I don’t get it … no really, I don’t

Why on earth would someone launch a DDoS against us (technically a domain we host)? It is in progress right now. Main attack vector is via email/spam bots. If anyone out there wants me to gather specific data on the attack, please let me know. Pretty good logging of most things here.

According my trusty mail meter, we have repelled something like 0.2M emails in one day. Ballpark of 145 messages per minute. Seems to have started in earnest on saturday.

Allow me to wonder aloud exactly how much this cost the person or persons to do. I really don’t get it.

I am wondering if passivity in the face of an on-going effort like this is the right stance. I suspect not. As long as the cost to perform these actions remains marginal, and as long as the cost in getting caught is low/minimal, what reason do they have to stop? Maybe active deterrence is needed.

Regardless of that, this would not be possible without a platform upon which to build and deploy the Bot-NET (sort of like “Dot” NET …)

Update: Hmmmm … starting to apply some basic analysis on this
A little bit of quick scripting is showing something on the order of 7000 unique attackers. Slowly growing.

We may start to have some fun with these folks …

Update 2: Playing with my new friends (cue evil laughter). Within 15 minutes this change has an effect. More in a bit.

Viewed 6899 times by 1368 viewers