Slashdot Mirror
SCO Group Web Site Attacked Again
FreeLinux writes "With not much SCO news today, it seemed that this story was needed - Reuters is reporting that, SCO is again suffering under a DDoS attack that has crippled their web site and email system since Wednesday morning. For the third time this year, the SCO Group's Web site came under attack, apparently by hackers unhappy with the company's legal threats against users of the Linux operating system. The denial-of-service attack started at 6:20 a.m. EST Wednesday and continued through the day, said Blake Stowell, spokesman for the Lindon-based company."
Grow up. Settle it by the law.
...and the happy folks at Groklaw already have a statement up with arguments to effect that SCO is fibbing. They think the attack could be a hoax.
You say
I don't see how this is going to help. Knowing SCO, they might try to make themselves the martyrs and use the attacks to cast a bad light on the Linux community in general. This issue has already gotten nasty enough anyway.
If my answers frighten you, stop asking scary questions.
...by Eric S. Raymond.
He makes it clear that SCO is attacking everyone, but he opposes DOS'ing them saying that "the open source community must use the truth, not criminal methods, as its weapons." Nicely done
The Army reading list
... do we have to say that this is exactly the kind of thing that we DON'T need? DDoSing them because you are unhappy with the way that they are doing things does nothing but to put a bad name on Linux, its users, and the whole issue in general. All you are doing is sinking to their level, rather than being mature and letting the battle be fought the way it should be, in court ( or, if worse come to worse, with torches and pitchforks in front of SCOs headquarters ;) ).
And so we go, on with our lives
We know the truth, but prefer lies
Lies are simple, simple is bliss
There's been a ton of discussion of this on Groklaw today -- consensus is that either this is no attack, or their network is run by doofuses.
that everytime Darl is sitting on the john dropping a deuce (of course, we know that he is full of shit) and clogs up the toilet, he blames it on a DOP (denial of plumbing) attack by Linux users!
Press release to follow.....
No trees were harmed in the composition of this; however, numerous electrons were inconvenienced.
SCO launches a lawsuit against the anonymous hackers.
In related news, SCO caims ownership of "ping", and will licence it starting at $1000.
Don't waste your vote! Vote for whoever you want, unless you live in a swing state it won't matter anyways
... for obvious reasons.
Simma down, now.
Folks, if it's a SCO story, check with Groklaw before passing judgment. For every bit of FUD coming out of Linden, a blast of anti-FUD is lobbied back.
Are they dossed? it seems i can't connect to sco.com . Oh Wait, maybe it is slashdotted =)
http://www.groklaw.net/article.php?story=200312101 63721614
If it is a DDoS attack, SCO are incompetent for not blocking it. Or it is just more FUD.
Head over to Netcraft News and see how this server "died". If this is a DDOS attach I am Queen of Spain.
Help fight continental drift.
...a Slashdotting?
Crybabies!
This Like That - fun with words!
This is a load of rubbish. See Groklaw for a much deeper and more insightful look at what really happened, a full explanation of the technicalities of the DDOS attack (claimed as a SYN attack that took up all the bandwidth and flattened their e-mail - and yet you can still get to ftp.sco.com (on same subnet), smtp.sco.com all other XO.net fed servers. Groklaw also noticed that the machine was down well before the press release claims and that it went straight down - no hiccups or other indications of a DDOS attack, just a straight gone - switched off or unplugged most likely.
See the netcraft stats for that little bit. If SCO make any claim that this is a DDOS, they are lying through their teeth and the evidence was collected as it happened - see the members zone at Groklaw for the raw Traceroute returns.
An infinite number of monkeys will eventually come up with the complete works of
More like "crying wolf", people. Lies and the Lying Liars Who Tell Them, Second Edition?!
It's all of those corporate Linux users beating down their door to buy licenses. Hurry and get yours today before they're all gone!
As seen on Wired: Get a free desktop PC
Come on, Slashdot ... putting SCO on the front page (multiple times sometimes) day after day after day ... and you don't call that deliberate Slashdotting^WDDoS?!
I call BS.
Expect letters from Boies and company any time now. "SCO Sues Media Giant Slashdot" the next headline?
Dlugar
Computer Go: Writing Software to Play the Ancient Game of Go
This story apparently inspired some poor systems peon at sco to set up email autoresponse to the email address mentioned in the story.
I tried it, it works. At least someone at SCO has some sense of humor.
Buford "Mad Dog" Tannen
I expect the blatient misuse of hacker as a synonym for computer criminal in the mainstream press, but I woulda hoped that Slashdot would do better.
