SpamSlayer - should we DDOS spammers?

pointbeing writes "Just read this article about a company called Blue Security that essentially floods a spammer's website with requests to unsubscribe members - we're talking thousands of requests per day - the company's CEO says that fighting back by "inducing loss" against spammers is the only way to eventually stop them. Although I hate spam as much as the next guy, is participating in a DDOS attack the way to bring spammers to their knees? If it's okay in this instance, it it okay to DDOS the next guy who does something we don't like? "

Anti-phishing

[cjsnell]

DoS attacks are very effective against phishing sites. Most phishing scams utilize a CGI that e-mails the captured data to an e-mail address somewhere. By using a script which generates random data (see my sig), you can quickly render a phisher's data collection. Several factors can contribute to this. First, the flood of fake data can obscure the data that was captured from actual victims, Secondly, you can overflow the SMTP server that the phisher is using to process the captures. Finally, you may be able to fill the mailbox to which the captured data is being sent, although this is a bit harder with things such as GMail. However, the flood of mail from a single host may trigger sanctions at a free e-mail provider.

As a sidebar, I'm going to be releasing a new version of my anti-phishing tools in the next few days. I've added functionality which generates real-looking names and e-mail addresses and credit card numbers with valid checksums.

Chris