Slashdot Mirror
SCO DOS Harming Innocent Bystanders
An anonymous reader writes "The SCO-IBM-Linux controversy has certainly caused quite a stir. Unfortunately the vigilantes conducting the DOS attacks against SCO are harming innocent by-standers as described in this e-Week story. " Choice conspiracy theory quote: 'Given SCO's behavior recently, it's just as likely that they're attacking themselves in their continued attempt to pump up their stock price'
Oh, as if the UNIX scandal wasn't bad enough... now they are after DOS as well!!!
This is why script kiddies are annoying. They find exploits and other scripts/tools and then randomly use them thinking they know what they're doing.
This is why armchair slashdot readers typically shouldn't be lawyers [myself included], doctors, etc...
I hope they catch the people doing the DoS attack [probably as they brag how cool the attack is over some l33t IRC channelz] and beat their heads into the ground.
SCO maybe "evil" but you gotta think before you act!
Tom
Someday, I'll have a real sig.
I highly doubt that SCO is peforming this attack themselves. There are simply too many others willing to do it for them.
If a SCO executive ordered the self-attack, and a loyal SCO IT person (I want a shot of what he's drinking) carried it out, when the FBI comes calling, how far up the tree would the IT person point when he was arrested?
If a SCO executive was pinpointed in ordering a DOS (unlikely, but hey, Enron being publicly exposed was unlikely), how would that affect the Linux lawsuit? IANAL, but it seems like SCO execs would have nothing to gain from DOSing theirselves and only fines or Jail-time to face.
The next Slashdot story will be ready soon, but subscribers can beat the rush and slashdot the links early!
http://news.netcraft.com/
The SCO site has been up during business hours in Utah, but has since failed again. Many news sites carried the story that Eric Raymond had spoken to agroup responsible for a Distributed Denial of Service attack on the www.sco.com site and that they agreed to stop. However it appears that this may have been a hoax, or they subsequently changed their minds, or another person decided to continue the attack, or that the timeout on the attack has not yet been reached.
In a similar situation 10 days ago Microsoft chose to deploy Akamai's caching service, which has successfully averted any outages.
Akamai would be more dependable at warding off Distributed Denial of Service attacks than favours from Eric Raymond, but concievably SCO may have difficulty swallowing its pride and buying a service that uses tens of thousands of Linux servers, for which Akamai presumably has not purchased a SCO licence.
I don't think so, this is a PR war, and has been from the instant SCO started the FUD campaign. Linux users cannot be seen as a group of geeks with no respect for the law and proper buisness procedures. The very thing SCO needs right now is something to feed to the FUD machine, and the last thing geeks need to give SCO is ammunition.
Perhaps SCO placed the alleged IP infringing code into the linux kernel themselves. Maybe the code contains a timebomb so as to cause a distributed denial of service attack against SCO, giving them more publicity. I wonder when the Underpants Gnomes are going to sue SCO for patent infringement for their unique business model...
So much for trying to be funny...
Well, if their server had been running proper licensed SCO code then it would not only have survived the continual DoS, but would have shot down the attacking machines in droves...
...but no, they just want to demonstrate how crap Apache & Linux is, especially since it is stolen perversion of all of SCO's IP. And what an effective demonstaration it is, why that must be propping up the stock value by about 99%
;-)
Since when was there conclusive proof that SCO were actually being hit by DoS/DDoS?
I remember reading elsewhere that it's entirely possible that they've just taken down there site of their own accord.
Another US$100k to the senior VP on Tuesday last week.
Makes it One Million Dollarsin two months.
Reginald C. Broughton...come on down!
(so it's OT, but keep watching these bastards).
-- Free software on every PC on every desk
Eventually SCO will go broke trying to win its laughable lawsuit. IBM has the resources to fight the case and the Open Source Community shouldn't worry about a few lost revenues in the meantime. One of the reasons why Linux has been able to take on Microsoft is the fact the M$ can't undermine the open source revenue stream when it is practically non-existant.
In the meantime, is there any reason why we should stoop to SCO's level?
Looking for a job?
Want your resume written professionally?
DON'T USE TUNAREZ!!!
Who exactly isn't an innocent bystander here, besides SCO and IBM? SCO has been harming a massive number of innocent bystanders throughout this whole process (for example, the 1,500 Linux-using companies that they sent letters to, costing them legal time at the very least). No, two wrongs don't make a right and it sucks that the DOS attacks are harming innocent bystanders, but why is eWeek focusing on that when SCO is harming so many more innocents?
Next McBribe will be showing off a server stats chart to stock holders as proof of sco's growing relevance in the high tech world.
I've noticed that the net seems to have been particularly slow recently. Checking on Xaffire Inc.'s Internet Average it's obvious that there are a few problems. Could this be a combination of the various DDoS's occuring at the moment and the recent worms?
There is absolutley no justification for DOS'ing SCO.