"Mission Accomplished" -- George W. Bush May 1, 2003
I thought the same thing.
I mean, what the hell is " apparently by hackers unhappy with the company's legal threats against users of the Linux operating system" supposed to mean? I think that is a dangerous assumption. After all, it is probably Windows machines that are the 'bots, right?
How do I enlist my computer as a zombie in the horde to attack SCO?
Cyde Weys Musings - Scrutinizing the inscrutable
According to Groklaw, not only is it implausible that this is a real attack, it's not even competently done. SCO blames a SYN flood, which is trivial to ignore. Their ISP hasn't had anything to do about it. While they say their email server was down, it actually wasn't. Their FTP server on the next IP over (and on the same block of addresses) had no problems. Their internal network almost certainly isn't anywhere near their Web server, network wise, and, if it was, it would almost certainly have a firewall that's not the web server.
It's clear that SCO's run out of technical people; not only are they faking technical problems, they can't even make up a technically sound attack on their own systems.
...playing for the sad souls at SCO...
I find it quite sad that our community has to loudly distance itself from supposed DDoS attacks and such against SCO while SCO makes a total mockery of the legal system and justice in general with their current campaign. For those who may not have noticed some earlier posts, discussion on Groklaw has brought up the possibility that this isn't a DDoS, but either just idiotic network admins on SCO's part, or perhaps even an intentional takedown to *cough* allow for a nice bit of publicity on their part. Whatever the true case is (and I'm not advocating any as the real one, I'll leave that for others to decide), SCO has certainly scored some nice negative publicity towards the OSS crowd, even if the DDoS is real and the attackers have nothing to do with OSS.
IIRC there was an earlier supposed DDoS against SCO's servers that turned out to be that the servers were just down.
In any case, it's nice to see the /. crowd (as always) advocating fair play and not using vigilante justice. Too bad SCO doesn't seem to believe in the fair play bit.
While I in no way condone this, it's to be expected. SCO is pissing off a lot of people, and this is the kind of thing that is bound to happen when geeks are rather peeved. Granted, it shouldn't happen, but neither should any criminal activity. Not everybody is as mature is *cough* the /. community here, where we all shun such actions. I'm rather surprised it hasn't happened more, actually...
That being said, SCO is probably revelling in this, even if it is genuine. In fact, DDoS is probably one of the perks to this whole thing - it makes everybody but them look bad, and they come out perfectly clean to the media. Playing the innocent little child who got their candy stolen, I dare say.
From the article header:
For the third time this year, the SCO Group's Web site came under attack, apparently by hackers unhappy with the company's legal threats against users of the Linux operating system.Where in the article did it say this? I certainly can't find it.
Slashdot editors might want to RTFA before approving a post. The submitter of this one got a wee bit overzealous.
Karma: Frotzed (mostly due to the Frobozz Magic Karma Company)
Look at what SCO does to the Linux community.. fractures and bickering... Destroying something that was supposed to be moral and good for all.
One can almost feel the power of the ring at work....
I work in the Canopy Group office buildings at another (non-evil) company. We're all serviced by Center7 and the last time there was the confirmed/acknowledged DDOS attack we felt it hard. Getting to hosts outside of the building was very difficult all day.
No hiccups today. Center7 did promise last time that they could and would isolate everyone else from SCO, so there is another explanation, but...
Tweet, tweet.
I would like to suggest that, once this case is finally settled, Slashdot begin using the caldera systems icon for "Laugh, it's Funny" instead of the Monty Python foot. I know I already associate that blue and red C with a good humourous story.
Jedidiah.
Craft Beer Programming T-shirts
Ahhh, but you see the sco.com website runs on Linux...
An infinite number of monkeys will eventually come up with the complete works of
(This would have fitted on a single CD. I think we should add environmental terrorism to the list of SCO's offences.)
Well... pending on how one wishes to view the situation it could also be described as a "sit in" a-la what the hippies did years ago. Civil disobedience as such. Yes, I know it is not the same thing, but it is not that different.
That being said *IF* the DDoS is coming from compromised machines without there owners permission that is criminal but if it is otherwise (read: users permission coordinated demonstration) then calling it criminal seems a bit harsh. Digital Civil Disobedience seems more accurate.
It is highly suspect that a company who's web site was felled by an ancient and easily defended 'attack' was able to so expertly and swiftly identify the cause in time to write up and distribute a press release before the close of business.
