To report a botnet PRIVATELY please email: [EMAIL PROTECTED] ---------- Well, I went to visit pipikaki, the project named as Black Frog.
Obviously, this guy has no intentions to destroy the Internet, and I don't believe he even represents the pipikaki project, but it's an interesting look at how people view the project. Here is a chat I had on their IRC channel: <Arancaytar> hello <tortanick> intrestingly no one seems to know the fact black frog is not being used as a name <Arancaytar> Who calls it black frog? <tortanick> Cnet mainly, and everyone's copying them <ge-> well, red frog will soon show up. don't feel special. :) <Arancaytar> red frog? <ge-> and 10 other such frogs... <tortanick> yep :) <tortanick> but here, and now, there is only okopipi <Arancaytar> anyway, I think cnet also mentioned the name Okopipi - not for the product, only the project though. <tortanick> they did <ge-> they did <ge-> i personally believe the project is doomed to failure, much like blue security was a complete idiocy to begin with... but who am i to not let people try? <tortanick> I posted in the comments a few corrections, but I'm not sure who to E-mail <tortanick> well ge-, why do you think so? <ge-> hmm <ge-> okay, let me put it this way <Arancaytar> Anyway, what is redmond magazine on - "after spammers cracked the Blue Security code, the company decided to shut it down." ( http://www.redmondmag.com/reports/article.asp?EditorialsID=296) <tortanick> drugs J/K ;) <ge-> even if DDoS by itself wasn't hurting the Internet badly <Arancaytar> I don't remember the spammers "cracking" anything in the client though. <ge-> even if DDoS didn't attack the server and whoever is on it, not just the spammer (in the rare case it's the spammers server and that they didn't move on by the time you attack them) <ge-> even if it doesn't affect the ISP <ge-> or the Internet <ge-> you nearly never attack the spammers <ge-> they buy 5K domains a day, use one for spam, and throw it away <ge-> same goes for IP's <ge-> (servers) <ge-> so who do you attack? <ge-> further, P2P is just as vulnerable to attack <tortanick> we don't go after spammers, far to hard a target. But there are statioary websites, the ones who advertise by contracting out to spammers <ge-> that's my 2 cents <tortanick> we go for them <tortanick> and blue frog proved it works <ge-> these change even faster <ge-> nope, they really didn't <tortanick> obviously not <tortanick> they got 6 out of the 10 biggest spammers to scrub their lists <ge-> why do every anti spam guy out there say blue security is wrong? <ge-> you really believe that? <tortanick> yep <ge-> i will give you a very good reason why they didn't <ge-> they said they "protect their users", correct? <tortanick> why did all their customers reporting a drop in spam? <ge-> do you honestly believe that? <tortanick> yes <frip> well, that really happened to me, for instance <ge-> first, a list of known anti-spam people is always good for spammers. second, a list of confirmed addresses is even better. this has been attempted before <tortanick> and if it didn't work who would be willing to work on Okopipi <ge-> plus, blue security claimed their users are safe, yet they gave their lists to spammers <tortanick> they gave encrypited lists <ge-> people like you, who want to do good, know their stuff, but don't understand the mafia world of spam and the current technology <ge-> no, they didnt <ge-> see, let me ask you a question <omry|work> ge-, they didn't give them the list. they gave list of hashes. its not the same. <ge-> if you are a spammer, and you run a tool that removed addresses from your list, can't you see what addresses were removed? <tortanick> You can <ge-> okay, you run the hashes against their hashes, same difference <tortanick> thats how the spammers got the addresses <ge-> yep <tortanick> but they had those addresses allready <omry|work> ge-, of course. it was very clear to me that this is what they did. <omry|work> (spammers) <ge-> further, they said that they remove random addresses <ge-> and that way are safe from being found out (their users), right? <tortanick> add random addresses <ge-> exactly <ge-> now, answer me this <ge-> if you are a spammer, and you know that every time you run their tool, you lose random addresses that may want to get your spam.. would you run it? <ge-> every time you lose more potential customers <tortanick> if you don't run it your clients