Full Article Attached mozdev Downed by Denial of Service Attack

Saturday July 5th, 2003

Pete Collins of mozdev wrote in to tell us why the site has been unavailable since yesterday. It appears that mozdev was hit with a massive denial of service attack targetting the Bugzilla and CVSweb CGI scripts. Pete and the mozdev team are working hard to bring the site back up and they plan to report this incident to the FBI. If anyone has any information about the attack, get in touch with Pete at

Update! Pete writes in: "People are coming forward to help out from all over the globe. Some are providing some tips about the attackers, others analysis of the logs and possible exploit used. Once again the community rises up to help out.

"In the mean time I have mozdev here in my basement and am working on getting the data over to the new server which we just purchased w/ donations the community has given mozdev.

"The worst case scenario is I'll have mozdev back up in days (I hope) w/ CVS and some other minimal services. We can't use the old system anymore. It is running an OS that is very old and is the root of our problems."

Another Update! The German magazine Heise has a report on the attack. A rough English translation is available from Google.

#24 Will AOL make donations to defend a "lone wolf"?

by Kommet

Monday July 7th, 2003 11:19 AM

You are replying to this message

The evil side of me is wondering if we now approach the point where someone needs to grab the Spamhaus list and start making housecalls.

I know it is immoral as anything, but perhaps MSN, AOL/Time-Warner, Earthlink, Yahoo, eBay, and others might make under-the-table donations to pay the defense costs for someone who thinned the spammer/cracker/DOS-er herd a bit for us.

Bear with me for a minute here. If there were tangible risks involved for the crackers or spammers (who are often the same nowadays) they might think a little harder about fucking with our infrastructure. The FBI may be a deterrant to some, but they move parts of the business overseas (or never come to the US or UK in the first place) and feel pretty safe from official prosecution. A few dead high-profile spammers might make a stronger case to those who remain that it is time to polish up the resume and go find a legitimate job.

Word gets around to the script kiddies that we are not coming for their computers but for their hides and maybe they leave well enough alone.

When writing a virus becomes writing your own obituary, perhaps you just return to surfing for pr0n (preferably with Mozilla! ;-) ).

Killing abortion doctors is morally indefensible because a valid moral argument can be made for what they do for a living. Before you can claim that you are killing a murderer you have to win the argument that they are in fact murderers.

Spammers, virus writers, crackers, defacers, and their ilk have no such defense...


Please, nobody take this seriously. If you don't know what to make of this, go read "A Modest Proposal" by Jonathan Swift. If you still don't follow (or work for the Feds and are investigating me for making terrorist threats), look up hyperbole in the dictionary. Also note the subtle fact that I'm only making speculative remarks.