Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security Experts Doubt SCO's Claims of DoS

Posted by ryuzaki0 on from the raising-a-lot-of-eyebrows dept.

devilkin writes "As a recent Slashdot story indicates, SCO claims their website was the target of a DoS (Denial of Service) attack. Was it really? The people at Groklaw think otherwise..."

3 of 510 comments (clear)

  1. Re:Security experts? by jargoone · · Score: 0, Flamebait

    *boots up linux distro of choice*

    Right. Clearly not *brings laptop out of hibernation* with Linux, that's for sure.

  2. these secuirty professionals are morons by krappie · · Score: 0, Flamebait

    Yes.. we've all read the article by groklaw claiming it was a hoax. I never considered myself that experienced, but when reading this article and all of these posts.. their "security experts" and these posters are simply morons..

    first of all, a classic synflood is something that you and me can do from our home computers to some shitty webservers.. port 80 might stop accepting connections and simply time out. the box will still be up, every other service will be fine. any good webserver nowadays will have protections against it. for anyone to even CARE about a synflood nowadays, it has to be huge. the majority of synfloods anyone talks about today are so huge that they bottleneck network equipment and bring down the entire machine or several machines. its pretty obvious sco is talking about the second kind of synflood, not the first. "synflood" now just describes the packets they used to flood, the fact that they were syns had nothing to do with it and any synflood protection on the box wont help.

    secondly, just because an ip is next to another ip doesnt mean they're connected to the same switch/hub

    also, just because a server next to it is responding, doesnt mean its not an attack. what would you do if your entire network goes down and your internet connections cant handle the bandwidth being sent in? you call up your upstream providers of course! they have the resources to block a large attack early before it hits your network. how would they block it? by blocking all traffic to www.sco.com, maybe even just syn's to port 80 to be more specific. this will keep their entire network up and running. and in this scenario, www.sco.com is down, but ftp.sco.com is up. even if their entire internet connection was never maxed out.. they'd probably block all traffic to www.sco.com at their backbones to keep everything else next to it up

    and by the way, just because it brought down their internal network doesnt mean their internal network was "exposed". their internal internet connection has to come from somewhere. i bet sco's network's internet connections were completely maxed out for a while.. a synflood can do that

    someone prove me wrong

  3. Re:No. by strictnein · · Score: 0, Flamebait

    One is always free to take a stand, and even to look stupid in so doing

    And one is free to be a jackass, and to do so anonymously on slashdot.

    Isn't life grand?

    --
    Casual Games/Downloads