I've been folowing this story all day and the last thing I expected to see on /. was a regurgitation of "facts" with a 'questionable heritage'.
Several sites (groklaw, lwn) have already pointed out that the claims of being hacked should be viewed with a liberal ointment of skepticism for any of the following reasons;
one better than mcleodeight
This is getting just annoying. As has already been pointed out, the facts point to this being another hoax. However, as not everyone else in this community knows much about Security, let me add my few years of experience in to help those who don't understand.
I should point out, this has pretty much been covered by Groklaw already and my methods don't vary too much from those already posted by them.
SCO claims their email and web servers are unavailable because of a DDoS attack that has also infiltrated their Intranet and affected helpdesk services as well as other internal services. If this is the case, then it is more than just a DDoS they're suffering, or they are negligent in the highest order for failing to take simple steps to ensure a risk mitigated environment for conducting business within.
Lets start with their Mail Server.
Everyone has a backup mail server, usually hosted by a 3rd party to ensure that if your primary mail server is offline for any reason, mail can still be delivered successfully. The fact that SCO claimed their mail servers were unavailable suggests they either failed to purchase this extremely basic service or their setup is absolutely wrong by anyones standards. The purpose of multiple MX records is for this exact situation. You start with a high priority MX record (say 10) and work your way down the order (usually in steps of +10, so the secondary is usually 20).
Their Web Server
Their webserver is hosted on exactly the same subnet as their ftp server. However, during this attack, their FTP server has been available to anyone thats tried to connect to it. If they were suffering a DDoS attack of the proportions that SCO claims, this server would also have been affected and taken offline. Yet this is not the case. This blows open entirely the philosophy of a DDoS attack without any of the further evidence.
SCO has alluded to the fact that the attack is a basic SYN Flood. A very simple and old attack that has been blockable by nearly every appliance and OS for the past 3 years at least. Yet if they are suffering as they claim, then they are guilty of negligence for failing to apply patches or even configure their platforms correctly. Its very easy to turn the SYN Cookies on in Linux (sysctl isn't rocket science) and just as easy in something like a Cisco Router/PIX Firewall or a Checkpoint Firewall.
The claims that this has adversely affected their intranet suggests that the intranet is in some way exposed to the Internet. Even more alarming is the fact that it disabled their Helpdesk services for a period as well. This would suggest that their network has absolutely no perimeter protection of any kind. The smallest flaw in a product they use could apparently be used to access their core network infrastructure. Isn't that where their source code and IP documentation are kept? I'd start getting very worried about now if I were an investor.
Due diligence is a core principle of any company. That includes ensuring that the services relied upon are securely and properly setup and maintained. If SCO truly has been affected by an attack of any kind on the magnitued they're claiming, then they should be legally responsible for the results of their failure to perform due diligence. (However, IANAL so don't quote me on legalities, especially given I live in NZ, not the US).
In short, the supposed attack on SCO does not add up at all. In fact, if they are being attacked this time round, they are in serious legal trouble themselves if their reports are accurate.
I would also question why they have released this to the press as a Press Release instead of getting on with fixing the problem as quickly as possible. Also, how is it that their mail services are now restored, their FTP server never offline, yet their website remains offline? Surely, a DDoS would affect both.
Not to mention the fact that it would affect SCOs upstream provider who, when contacted last time, saw absolutely no evidence of an attack in progress at a
Wasn't it just a flood of Linux license payments?
"She's a West Texas girl, just like me" - G.W Bush Iraqis
so does that mean they can sue themselves?
Darl McBride, stumbling drunk (as usual) around SCO's headquarters, accidently tripped over the server's power cord.
SCO's technicians are busy working to fix the problem.
---
Never criticize religion on Slashdot. You will be modded down for "Troll" no matter how factual it is.
just out of curiousity, what do you think makes people assume that any attacks on sco are from the linux community? to me, its almost as if walmart.com got attacked and everyone blamed the mom-and-pop stores. ridiculous.
Gyrate Dot Org - "Where high-tech meets low-life"
It's amazing that they are only DoS'd during their employee's working hours.
They probably wanted to announce at the meeting on December 22 that, under cover of this DDoS, evil hackers broke in and deleted all the evidence SCO was surely about to hand over to the court. Then, having learned from OJ and the Ramsey parents, they'd go hire a detective to seek out the evil people responsible for the death of their case.
Get off my launchpad!
Distributed Denial of Stock?
SCO quicly respond by sending a quickfix pressrelease.