DOS attacks are the internet equivalent of standing outside someones home playing heavy metal at 140 dB.
I'm puzzled as to what the guys making the attack hoped to accomplish.
To punish them for lying about linux? Their reputations are already in the toilet. Only ignorant fools are buying into their claims anyway.
To protect Linux? If one thinks about it, SCO has not harmed Linux in any meaningful way! The free distro's are there, and will be there for a long time. All they've done is slowed down adoption by the more clueless managers, which is really no big deal. Their legal claims about the GPL being invalid are such arrant nonsense: they won't stand in court. No matter what happens there will always be a GPLed kernel we can use.
To let them know we think they suck? Well, considering the increasingly defensive and irrational stances that they are taking, I think they already know that. The rest of the world is not buying into their claims. Even if their claims of hundreds of "licenses" sold are not wildly exagerated, that would mean 1% adoption rate.
To prevent people from doing business with SCO? I think that's pretty unethical. If people want to do business with SCO, let them. It's their choice if they want to throw good money away on vapor-ware of bad product. Would you prevent a stranger from buying cigarettes with his own money?
I know alot of people think using force to shut people up who say things you don't like is OK. But those people should take a look at the impression this gives to the non-geek world. They just reinforced the impression that OSS proponents are whiny immature people.
I think the guys behind the attacks scored an own goal.
and all I got was this lousy T-Shirt.
Slashdot.. Land of nerds, trolls, and FlameBait..
My company hosts at the same Data Center. That center is a professional setup. They have good redundant internet pipes from multiple providers. A DoS attack based on flooding would be quite difficult. Some other big players are there as well. No one has recieved this collateral damage. I believe CenterShift is having trouble with poor server administration, maybe even some problems with Sobig or variants and are trying to blame someone else for their down time. We keep a close eye on things and if something is happening to SCO it is not hitting other customers.
On another note, the center is also owned by the Canopy Group and is very Linux friendly. Many of thier comercial offerings involve Linux and their monitoring is based on Cricket. I wonder how they (and other Canopy Group companies) are feeling about this whole mess.
That probably confused you just as much, but I hope that makes the gibberish make sense.
"'Stepping aside from the issues of how, architecturally, this would have spilled over into Centershift's domain, it should be known that bystanders are being injured as this war rages on,' Hafen added."
Problem is, you can't really "step aside" from the architectural issues given the point he is making. The DDoS attacks on SCO have been exclusively aimed, as far as I can tell from the reports, at their *web* sites -- which appear to be located in a Denver co-location.
If the attacks had been aimed at SCO's mail server, or local ISP connection, then then Hafen might have a point. But unless he's using the Denver co-lo for his office connection and e-mail, then I think he just has a problem with his ISP that is unrelated to the DDoS attacks on SCO.
Besides which, I'm still not convinced SCO experienced any kind of DoS last weekend. I think they just came down for maintenance, and have since used misleading - but not outright mendacious - statements to "confirm" that they were attacked:
a) "SCO considered issuing a formal statement in the matter,
said Stowell, but decided against it."
Because a formal statement would have been a denial of the
attack?
b) Stowell has also told the press that the "latest" attack
has been reported to "law enforcement authorities".
If the "latest" attack was in May, then Stowell's statement
would remain as true as if the attack was in August. Note also
the vague phrase "law enforcement authorities" rather than
specifying which agency was contacted, as if Stowell didn't
want anyone following up on the matter. In the May attack,
Stowell was very specific as to which agency the attack had
been reported to - the FBI Cyber Crimes division.
c) When called, people working for SCO either don't know why the
web site is down, or say it was down for an upgrade or
maintenance. I know, because I was one of the people who
called, and I documented the conversation at Groklaw
(http://radio.weblogs.com/0120124/, about 2/3 down the page).
d) The recent outages generally start during non-business hours.
SCO possibly had a short DoS attack on Friday afternoon, but
there is no way it kept them down for 3 days; the utter
vagueness of their public announcements regarding it do not
lend confidence to the idea that they experienced any DoS
attack at all; their own employees have consistently told
callers that the site is/was down for maintenance; sites on
the same Center 7 network (canopy.com) were responding
without problems during the SCO outages; and even SCO's
public statements have confirmed that outages since the
weekend outage were for maintenance:
The outage prompted Netcraft to declare that
SCO was again the target of a DoS attack. However,
the outage was actually due to preventative
measures taken by SCO and its hosting service to
mitigate the effects of future attacks, according
to company spokesman Marc Modersitzki.
(http://www.eweek.com/article2/0,3959,1233231,00.a sp)
So, in short, I think that a) SCO didn't experience any DoS attacks, and b) that Centershift / Hafen has problems with their ISP and should get a new one rather than making statements to the press that their Internet problems are due to inadequately verified DoS attacks on SCO's webserver in Denver, hundreds of miles away from Centershift's Salt Lake City offices.