Slashdot Mirror

← Back to Stories (view on slashdot.org)

Netcraft Jokes About SCO's Virus Fears

Posted by ryuzaki0 on from the striking-back-through-humor dept.

Elektroschock writes: "Through the media SCO Group sent the message that a virus writer that targets its website would be a Linux enthusiast. Netcraft has its own funny remarks in a dogfood article." Some of you might get a cackle out of the third solution.

12 of 279 comments (clear)

  1. Hey now.... by BWJones · · Score: 4, Informative

    From the article: Spend Saturday soaking up the totally awesome graphics on the Stealth bomber flight simulators, and then obliterate most of Utah, sco.com name servers and all, on Sunday morning hours before the DDoS is due to hit Slashdot. SCO Execs still laughing themselves helpless about the /. Effect when the bomb hits.

    Hey now, not everybody in Utah is a SCO exec or a polygamyist. I suppose this is the toll that association takes however, even if that association is geographic as opposed to ideological, political or religious. Believe it or not, there are good things to come out of Utah, such as much of the technology responsible for computer graphics, some kickin' genetics research, some of the best skiing in the world, good beer, and last but not least, is the home of computational molecular phenotyping. :-)

    --
    Visit Jonesblog and say hello.
    1. Re:Hey now.... by Rosco+P.+Coltrane · · Score: 5, Informative

      some kickin' genetics research [utah.edu]

      No wonder, they have a rather large population with a very coherent DNA to study there :-)

      (Yes, I'm half-joking, and no I'm not flaming. Utah folks are nice overall, but it's true that polygamy was practiced there up to 100 years ago mainly to populate Utah as quickly as possible from the small band of initial settlers. Those who've been to Utah know the proportion of white blond-haired blue-eyed people bearing the same last name there is quite staggering. Sweden looks cosmopolitan compared to Utah).

      --
      "A door is what a dog is perpetually on the wrong side of" - Ogden Nash
    2. Re:Hey now.... by BillyBlaze · · Score: 3, Informative

      Seriously, though. According to the recent PBS special on DNA, a breast cancer predisposition gene was found largely thanks to very the complete family records that Mormons keep as a matter of faith.

  2. Congratulations Mike by arivanov · · Score: 4, Informative

    Congratulations to Mike Peterjohn.

    Who in btw is a founder and one of the Netcraft executives. So dunno about the dogfood. I wish other company CTOs could post dogfood like that.

    --
    Baker's Law: Misery no longer loves company. Nowadays it insists on it
    http://www.sigsegv.cx/
  3. I like #5... by Ann+Elk · · Score: 2, Informative

    ...reminds me of the old "ICMP REDIRECT to 127.0.0.1" trick.

    1. Re:I like #5... by Anonymous Coward · · Score: 1, Informative
      Would it actually work, though? Can you set 127.0.0.1 as a host in the DNS, and do windows machines recognize it as localhost?

      That's exactly what Cox Communications tried (for a few hours) in their defense for the Blaster worm. Cox set the A record for updates.microsoft.com to 127.0.0.1, and designated it as authoritative. Since Blaster spoofed the sender IP, uninfected machines received a "loopback attack" from their infected neighbors.

  4. Darl soon at CNN by G3ckoG33k · · Score: 2, Informative

    He-he. Just kidding.

    Hey, wait?! WTF? What's this? OMFG! ICBIFT...

  5. Re:Looks like they chose Solution 2 by randomblast · · Score: 2, Informative

    um, ok solution 2 - take www.sco.com out of DNS, right? but your ping returned an IP address. and it proves nothing except the fact that their server does not respond to ICMP echoes, which is a common practice. Starting nmap 3.45 ( http://www.insecure.org/nmap/ ) at 2004-01-31 21:57 GMT Interesting ports on www.sco.com (216.250.128.12): PORT STATE SERVICE 7/tcp filtered echo 80/tcp open http Nmap run completed -- 1 IP address (1 host up) scanned in 13.062 seconds

    --
    ...these aren't my real teeth.
  6. Re:Not as bad as everyone thinks. by anticypher · · Score: 4, Informative

    The original version of the worm had a bug that didn't perform any DDoS of SCO. After having bugs in the code pointed out to them by the ever willing Open Source Community and the Security Research Community, the authors of the worm have helpfully provided several updates that do actually perform the DDoS against both SCO and M$.

