Linux & Open Source - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Linux & Open Source


SCO Denial-of-Service Attack, Take Two



 By: Steven Vaughan-Nichols
2003-12-13
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Linux & Open Source story.


Rate This Article:
Poor Best
SCO had no sooner recovered from Wednesday's denial of service attack before it was hit by another one on Saturday afternoon.

Days after a denial-of-service attack laid its Web site low, controversial Unix contender The SCO Group Inc. on Saturday was apparently hit by a second DoS attack.

When alerted to the outage by eWEEK.com, Blake Stowell, director of public relations for the Lindon, Utah, company, checked with his companys IT department and reported to eWEEK.com, "Theyre in the middle of calling in all the network engineers; were clearly under another denial of service."

Stowell added, "This doesnt do SCO any good, but this kind of thing doesnt do the open-source community any good either.

After the attack, Stowell said, "The attack began at 3 a.m. on Saturday morning and stopped on Sunday at around 11 p.m." It is also Stowells understanding that the CAIDA (Cooperative Association for Internet Data Analysis) site, an independent research group with no ties to SCO, which was analyzing the attack on SCOs site, was actually attacked for a few hours on Friday night.

SCO was attacked earlier in the week by what it described as an SYN distributed denial of service (DDoS). The weekend attack, according to Stowell, was also an SYN attack.

Resource Library:

Some Linux advocates suggested that the first attack could have been faked by SCO in an attempt to blacken the open-source communitys reputation because of the companys current dispute with IBM and other Linux companies and users over code it said is covered by its copyrights. Later, though, CAIDA showed proof that the SCO Web and FTP sites had indeed undergone a DDoS attack.

After the first attack, some securtiy experts on Groklaw claimed that SCO should have been able to easily stop the SYN DoS attack. According to many security documents though, such as Ciscos Defining Strategies to Protect Against TCP SYN Denial of Service Attacks, for public sites such as SCOs Web site, "there is no clear cut defense against [an SYN] attack from a random IP address."

Other technical discussions of SYN attacks point out that while there are operating system patches that can help against an SYN flood, as Mariusz Burdach points out in his Hardening the TCP/IP stack to SYN attacks, "under heavy SYN attacks (like Distributed SYN flooding attack) these methods may help but still not solve the problem."

It would appear that under a heavy enough SYN attack, any public site can be brought down even if it uses best-of-breed protection methods.

Today, SCOs site is back online.

Discuss This in the eWEEK Forum



  Reader Comments: SCO Denial-of-Service Attack, Take Two
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Linux & Open Source Articles          >>> More By Steven Vaughan-Nichols
 


