If you have a TypePad blog, you will definitely know about the denial of service attack on Six Apart‘s servers earlier this week, when access to TypePad blogs (as well as other Six Apart services such as LiveJournal) was down for some considerable time.
Denial of service attacks tend to conjure up images of nefarious characters in Eastern Europe or some Far Eastern country trying to bring down a symbol of American commerce. Or some expert hacker just proving he can do it.
Think again in this case.
It appears that a company called Blue Security was behind the server crashes as they tried to avoid a spam blitz on their own servers, according to a report in Q Daily News:
[…] The people at Blue Security decided that the best way to deal with the attack was to point the hostname www.bluesecurity.com to their TypePad-hosted weblog, bluesecurity.blogs.com. This effectively meant that the target of the attack shifted off of Blue Securityâ€™s own network and onto that of Six Apart, and did so as the direct result of a decision made by the folks at Blue Security. […] Soon thereafter, the Six Apart network (understandably) buckled under that weight and fell off the â€˜net, and over four hours passed before packets began to flow again. […] Judging from the outage, itâ€™s unlikely that Blue Security gave them any warning â€” although who knows whether a warning wouldâ€™ve prevented the basement from filling up with water all the same.
Unbelievably stupid! I’d imagine Six Apart have had some conversations with their lawyers by now. Maybe that’s the reason why there is no mention of this on any Six Apart website.
[Update 5 May] Spam vigilante spat knocks out blog services – background story to this from InfoWorld.