refuse to deal with you <tortanick> so yes I'd run it <ge-> spam is good business <ge-> they have clients <ge-> those who buy from spammers obviously don't care about blue security <ge-> so why should they? <tortanick> All the more reason to clean the lists <tortanick> remove antis and you've only got customers left <omry|work> because bsec put presured their clients. (advertisers) <ge-> so: 1. they never attacked real spammers, just the INternet and innocent bystanders, and 2. their lists were always compromised to begin with, and no spammer would use them <tortanick> in a word, wrong <ge-> why is that wrong? <tortanick> people who pay spammers to advertise are not "innocent bystanders" <ge-> ahh, but these people are the spammers and the mafia. further, their sites move IP's even every 10 minutes and a domain every time they make a spam run. so you never attack spammers, just innocent bystanders and the Internet <ge-> maybe you get lucky, sometimes, but the spammer already moved on <tortanick> thats not true ge- <ge-> yes, it is <tortanick> those sites are stationary <ge-> which? where? <tortanick> or at least, enough of them are for BS to make an impact <ge-> i can show moving sites * NewOkopipiUser ([EMAIL PROTECTED]) has joined #okopipi <ge-> can you or BS show stationary sites? <tortanick> I'm sure spam experts can show static <ge-> exactly <tortanick> I can't though, I don't get spam <ge-> spam experts - ALL OF THEM, show BS was wrong <tortanick> well mailwasher didn't for one. <ge-> show me a second one, and you will get 2 out of 10,000 <ge-> and the clueless ones at that <ge-> all i am saying is <ge-> don't take my word for it <ge-> check the facts on your own <tortanick> I did <ge-> and? <tortanick> Blue security was the target of a DDoS, its important enough to be a target <ge-> of course <ge-> the spammers got pissed and attacked <tortanick> Download.com gave it a good rateing <ge-> is your purpose to get attacked? <ge-> okay, so you do this for a good download rating, making people believe they are fighting spammers when they are not? <tortanick> nope, but you said BS would just be going for sites that vanish to quickly to do anything <ge-> or sites that the spammers don't care about or own <ge-> yes <tortanick> Download.com is very hard to rig <ge-> download.com is not a spammer nor was spammed that i know of <ge-> they offered them for download <tortanick> if the spammers didn't care about those sites, why did they launch a DDoS? <ge-> do they need a reason? <tortanick> yes <ge-> first, we can't prove it was the spammers, second, I believe it was them <ge-> they got pissed <tortanick> DDoS uses botnets that can't be used for making money at the same time <ge-> so they got BS down <ge-> i happen to know a thing or two about botnets <tortanick> proving BS was effective enough to piss spammers <ge-> and you can use them for whatever you want <ge-> ahh, so your goal is to piss spammers off and get them to ddos the internet? <tortanick> nope, thats just proof that BS worked <ge-> i am not trying to attack you, i am trying to show you that maybe you didn't think this though <ge-> through <tortanick> we did though <ge-> so, because you piss someone off you were successful? <ge-> apparently not enough, no offence. :) <tortanick> yep <tortanick> piss someone off and you've obviously found a way to affect them <ge-> okay, so if spamhaus goes and says spammers suck, they won't get attacked too? :) <ge-> it's about who mouths off more. <tortanick> spammers are secrative, they ignore "mouthing off" <ge-> okay, so let's start a war. we will piss spammers off without affecting their business, and cause a network wide ddos attack <tortanick> you have to hit them in the wallet <ge-> you obviously don't know much about spam or anti spam <tortanick> and even if that were true <ge-> no offense, but i'd suggest cluing up <ge-> as others less nice than me will ask you these same questions <tortanick> causing them to rampage across the net would finally wake the governments up <ge-> ahh, so it's a Scortched Earth strategy <ge-> your goal in this project is to cause the Internet to die so that the Government gets involved? _______________________________________________ To report a botnet PRIVATELY please email: [EMAIL PROTECTED] All list and server information are public and available to law enforcement upon request. http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