God is REAL! Unless explicitly declared INTEGER
The group(s) would be attacking all SCO boxes online rather than just a single web site. Why take down the company if you can simply make their customers quit buying their crap. No, I suspect this is just a hoax.
I prefer the "u" in honour as it seems to be missing these days.
Careful.
There is a decent chance that their claims are designed to inflame.
Claim the Open Source community is behind it and you get a bunch of people who have already been accused starting to think they may as well commit the 'crime' for which they are being blamed.
Sure the claims made by SCO have always been seen to be ridiculous, from a technical POV. But their point has never been to convince the geeks. They are playing to a larger audience and seen in that light their bumbling and fumbling, technically, starts to look a little more deliberate.
Call me paranoid, but SCO could be trying to create the incident they claim is ocurring right now.
WARNING: I'm going to vector some rumours here. Feel free to slap them down if inaccurate, as I'm too damned lazy/tired to investigate myself right now.
There are some rumours floating around the Yahoo SCOX message board that several directories containing Linux source code, such as patches and updates, are now missing from SCO's ftp server. Months ago, many people pointed out that SCO itself continued distributing copies of the kernel in support and updates directories on their ftp server. There is also speculation the strangely internal nature of this so-called DDoS attack may be part of an Ollie North operation to prevent certain evidence from falling into IBM's hands via discovery.
SCO's execs need to read The Boy Who Cried Wolf a few times, and learn the lesson within. Darl, unlike Ken Lay, does not have close friends in the White House, and probably would not escape prosecution for any illegal acts being committed under his watch at SCO.
Someday, you're going to die. Get over it.
The fundamental principle of civil disobedience is found in Thoreau's formulation that "Under a government which imprisons unjustly, the true place for a just man is also a prison." An act is not civil disobedience unless the protestor is at credible risk of being arrested. For a protest to deserve the honor of being described as civil disobedience, it requires risk and sacrifice.
Gandhi spent time in prison. As did MLK. And so did many of the serious anti-war activitists in the 60s.
There's a second issue. SCO is not a government. There is recourse through justice against SCO. So civil disobedience is, again, not appropriate; civil disobedience is directed against a government guilty of an injustice which cannot be redressed through ordinary means.
Those launching a DDoS against a company that's doing something stupid are risking nothing, are sacrificing nothing. They are also providing SCO with ammunition in their attempts to paint all Linux users as criminals (pirates, copyright violators, communists!). They're vandals, pure and simple, and the fact that they're vandalizing an asshole's house isn't a valid justification.
ir.sco.com = 170.224.5.43
www.sco.com = 216.250.128.12
Your posting is NOT very informative, go back to MCSE school please.
Can we get an edit for the groklaw link on the mainpage? Anyone who just skims the headlines is going to get a very skewed impression of todays events.
All this looks rather dodgy. Maybe they just hope to get slashdotted and then claim that this was the DDOS attack...
that Darl hung himself on the powercord from the webserver? Nah, to good to be true...
Stop the Slashdot effect! Don't read the articles!
oh. Wait...
Bad hackers! Bad! No soup for you!
"terrorism" and "pedophilia" are the root passwords to the Constitution
They had a 3rd person connect to their 2 user version of SCO Unix?
To know that you know what you know, and that you do not know what you do not know, that is true wisdom. --Scooby Doo
Something is suspicious about the announcement of a DDOS on a bad day for SCO stock (note that SCOX stock fell quite a bit today). Most likely, it is to divert attention from the real problems (investors speaking up, etc.)
/. lemmings went on a limb claiming "oh, c'mon guys, don't let *us all* get into distepute."
Some of the wall street lemmings will fall for this, just like many
S
No one can fall victim of a SYN flood attack these days. You don't need a DDOS with "thousands of servers" to do a SYN flood attack. SCO's ISP isn't suffering anything related to a DDOS attack. The shutdown pattern of the SCO's servers shows that they were unpluged. Groklaw has a good disection of the hoax.
/. editors waiting for, in order to update the story stating it as a fraud from SCO.
Therefore, I would like to know what are the
I wouldn't be surprised if SCO issues a press release tomorrow saying that the evidence they were going to show in January 5 was destroyed.
This is just too much. I thought "evil corporations" existed only on comic books, and hollywood movies.
SCO has launched a denial of truth attack against the linux community.
ftp.sco.com has an adjacent ip, probably on the same switch, and it is perfectly responsive. It's not a bandwidth clogging attack.
If this is honestly a DDOS attack, then there's bound to be more than enough logs on the servers. If they claim this caused any problems with their discovery, they will be asked to provide backup tapes and log files.