x}r۸j9km]mGJɖhŶ,ŞN"!c");ΜeoВ/ޓm@oh4?'I"nZ΄ܦdwÀ>]K$oB}wNUQV #7((bP<HwO7n[Q0R?`᳙*,Q  tjGt0]2d6k6!o4vekOh cߨ_X&``1\t|TA!j :iݒ i @I>b(ޗCѺYQy_HږyH6GǮJQLLNZ]@Z3ˆ辥{$)5= \o4"1lp<I9$7 \hяZIfOl+qtRxA'ס,j؏`U[۾xwy@jrt KJzcnćK(p}=\'t(`_dY7;fؖqSth(͡V*Z]QKru_):o+www;1ݻ U wht?|*UUe}Q !lݹ܎ඒk%m{|Nw9=}#׼;A3 o$&"?jQEVKY/LZHܯ&n!yd|'Բ_/iv$f1{P$XIcF/XTUGb9vm9t./.t]v;'H>bPk5Mz"1h ؕ 3Fz 'Kyw''K\u;}$O't6 +?;V'?nG߯C헙Mn[CEC0ʾ"1>]t4.>vIAұ,m)0dN`mYH!Oa(7fhXӀ?$eR2[&q, ߰n\S@`hoNX uZRĿ"E/; ä+pw>-Fv9s{Q {>0iCkFQD$h-D@wM0Ie+!3@uK LΝ߀2fàF{t$,/#0/ Zm{Ae^~}̢!1y@XbouG &SsnPBxԁ!~9.Wb&/^ "= EEKi@$ $h-4`r. Ŋ|?#!bRN[ T6ݞH:u'PTTh&RأXB ^X/E_R2әJ2j2klƪń(VFNL1|0VRx5Vn`oʡW鐦 2,X}=˚hn&i [NH: 5$!.*lhAwp=7cBCEw[JͰ"hZ5{8.Ƈ5=tlSr`8)ՠZ&4B ڛw=yE"y* ,qryd:*);m97RЛv!s9n! xW.Y 2gxRU';oWfn2>=MO5XScXM`Dnzb8ugm/n1`V|\v\g˺z+fYX]۽/ 7JeO^օVP+= rL%kZԕ1%/E$$"Y `}.EO㐘 0Zm7D=t=ƠnP jrIjS#W4E%:,Wfn  (Ք`AD}e &*d Ë?v=k3|#S=d:*c}2 7um SO5,FfF-  o _%t1tJ/]~Y8.- 'uaO:oIS5!A z$'Z>pl`/R=u޴ bJ ,ǢZQJ> D ȸla,riL*wڶ{>Qidݹ'Q(JЧVșC@S@MqNW3pPS@ bN,(t=(U+a<~lL`nK 5!70M# LK=:޹Ħ4Q( Mքk&.T:㼭 cXA\g@/ OQPHWkX tбթ6=,JINdԘ>S7Ϗ9(gh9d*GHV/ЪZZ͎^=>yP2z4b&c1о'=\VaQSF=4FX\eHЮ#cq_TҘWF(/9 ΔsNjZ`Z>5;Nᗬۉ{10v?\3j y58.w(p-4J3%NJt$ ҹD\W4Uud XX `jDa#CP`wV8%+ #mQJkm vV;{Բ)+Vt u `_ܚ:z,.,H0o  d44} *zIe/yboY LjB:GdDC+`v*Gw O6Jh)YS!bW hĞee[ExkC铰ݹY$'w&J y*AA/5rH]mM;fr/cS>-#W5 d$fqN'0cp&v=[9,3?{:kdx{ zЍt;Gq3"w~k`owɛ(* Gq3`3"mLxu_+'E&lE6Xil q iv)kq{?I jf?yT*JZӳ(*+H@:erzk?ty/UUNSF;:9&ߐ@hO ]k8ỨbRvVLv迌2KɭTSV8<V6ZZaoaqVZFHU%dEM#/ ސOR[GC~g$} W>V }b*kZQR^? +8rk4rO,ZKq~Zskp9 2j=vR/fKܦ@vGܖ[J,] Ba u( =(tם 21aI3I)` {iO4c Cnƍj}U]%T/IjIxn:0nȄOXD[x$tpM\&Li7IղAkJZ8qG;a>&rf&: /je>e!eO.lWJ_0]PX9H(P+ Yz>ɷwnj‰; +A񷠐n)ɑ$ |C*ͤ D;}ZTe&㜘= Օׇ S L $q* NC7{5al 9ew~u;?