|
- Readme First! -
Read and follow the rules, otherwise your posts will be closed |
|
|
|
|
|
There are currently, 293 guest(s) and 0 member(s) that are online.
You are Anonymous user. You can register for free by clicking here |
|
|
|
|
|
|
 A large-scale denial-of-service attack brought down the software maker's Web site, E-mail system, intranet, and customer-service operations.
By TechWeb News
 SCO Group Inc., which has been the target of intense criticism by open-source groups angry over the company's legal challenge of Linux, was struck Wednesday by a large-scale denial-of-service attack that brought down the software maker's Web site.
No suspects have been identified in the Internet-based assault that began at 4:20 a.m. MST. The company's Web site remained unavailable into Thursday morning.
Besides its Web site, the attack brought down the SCO's E-mail system, corporate intranet, and customer-support operations, the company said.
"SCO is working with law enforcement officials and gathering information through mechanisms that we have in place to help us identify the origin of these attacks," a company spokesman said in a statement. "We deplore these activities by those who try to intimidate or harass legitimate businesses through cyberterrorist tactics while hiding their true identity."
...
SCO, which claims to hold the copyright to the Unix operating system, has filed a $3 billion lawsuit against IBM, claiming the company violated its license with SCO by inserting some of its copyrighted code into Linux, the open-source operating system. SCO also has threatened legal action against companies refusing to pay royalties for the use of Linux, and has challenged in court the legality of the general public license governing the use of Linux.
Information Week Source
|
|
Posted on Thursday, December 11 @ 11:49:45 CET by Zhen-Xjell |
|
|
|
|
| |
|
Average Score: 1
Votes: 2
|
|
|
|
|
|
|
| | The comments are owned by the poster. We aren't responsible for their content. |
| | | | |
| No Comments Allowed for Anonymous, please register | | | | |
Re: Attack Fells SCO's Web Site (Score: 1)
by Audioslaved on Thursday, December 11 @ 17:53:26 CET
(User Info | Send a Message) http://www.audioslaved.com | This is total Spin, SCO are lying yet again. I suggest everyone who reads this be aware of what SCO is trying to do and read the following article at Groklaw.net, http://www.groklaw.net/article.php?story=20031210163721614
An admin comment at the bottom of the article with groklaw's article to reference against would be appreciated as many techies and fellow nerds troubleshot the situation and determined how SCO says they were attacked but people were still able to reach servers on the same network devices which also share the same pipe. This is BS, read this article and explanations from people who actually noticed this and took some action, including someone who called the upstream provider which said that there is no DDOS attack going on. Here is the article:
http://www.groklaw.net/article.php?story=20031210163721614
Groklaw has been a great aide in crushing SCO's PR war. SCO is totally lying and trying to skate and spin their way out of everything. Once you read the actual court documents and learn this case a little more, you to will be swayed from the actual evidence and realize half of the media outlets are acting as SCO's investors and the companies puppets, Don't let some snoddy press release they send out on presswire.com let you form your opinions, If SCO were being DDOS'd wouldn't getting it under control and restoring services take priority over issuing a press release, that's just me. |
Re: Attack Fells SCO's Web Site (Score: 1)
by allevon on Thursday, December 11 @ 23:11:03 CET
(User Info | Send a Message) http://www.AlleVonTech.com | | You got a valid point, and though Im not familiar with this war, I see how this could be true. However, one thing I want to point out, when sites come under attack or are being Joe-Jobbed, the first thing to do is issue a press release. To let the world know your not the actual spammer and so that you dont get black listed. Its a matter of self preservation which is Job 1. But If what you have said is true, thats just sad. |
]
Re: Attack Fells SCO's Web Site (Score: 1)
by Audioslaved on Friday, December 12 @ 00:06:13 CET
(User Info | Send a Message) http://www.audioslaved.com | I would totally agree with you if it was a case of spam, but this is a case of SCO saying there were attacked, DDOS'd by Linux hackers to be exact, when in fact nothing of the sort happened and that article at Groklaw proves it.
These people have waged a PR war against Linux, open source, and what we all stand for in most aspects, we all contribut to nuke, SCO case is like a closed source CMS company coming and saying that FB ripped key code off of them and therefore they will charge all of us for nuke, they own it, and everything we have contributed does not count because they own it. And without disclosing exactly what FB would have ripped off even after asking nicely for it, they would withhold the code we are using that is supposedly theirs and make everyone who uses nuke either pay for a license to use nuke, or use an alternative. In the meantime they would launch a PR war designed to spread fear, uncertainty and doubt (FUD) for everyone that would be interested in using nuke or making it better. That is a spin on the SCO vs. IBM/Linux case but towards nuke.
I could not see why they are pointing a finger to "Linux Hackers" anyway when they say they are still investigating the issue which happens to be non-issue, any Groklaw readers want to chime in here?
SCO claims (From there press release) this:
"This specific type of DDoS attack, called a "syn attack," took place when several thousand servers were compromised by an unknown person to overload SCO's Web site with illegitimate Web site requests."
And furthermore, a clip from the article at Groklaw:
SCO goes on to say:
"'The flood of traffic by these illegitimate requests caused the company's ISP's Internet bandwidth to be consumed so the Web site was inaccessible to any other legitimate Web user.'
Steve McInerney's explanation response to what SCO said (Security Professional in Australia)
"Interesting. If their bandwidth is consumed, then any servers nearby will also be inaccessible. That is www.sco.com has the IP address of 216.250.128.12 and ftp.sco.com has the IP address of 216.250.128.13 so the two servers are side by side, probably even on the same physical network hub/switch. Note that there is no room for a broadcast, etc., address - these servers are on the same subnet - i.e., on the same network device (hub/switch).
"Unfortunately for SCO, from Australia, ftp.sco.com is highly responsive. No bandwidth problems there that I can see - even though www.sco.com is still unavailable.
"The evidence then, is that their bandwidth is fine.
"So what about just the SYN flood? Well, even with patches, to successfully conduct a SYN flood you would tend to chew up available bandwidth anyway, which we aren't seeing. So I have quite strong doubts about the accuracy of this information.
"I feel quite comfortable in stating that SCO are NOT suffering a DDoS attack. Specifically not one that they have described. It looks to me like someone has accidentally kicked a cable out of it's socket or similar. Or a HDD failure or....
"Speaking as a Sysadmin/Firewall guy, my first priority in any attack is to solve the problem - not issue a press release.
"Dealing with an DDoS atack when your bandwidth is NOT eaten up is fairly simple. A quick and dirty script to read your firewall log(s) for incoming addresses that are trying the SYN attacks is fairly easy. Adding those IP addresses to a quick block list is also easy.
"Problem just goes away."
Last Point to make is that SCO's upstream bandwidth provider was contacted:
From Groklaw.net
Because everybody looking into this found that a traceroute ended at X0.net, I called them and spoke with tech support. I was told it couldn't reasonably be a DDoS, because he showed the ftp server still up. X0.net was not the block, in any case. "Everything is pointing to calderasystems.com," I was told.
Read the rest of this comment... |
]
| | | | | |