To destroy logs related to the attack or backup tapes that may contain evidence would be criminal at this point. If backups and logs don't exist, there will likely be inquiries on SCO's execs.
On a personal note, I must admit that this looks "fishy", but it'll all come out in the wash...
The following machines are running currently-reachable FTP servers:
216.250.128.7
216.250.128.13
216.250.128.14
216.250.128.15
216.250.128.16
216.250.128.17
I was able to download /pub/ls-lR from ftp.sco.com (216.250.128.13) 74.91 KB/s (600 Kb/s). My broadband is rated at 640 Kb/s, so the bottleneck was likely at my end. These machines are almost certainly on the same subnet and are likely connected to the same gear (SCO's subnetting is their choice, but if ftp.sco.com and www.sco.com are on different subnets, their subnet masks are 255.255.255.254 and they must have only two IPs per subnet - I don't believe this is even possible as you need a network and a broadcast IP for each subnet).
The fact that all of these machines are reachable and that at least one of them can saturate a broadband link indicates that SCO is not having any bandwidth problems. I also performed some ICMP tests and the machine is not sending out port-unreachables, timestamp-replies or netmask-replies - these seem blocked upstream. I'm getting a little nervous sending out these funny packets as I don't want anyone to accuse me of anything, but everything indicates that the machine is completely offline. If they allowed some ICMP replies through upstream, receiving a reply would show that the machine is actually online, but somehow cannot handle TCP requests (and the problem is not bandwidth as shown, so it would have to be something wrong with the host, such as a firewall rule); if they allowed through ICMP replies and the machine did not respond whereas others on the subnet did respond, it would show that the machine is almost definitely offline unless it has a more restrictive firewall than the other machines (very unlikely given that this, as-claimed, could have been prevented with syncookies). As it stands, one can only say that the machine is very likely offline (unplugged or turned off).
SCO's incoming mail server seems to be working fine. They only have one MX record for sco.com and it resolves to 216.250.130.2 for me at the moment. I only connected to it and saw a banner, but easy way to test this further is to send a message to an invalid address @sco.com and see if a bounce gets back. I don't want to give them an email address.
All of this is current as of 2003-12-10 21:57, Mountain time (SCO is in Utah). Further investigation lead nowhere; thus the delay in the post.
I agree. The story should be updated. Slashdot is running a story which states that SCO has been attacked, this is clearly unfounded. For the sake of accuracy and editorial integrity the story needs to be updated.
Early in the morning, someone was exploiting a rooted SCO corporate web server. But they tripped over an intrusion detection alarm. System/network administrators were notified.
Per their company policy, they shut SCO's entire network off from the entire world. "Internal mail servers and other support servers were unavailable." After a few hours, they determined that the intrustion was limited to the main corporate web server. The web server was broken off from the network. Network connectivity was restored (but no longer having a web server). "The web server is under a denial of service attack."
SCO employees begin the process of either restoring the existing web server from backup, or preserving the existing server, and bringing online a new server from bare metal. The process is expected to take at least twelve hours. An SCO executive informs at least one media outlet that they expect the problem to be resolved in some time after twelve hours. They're still working on it.
This also fits what happened in August, when their corporate web server was unavailable for THREE DAYS. When it was brought back online, the content was reportedly changed in some areas. It sounds like an inexperienced bare-metal restore or an untested solution. Perhaps part of the web site was not retreivable via backup, and they had to recreate some sections from scratch.
My theory, which I believe totally fits the facts, is that SCO has been rooted and does not want to admit this publicly. So the DDoS/SYN is their cover story, which is close, but doesn't fit the facts well enough to avoid suspicion.
I would appreciate a read on this theory with some feedback postive/negative.
Dude! Ever heard of "Letters from a Birmingham Jail?" One of the great pieces of american writing! I'll be mightily disappointed if my english lit. teacher lied and it was actually composed from a Motel 6...
http://metapundit.net
How can I contact this Center7? I want to be isolated from SCO!
warning: This post is likely to contain gobs of dripping sarcasm. Consume at your own risk.
The Age has an article titled Doubts cast on SCO claims of denial of service attack. It's good to see a mainstream news service not just reporting the FUD but actually digging a little deeper.
It's always about SCO. I'm still waiting to see a MS-DOS attack. Oh, wait...
(no sig)
www.worldrps.com
Need I say more?
Mainframe/UNIX Bit Twiddler and long time Windows/Linux Hobbyist.
The Theorem Theorem: If If, Then Then.
