When life gives you lemons, make lemonade?

[UPDATE: The message I received seems to have been sent by the spammers to discredit BlueFrog. That said, I don't relish the idea of being part of the collateral damage in the war between spamfighter and spammer.]

Bluesecurity is the maker of the infamous BlueFrog anti-spam solution that hits back at spammers by bouncing suspected spam messages back to the spam source. The anti-spam community at large hasn't approved of Blue Frog's practices, some even labelled the tool as a DoS kit, but nevertheless the reactionary approach to spam protection has its supporters.

Last week Blue Security's website was at the receiving end of a heavy DDOS attack probably launched by disgruntled spammers. Blue Security swapped DNS entries for their website with their blog that was hosted on TypePad. The result, all of Typepad, including LiveJournal was taken down. Naturally, there have been very few voices of support for Blue Security, even though in a sense they are also victims.

I just received an email from BlueSecurity (technically this is UCE since I never gave them my email address - they must have harvested it from one of the security mailing lists) announcing the launch of their DDoS network testing service that uses an "extensive botnet".

Wow! Now, I wonder if their botnet is the BlueFrog customer base? If that is the case, it is really, really scary. If not, well, it's still scary. Even if their terms of service allow it, and even if they don't launch illegal attacks it won't be long before underground hackers discover a way to operate the BlueFrog network in DDoS mode.

( BlueSecurity DDoS service announcement after the cut... )