    Apparently, the code does not perform a complete TCP handshake before trying again. It doesn't wait around for the first TCP SYN+ACK packet, it sends a TCP SYN packet every second. If, by chance, the SCO address responds with a SYN+ACK packet, then the worm sends the initial GET / HTTP/1.1\r\nHost: www.sco.com\r\n\r\n. Its difficult to tell from the decompiles if it even bothers to close the connection, or just abndons the local TCP stack to deal with closing the connection at some later time. In an internet simulator testbed, not providing SYN+ACK packets back to a worm infected microsoft machine, the TCP stack stops sending unbalanced SYN packets after 63 attempts. As a friend helpfully pointed out, you can increase this number by changing a registry setting in windoze.

    I personally don't think the current management of SCO cares about their website, they certainly don't have any revenue producing features that need to be maintained. Most SCO clients rarely go to the SCO site for anything, since most maintenance is done by intermediaries like IBM Services Group, which have their own internal distribution of support and patches.

    the AC

    --
    Hemos is like...sci-fi fans;he thinks technology is cool, but he hasn't bothered to understand the science it's based on
  7. Re:Best Solution: by Anonymous Coward · · Score: 1, Informative

    ibm.com/open
    link

  8. Good food in Utah by timothy · · Score: 2, Informative

    Vegetarians, beware of the following statement:

    One of the most memorable meals I've ever had (and in a good way, not in the "... and then the waiter was stabbed by the Mob guys!" way) was a few years ago in Utah, I think in Provo (well, somewhere in the Provo / Park City / Salt Lake City triangle, anyhow ;)), but at any rate at a Brazilian Grill, the name of which is nearly at hand, but oh, well. ("Rodizio Grill"?)

    a) the good was delicious, and it was not heavy on the spinach n' cucumber side of things. Beef, chicken, pork, rattlesnake sausage ...

    b) Good system, a sort of reverse buffet. Each table has a red / green wooden token, a traffic signal for the wait staff, who are bringing around food on platters. Red-side-up means "We're still dangerously full," green-side-up means "Please bring us more, we have discovered a leak and it needs to be plugged with, among other things, quail eggs."

    I know that there are now lots of these Brazilian grills around the country. If only there was a good source of vat-meat ... it's hard to reconcile the idea of vegetarianism (the not eating animals part at least) with the tastiness of, well, ex-animals.

    As impressive as the food, though, is the system which prevents the table-service game of trying to make eye contact with waiters etc. It's a more elegant solution than my long-contemplated idea which would be to have a sort of steward/ess light over the tables in restaurants. The wooden token is simple, uses red/green cues which (non-colorblind) people are used to. (Though the semantics are also reversable; it would be as sensible to say "red means Stop to the waiter, green means the waiter can pass you by.") I think there was a little guide on the table.

    The rest of the state, perhaps, but SLC and Park City do not lack for excellent food, casual to quite formal.

    timothy

    --
    jrnl: http://tinyurl.com/c2l8yr / foes: http://tinyurl.com/ckjno5
  9. Re:Fourth solution is even funnier than the third. by ionpro · · Score: 2, Informative

    You can see it because it actually happens. I work a tier 1 helpdesk for a top 20 university. You'd think that the people here would be smarter then your average person simply because of the strict admissions requirements. However, I've had no fewer then four cases in the past four months where someone has bought a new machine because they're old box was running slowly due to spyware/adware. They'll bring the old machine in and either try to sell it or have us clean it up for a gift to a relative or something similar.

    And those are just four where I happen to have found out about them. I can't imagine all the cases where I don't find out...