[<prev] [next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.21.0605250338180.9301-100000@linuxbox.org>
Date: Thu, 25 May 2006 03:40:01 -0500 (CDT)
From: Gadi Evron <ge@...uxbox.org>
To: botnets@...testar.linuxbox.org
Cc: bugtraq@...urityfocus.com
Subject: Black Frog: next generation botnet. No generation spam
fighting
To report a botnet PRIVATELY please email: c2report@...tf.org
----------
Black Frog - a new effort to continue the SO-CALLED Blue Security fight
against spammers. A botnet, a crime, a stupid idea that I wish would have
worked.
http://news.google.com/news?q=black+frog
Blue Frog by Blue Security was a good effort. Why? Because they wanted to
"get spammers back".
They withstood tremendous Distributed Denial of Service (DDoS) attacks and
abuse reports, getting kicked from ISP after ISP.
They withtood the entire anti spam and security community and industry
saying they are bad.
The road to heaven is filled with good intentions. Their's was golden, but
they got to hell, quite literally, non-the-less.
They did not hurt any spammer (okay, maybe one), as their attacks reaches
servers spammers already moved from, domains spammers already dumped for
the sake of thousands of other bulk-registered throw-away domains and so
on.
Their attacks did reach hacked machines which hosted other sites. Their
attacks reached ISP's with other users and their attacks hurt the Internet
as well as these other legitimate targets.
Blue Security also got a lot of PR, good and bad, but they were not here
first. Lycos Europe with their "make love not spam" effort was. ISP's
globally nullrouted that service, as it was indeed, much like Blue
Security's, a DDoS tool by the use of a botnet. A botnet in this case
being numerous computers controlled from a centralized point to launch,
say, an attack.
Lycos Europe soon realized their mistake and took their service off the
air. Blue Security had 5 Millions USD of VC money to burn, so they stayed.
Even if they did reach spammers with their attacks (which they didn't),
they would still hurt so many others with the attacks, and the Internet
itself. When Blue Security came under attack they themselves said how DDoS
attacks are bad, and their fallout hurts so much more than just their
designated target.
That said, who is to determine said target?
When Blue Security went down, some of us made a bet as to when two bored
guys sitting and planning their millions in some caffe would show up, with
Blue Security's business plan minus the DDoS factor. Well - they just did.
Thing is, a P2P network is just as easy to DDoS. It has centralized
points.
It is, indeed, a botnet.
I want to kick spammer behind too, but all I would accomplish by helping
these guys is performing illegal attacks and hurting the Internet as well
as innocent bystanders.
This business model will not last. It will get PR, but it will not be
alone. 10 other efforts just such as this will follow. Now that Black Frog
made their appearance - sooner rather than later.
How long is this journey of folly going to continue? Any service provider
which hosts them is as guilty of the illegal DDoS attacks as anyone who
signs up with them.
The way to kick spammer behinds is to, plain and simple, put them in
jail. I.e., change the economics. Make it more risky and less
cost-effective for them Bad Guys to spam.
Stop Black Frog Now.
Gadi Evron.
_______________________________________________
To report a botnet PRIVATELY please email: c2report@...tf.org
All list and server information are public and available to law enforcement upon request.
http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
Powered by blists - more mailing lists