to spam, all they need to say is "My contract stipluates taht every user must have the right to opt out". If intentional fund a DDOS attack then they would be liable in civil court.

Re:Funding and source for these attacks? (0)

Anonymous Coward | more than 10 years ago | (#6817645)

Ok, I should have previewed that. -1 for being lazy and trying to save time, and failing.

who says its spammers? (5, Interesting)

tongue (30814) | more than 10 years ago | (#6817486)

what makes you think its spammers? there a plenty of legitimate email users with a beef against these fascists--me, for one. i had a domain on a subnet that's entirely blocked despite the fact that i don't have open relays nor have i ever done any kind of spamming. several of my clients within larger corporate structures couldn't receive email from me because some PHB read in DildoCTO Quarterly that these lists can stop spam--never mind the fact that they can stop any kind of legitimate email use as well. There were a LOT of times i'd wished i had had the wherewithal to undertake something like this; spammers or not, i applaud the culprits.

Wow... (0)

johny_qst (623876) | more than 10 years ago | (#6817488)

This is the silliest thing I ever expected to read in a spam story...
Spamcop's Haight theorizes that the increasingly sophisticated attacks suggest a link with organized crime, but admits he hasn't a shred of evidence.
Anyone else have a wilder guess?

Re:Wow... (1)

stratjakt (596332) | more than 10 years ago | (#6817524)

Yeah only the mob has such sophisticated tools at their disposal, and obviously employ the most fiendishly clever hackers on the planet.

As others have pointed out, there are a lot of people who hate these little censor lists, their arbitrary and often politically motivated "blacklisting".

With these folks, the cure is often worse than the disease. Now instead of your company "losing revenue" due to spam, you lose clients due to their inability to contact you.

Re:Wow... (0)

Anonymous Coward | more than 10 years ago | (#6817630)