Even if this is a true DOS attack, why is this news? Imagine if Microsoft or Google or IBM put out a press release everytime somebody attacked their servers. If you are a big or a loud company, these things will happen. Don't whine, fix it and get on with life.
Justin.
You're only jealous cos the little penguins are talking to me.
So then... if I've understood correctly, the SCO site hasn't been "h4x0red," it's been "h04xored..."
--Mark
__:-b
"It is nice to know that the computer understands the problem. But I would like to understand it too." --Eugene Wigner
Linux's Hypocrisy Buffer probably overflowed, so it automatically deinstalled. Either that, or the kernel panicked and left the building.
Watch for D'ohl and co to explain that they had to replace their Linux server with UnixWare 'coz "Linux couldn't take the heat". Whackers.
Got time? Spend some of it coding or testing
First I realy hate to bring this up but Running DDoS for this reason is a terrorist mentality. If you create in your mind an enemy then you completely villainize them enough to justify some sort of attack. Now I like Linux and I dont like what SCO is doing but DDoSing doesn't help anything.
THIS WILL NEVER HAPPEN
Judge: IBM do you have any evidence.
IBM: Well we SCO got DDoS by a people who don't like them.
Everyone: GASP!
Judge: Well I see that SCO case is completely fraudulent and the judgment goes to the defendant.
SCO: But...
Judge: Slaps down his gavel.
-----------------------
If this did have sway in any way it would be for SCO legal advantage because they can use it to show how common the Open Source Community uses illegal means to try to get what they want.
At best all the DDoS will do is wast some of SCO's money. but not enough to put a dent into it. Heck they probably find a Tax loophole to get the money back. Or sue the guy in the previous posts that gives out all the information to DDoS them on Slashdot.
Come on guy think a little. This is the same way terrorist think. "Yea if I blow up this building that will get the US out of the surrounding areas." All it did was make it worse for them in their Point of View.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
iptables -A OUTPUT -p tcp -d www.sco.com -j DROP
iptables -A OUTPUT -p udp -d www.sco.com -j DROP
OR
ipfw add 1 deny ip from me to www.sco.com
Are we to rule out the possibility that this is not another attempt by $CO to make the "hacker" community look childish and unprincipled? My dad could beat up Darrells dad anyday, anyway.
boycott slashdot February 10th - 17th check out: altSlashdot.org
Further assume that it is a Linux person(s) even though the community as a whole came out against the first attack. Why not likely?
Ok, so, maybe it is not a Linux person.
Instead assume it is somebody trying to make Linux ppl look bad. huummmmm.
Finally, assume that it is some SK that is trying to showoff. Normal situation with a site that is easy to take out and would get lots of press play.
I can safely assume the later 2 are more probable, while the first is not likely.
To be honest, I would also assume that SCO can be lying about being under attack.
I prefer the "u" in honour as it seems to be missing these days.
It would be very amusing to see the reaction of SCO's upper management to having their bluff called.
Karma: Chameleon - mostly influenced by bad '80s New Wave music
So after a DOS attack, Slashdot posts an article about the attack, thereby starting another attack.
Sig it.
Come on.....
1 63721614
There are only a few possibilities:
1: SCO's IT department doesn't know what syn cookies are and how they relate to Linux (which the DO run their site on). They evidently don't know how to configure CISCO routers in order to block syn floods either. In this case SCO is incompetent...
2: SCO is deliberately not protecting their networks in order to draw attention to themselves.
3: SCO is sabotaging their own networks.
4: The ctber-attack story is completely made up and has no truth value.
The Groklaw story is worth reading:
http://www.groklaw.net/article.php?story=20031210
LedgerSMB: Open source Accounting/ERP
Call me paranoid, but if their intranet was affected by this "attack", I suspect that "some things" are going to be "lost" as a result.
IMHO, the SEC and other appropriate authorities might want to get some search warrants quick, surround SCO Headquarters and start saving some of the things that might otherwise get "lost" or "destroyed" due to this "attack".
Regards,
Fredrick
Hey FreeLinux: Learn some basics here:
"...apparently by hackers unhappy with the company's legal threats against users of the Linux operating system."
WHY is this apparent? The only thing that the 'unhappy hackers' have going is motive. IBM could have done it too. SCO could have done it to themselves, or just faked it entirely, as an excuse to go offline to recover from being rooted.
Motive != guilt, especially when there are many groups with equal motives.
"People who do stupid things with hazardous materials often die." -- Jim Davidson on alt.folklore.urban