A site used by hackers to expose source code for two of Symantec\u2019s enterprise security programs has been hit by two denial of service attacks this week.\n\tPastebin.com, a text-file sharing service popular with both legitimate and criminal hackers, was taken down on Tuesday and Thursday. The site was used to announce the theft and future publication of source code for two of Symantec\u2019s enterprise security programs: Endpoint Protection 11.0 and Antivirus 10.2. Symantec has confirmed that the code for the two programs \u2013 both more than four years old \u2013 has been compromised. (The post has since been taken down but can be read in Google cache.)\n\tIn a statement the company said, \u201cThe code involved is four and five years old. This does not affect Symantec's Norton products for our consumer customers. Symantec's own network was not breached, but rather that of a third party entity.\u201d The company has also said it has no indication the disclosure harms the functionality or security of Symantec's solutions and that it had no evidence of customer information being compromised.\u201d\n\tThe code wasn\u2019t taken from Symantec but from a third-party. The hackers claim that it was \u201cfrom the Indian Militaty [SIC]\u00a0Intelligence servers, so far we have discovered within the Indian Spy Programme source codes of a dozen software companies.\u201d\n\tCris Paden, a spokesman for Symantec, said the company was unaware of the attacks against Pastebin until I asked them about it. He also said, \u201cWe would never condone such an attack. We don\u2019t use attacks to protect ourselves or our customers.\u201d I have not been able to reach anyone at the Indian Defense Ministry for comment yet.\n\tGiven Pastebin\u2019s status as a favorite resource for groups like Anonymous and Lulzsec, there is no shortage of groups who would have a motive for acting against it. Clearly, this kind of action is something more often associated with security agencies and black-hat hackers. Still it does raise an interesting question: Is a pre-emptive counter-attack ever a good idea for companies seeking to protect their data?