Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security Experts Doubt SCO's Claims of DoS

Posted by ryuzaki0 on from the raising-a-lot-of-eyebrows dept.

devilkin writes "As a recent Slashdot story indicates, SCO claims their website was the target of a DoS (Denial of Service) attack. Was it really? The people at Groklaw think otherwise..."

6 of 510 comments (clear)

  1. Very strange is this; reported BEFORE it happened? by Anonymous Coward · · Score: 5, Interesting

    stolen from: http://www.newsforge.com/business/03/12/11/1315246 .shtml?tid=85

    Very strange is this; reported BEFORE it happened?
    by Anonymous Reader on 2003.12.11 12:54 (#81456)
    I see they have been playing this DDos Attack in the press. In fact, as near as I can tell, the stories about this ddos attack started appearing very early on. Most companies take some time to discover they have a ddos attack, and then to take the time to report it; the press also has lead time for a story to actually make it out the door and into print/web site/whatever.

    The early and timely appearing of their "press" about it even while this attack was "underway", and through so many sources, leads me to ask this question; is it possible they contacted any press BEFORE this alledged attack even took place?!

  2. ftp.sco.com by Hug+Life · · Score: 5, Interesting

    What's even weirder is, that before the groklaw post, www.sco.com was down, but ftp.sco.com (next IP address) was just fine, which invalidated SCO's claims of a DDoS attack.
    But about 2 hours after the groklaw post, ftp.sco.com mysteriously went down too.
    Just more ham handed FUD from Darl and friends.

  3. Re:Press release? by Unfallen · · Score: 5, Interesting

    Interestingly, and somewhat depressingly, the first thing I knew about it was about 3 e-mails from Google News Alert, each telling me of about 3 different news sites reporting the story. Some of the sites weren't even that techie (CXO Today seems a good example of the people SCO were intending to reach with their statement). The fact that SCO got their press release out so far, and so quickly might not say anything about the true nature of their server(s) downtime, but it does indicate where their operational motives lie.

    Steve Ballmer seems almost impressive with his shouts of "Developers! Developers! Developers!". I like to think of Darl giving a rousing meeting, stomping around the stage yelling "Marketeers! Marketeers! Marketeers! Lawyers! Lawyers! Lawyers!"

  4. Letter to Netcraft by TWX · · Score: 5, Interesting

    Netcraft had a posting about the supposed attack, but didn't doubt the actual situation. I've sent them the following letter:

    To: webmaster@netcraft.com
    Subject: News on your front page

    You have a news article about SCO's network downtime posted on your front page, claiming that SCO is the target of a DDoS attack. Due to availability of services on other machines on the same netblock, like the FTP protocol on ftp.sco.com (one IP address higher than www.sco.com), I question the veracity of your news article, and I felt that I should call this into question.

    groklaw.net has information posted that you might find interesting, potentially leading to a revision of your news article. The page can be found at:

    http://www.groklaw.net/article.php?story=200312101 63721614

    Much of the information that I have read about this is available from them, as are some theories as to what is actually happening.

    Thank you for your time,
    TWX


    Basically, if you doubt the truth of the "news" about SCO/Caldera's troubles, call it into question with those reporting it, especially those who are supposed to be some kind of authority to listen to.

    --
    Do not look into laser with remaining eye.
  5. How conventient by Dunark · · Score: 5, Interesting

    SCO was taking a publicity beating on several fronts:
    - They got an unfavorable ruling WRT discovery on Friday
    - The world discovers Boies isn't so confident of SCO's case that he's willing to take the case on contingency. Boies is billing by the hour, he just stands to get a big bonus under certain conditions.
    - Baystar/RBC isn't happy about the Boies deal, so they demand and get the power to veto certain courses of action.
    - SCO has to delay their earning announcement by two weeks to screw around with the numbers.

    Needless to say, SCOX stock price dives, and the lo and behold, an attack on SCO's website suddenly becomes the to SCO new item and buries all the other bad news. How fortunate!

  6. Re:Speculation for Nerds. Hardly matters. by Trepalium · · Score: 5, Interesting
    Well how about this, someone DoS's you, and your Intranet and support desk goes down? That's pretty damn peculiar. I see three options. Either they're lying, they're incompetent, or it's an inside job. Their ISP is treating the attack like a standard DDoS attack, by blocking it far upstream, and BS comes to the press and tries to be technical and call it a "SYN attack". SCO claims their mail system was knocked down, but their webserver doesn't even act as a mail server (it's mail.ut.caldera.com [216.250.130.2], not www.sco.com [216.250.128.12]). They dont' even have a secondary MX in this case.

    SCO's victim story doesn't add up, and it doesn't make sense.

    --
    I used up all my sick days, so I'm calling in dead.