Jeez. Could you be any more transparent? I knew that was a troll before I even saw your username!

~~~

Yes (4, Funny)

FreeUser (11483) | more than 10 years ago | (#6817619)

This is the silliest thing I ever expected to read in a spam story...

pamcop's Haight theorizes that the increasingly sophisticated attacks suggest a link with organized crime, but admits he hasn't a shred of evidence.

Anyone else have a wilder guess?


Yes. It's Aliens launching a denial of service attack in advance of their assimilation of the human race. This is clear and obvious to the most casual observer, although I don't have a shred of evidence to support this notion.

Re:Wow... (1)

bad-badtz-maru (119524) | more than 10 years ago | (#6817644)

Actually there could be some credibility to this, as much of the spam is porn-related and organized crime is involved in the net porn industry. Apparently its a good way to launder money.

Distributed blocklists (5, Insightful)

silentbozo (542534) | more than 10 years ago | (#6817493)

Bad for them. The main reason for creating centralized blocklists was so people who reformed, or who kicked spammers off their blocks, could have their IPs relisted without having to worry that random admins had hardcoded filters into their routers. One central source for listing, one central source for delisting.

If they succeed in negating the value of centralized blocklists, guess what - admins will go back to blacklisting blocks manually. Those IP blocks will become useless once enough people add them to their blocklists, and there won't be any easy way of redeeming them.

Anyone who wants to get internet access better get a clause in their contract guaranteeing that the IPs they get weren't abused by someone in the past, or else they might be getting a useless connection.

Re:Distributed blocklists (1)

jj_johny (626460) | more than 10 years ago | (#6817621)

You can't trust that a message is from who it says its from. You can't trust the IP that is used. You can't trust the headers. So....

Just think about the SoBig virus and its expected payload of spambots is just the reason that you can't use blacklists. I agree that every ISP should be require those that setup mail servers on their networks to make sure they are not open relays but blocklists are yesterday's method that suprise the spammers are going to get around.

Re:Distributed blocklists (1)

TheSHAD0W (258774) | more than 10 years ago | (#6817675)

Digital signatures can be used to sign messages of this sort. You would still want to get your key from a central point; but this would make a lousy target for DoS, since once you had the key you could keep it, or if you needed it you could wait for a break in the attack, or get the key from someone you trusted.

Spammers? (0, Offtopic)

I KNOW MARTIAL ARTS (701038) | more than 10 years ago | (#6817502)

Everyone knows it is Microsoft and SCO working together. The spam sent to the open source community will surely destroy the Linux kernel programmers' productivity. Duh.

Desparation (4, Insightful)

RevJim (564784) | more than 10 years ago | (#6817503)

This is an act of desparation on the part of spammers that proves the anti-spammers are winning the battle. Fortunately, the next phase of the "war" is moving away from blacklists and focusing on technologies that are user-based and user-specific, such as Bayesian filtering. There is no level of DDoS attack that can stop that battle.

Bad spam (1)

red_dragon (1761) | more than 10 years ago | (#6817506)

... battering many other blocklist services...

"Spam, spam, spam, spam. Lovely spam, wonderful... Ow! Ow! Stop that! Bad spam! Ow! That hurts!"

Impressive (3, Funny)

3terrabyte (693824) | more than 10 years ago | (#6817508)

"We're usually under attack from 5,000 to 10,000 servers at once," Linford said, with incoming data flows as large as 100 million bytes per second. "They're extremely large attacks that would bring down just about anything." But Spamhaus, with 16 servers scattered through 10 countries, has been able to ride it out, Linford said.

Impressive.
Hopefully there isn't a slashdot story linking to them any time soon!

distributed? (2, Interesting)

TheSHAD0W (258774) | more than 10 years ago | (#6817518)

Might need to move these block lists onto a distributed network. If lists were sent out via a Gnutella- or BitTorrent-like system, using digital signatures to verify authenticity, it'd be impossible to DoS.

blah (1)

wmaker (701707) | more than 10 years ago | (#6817529)

So, these services figured out how to non-effectively block spam, now they should release something that non-effectively blocks DoS attacks.

solution (1)

NetMagi (547135) | more than 10 years ago | (#6817531)

blacklists might not be the best defense we have. .they sure aren't perfect. .but ddos'ing them is childish.

The fundamental problem is that SPAM WORKS.

What we need is soem silly grass-roots movement/boycott to get people to STOP doing business with companies that adverstise with UBE.

If spam didn't work, they wouldn't send it.

Yeah, spam's bad.... (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#6817535)

[130.126.214.69]

But Anime Cat Girls are even worse!

Client-side blocking (5, Interesting)

jtoker (693138) | more than 10 years ago | (#6817537)

I'm not too disappointed to hear of these new attacks. Conspiracy theories and the like aside, I'd rather have the responsibility for SPAM-blocking placed on the client side.

Damnit, if I want a larger penis, then I should be able to read SPAM directed towards that. That being said, I'd much prefer if these SPAM services were forced to be opt-in.

Unfortunately, client-side filtering doesn't adequately address the massive amounts of bandwidth consumed by SPAM operations. Nonetheless, the idea that an autonymous corporation/whatever can decide what is valid e-mail for ME is just as offensive, in my opinion, as e-mail advertising product/scam/idea X.

Peas,
j

MOD THE PARENT (1, Funny)

Anonymous Coward | more than 10 years ago | (#6817543)

Just Mod the damn thing.

Blacklists ARE useful (5, Interesting)

Gothmolly (148874) | more than 10 years ago | (#6817549)

Because you can reject mail at the SMTP level. I typically get about 70 emails a day to my own server. About 40-50 get denied by a DNS based filter on qmail (rblsmtpd). Which means on average, only 25 get through to Spamassassin, where another 15-20 are deleted due to high spam thresholds. Then I get about 5-8 real emails, and maybe 1 or 2 spams that make it through (which Mozilla mail promptly eats as spam).
If I had to burn CPU to Bayes-classify all mails, it would bog me down more than I am now (running on Linux on an old PC).
DNS based BL is useful because it doesn't even let it in the door.

"Trojan arses"??? (5, Funny)

phillymjs (234426) | more than 10 years ago | (#6817557)

From the article: In a technique called a "distributed denial of service attack," vandals exploit security flaws to plant programs, called "Trojan arses," on thousands of Internet-connected computers. They then order the Trojan arse programs to spew useless data at a targeted machine.

The mental image of a bunch of Greek soldiers pouring from the sphincter of a huge, wooden butt is just too funny for words.

~Philly

Ah, never mind (1)

phillymjs (234426) | more than 10 years ago | (#6817602)

I pulled up the original article, and it looks like the karmawhore who posted the text may have had a little fun with it.

This is crazy (1, Interesting)

Anonymous Coward | more than 10 years ago | (#6817561)

The FBI ought to make this a priority. Instead they're probably busy investigating some company's claims to have lost $100k to an intrusion. That kind of damage figure is a gross overestimation 99% of the time... e.g. the IT people weren't going to be overly productive doing something else (rather than investigate the attack) anyways. Instead, here you have tens of thousands of people losing real value. The economic definition of value lost to a nuisance is the maximum amount of money you'd be willing to pay to get rid of the nuisance. I'd personally be willing to pay up to $500 a year to get rid of spam permanently (to anyone but the spammer of course.) Assuming that the average RBL user's a little less sensitive than I am, say, at $100 a year, that's still $1 million for just 10,000 RBL users, and I'm sure there are at least that many mail server operators that use the lists, let alone spam-sensitive users on those servers.

Hooray! (2, Insightful)

Gay Nigger (676904) | more than 10 years ago | (#6817589)

What makes you think spammers are to blame? Spam blocklists are censorware - their (unaccountable, usually anonymous) maintainers are beholden to none except themselves, often block sites for no other reason than to further their own political agendas, and burden innocent bystanders (unwitting customers of an ISP that (might) host spammers) with the cost of doing their job for them.

Good riddance, I say. I sure won't miss them.

The Internet has you!! (4, Funny)

ph43thon (619990) | more than 10 years ago | (#6817593)

the internet has become self-aware.. these aren't trojans and virii that we see.. (well, they are, but) we're seeing the Internot wake up. It's practicing by attacking blacklists.. since they prevent full unfettered emailing. Network Packets have become the flowing nuerons of it's killer Internett brain.. all these random SoBigs and Slammer.Dongs are multiplying to the point where sentient behaviour must emerge!!!!

HAAHAHAHAHAHAHAHAAHAHAHA@@@@#!!&nbsp ; you beloNG TO THE INTERRRNOTT@@!!

Re:The Internet has you!! (0)

Anonymous Coward | more than 10 years ago | (#6817681)

emergent behavior would take a lot more Virii and Trojans than what are currently floating around. But, it'd be neat.

Morons postblock using Whoremal lunchen. (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#6817594)

Where are the corpirate felonIEs when you need to increase the cost of babIEs to $40? The SCOcks are falling, and robbIE is fleeing for cover.

Please consult with yOUR consultants for 2 babIEs an hour on the matter of the patentdead postblock(tm) device, harrIE will advice you on the fate of yOUR comPUKErs.

Way to go larrIE, the price of babIEs are the perfect result of corpirate FraUD!.

SoBig.F zombies attack!!! (4, Interesting)

hey (83763) | more than 10 years ago | (#6817597)

Maybe this is the SoBig.F zombies at work. They have awakened from their "sleeper cells". There was a rummor [slashdot.org] that they were going to be used by spammers -- but not in this way.

Go ahead and let them die (4, Interesting)

RevJim (564784) | more than 10 years ago | (#6817618)

I know it sounds heartless, but as a group, blacklists are becoming less-useful by the minute.

If they were all to disappear today, it would only speed the adoption of much more valuable tools against spam, namely bayesian-type filters that are far more effective.

Yet another legitimate p2p use... (2, Interesting)

otis wildflower (4889) | more than 10 years ago | (#6817634)

.. cryptographically sign or hash the blacklist databases, and let mail admins p2p/rsync them..

Still, the only workable solution is cryptographically-secure signatures, probably with a SSL/TLS set of root certs.

Hell, sounds like a job for the post office! Keep it relevant in the age of email..

These attacks must be stopped! (5, Funny)

teamhasnoi (554944) | more than 10 years ago | (#6817649)

Otherwise, we are going to be a nation of skinny, refinanced, gargantuan penises that want to show you something on our webcams!

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...