\wۃm@:iuO? ?Nnt߽iz%<ZYꞷ;!E͇wm{zGY^9gP K RCbw}Wshw%6zv9D 2SH4z7qwOyGJ:7]9$Q!NX G}9>.M1k&03hĂ@⑩!g<`zikB*XKݹĂq ՜4"z ON3"nPU8\;mj1w}eXL7$>T1r(`$X*XU2_>'2si56^SF(+bK"$DY \gqʼn/`E3bt<~Qt";Q$Kᷜo5?ů1K_8~ ѶPx,ub:n^!9ۧ>48tyA$K 21xc|.A-6ջ\^eԉ)%2 \ ?m[=pRvGP2)B~(IZ[Űˢ ݖ2`9 2)Mz.ϕp|Lik'iZVӼ6X(4%44AԌOCYF*d#7' ҿhopVPto6_xvImK$gΖˤ%"ė4 i) " |82B[(H T䵴Zv*;Ӓb.Ly`6(y_TzTu&̱¹OH1;; WS漊 eFn_a7pϲ]ta9b|;tG5];~O&ԢnL q;Z{9 X 1#6q pv#(;A[¥𣉣S㻞Pa +0q)yd2 ,fsx3rT?,#ziҒ916onP;54z4ׇP%(yAcqU~(TR-n .aO"J骇v9c|MU,^RRMJ>^&k" h6vo"Ba"fsME[n`1 \F!p Cx!;xGM>s z̫^-,;,"{tmSLY #E 1|`{]gx@ײTW&|<NpyOA'$9(:B_Hofb!L$27COJ)o/g$] |kJjuT8HDڳnR) 'uᏰ %^O aYXE"Pm[[T JnJP"(ve;eΞ$ܓھRo?]`LP; 3Iھ *`٭{_OBJͭ_yNɎveŊÌ@8,sQK`a דԜPha`țk V^*ЕNodxW[ ;L6,VIbE^=b&EbPFN *I!c{$4ֆ$ScDFm_{imHag($uX`Z@4;{IqsT tYd#Ѩi> IRRw,G&aB0]O(/886A@A,WH=A q8i> bS TbaU>i{sHtIy \-ʏ݀d 2A߱.| 5S0| .;Wεt `RVO7[X}hk$ NЕx4g^ _M#]kF\SN(r1r'RiiUl_HAl vLҒ >"p"e+l67ucgG҅2k/f@ytNéPLܰrr9x`+F\*+ =@] GJC(.i8Xt^񘿇̭^Eи뉇}0ǁ>Ǽ<"uVstStA]Ϧ5| KA".b }{;\Vcon{4r-SU]I-~lB79>j{a4#j+YTG'򎢅;//(V4Z mX[`cXI:wy0m-mYѧ3.IyWrZZNMn[S S=܃=KԬE5:&kFJE:`ῳ7IE?⌱fae? %s_|N5Pו uK)z=wM@{ǭrMu-n +|-/Ym/\zuߒD`2 'XFܓ-rفat3x-{8S~xr1: Ov1&8 aDgl96c͝~KeᏡS9cgi=2݀a)k+H嬙9T\ǽ | ϞO`ltвؒA:Cя* nO2KqRfStW f4;o#?T'}d_Enc䭼=d?܉󷓟ѝǝ({)(Ȣ#VgB8AXJzXDJ Ň!yu%ϸ@FPxIYL3^zh)jsq̙Tl/ZNt!GDkcΩhZMWWs.KBG(zdI+2/ c|ŻRO&ƪTe:50S5yS/DR!դG:9ޭ@qͧ5&@ lN`C~<VzZ3ZOk]P;XifIyJ)~,y-JYթJ_wV[ 1cNq:rq.Cdd#n-)2jXM>ITap' "LaËZ%{EP^Cs.ĕպԴzYܧF(+*`6g7NC.5rYxl XtHF=zԱ8nd#Tr^͌=ilQч%>fa Z<<~Q,mJ)Ag'L$NZ @xl9sXd7Mw=;8C:`B|iD(rҏ_` ᷍ kl3 xf;1 dJfs>f3B[w^?rbS~fbA$ev,`/0̊|Ux[hhwQfg1q8|;  At=jX:o݈uXu Ȫ&Q{V  1Xt1ц]ֿ|Ɍֲ:mǖA&_cL }(G n$yVmIz/#\#P |°$SWgq+TՕׇܿZS!_E_t[6eS`P2o¨`*(ႎ|dUk{VyF (H%t]\P"@H>QeA=`Aa~N#[C1P?Rfjs#9xuŒS,0 uAp555ypW %gaظ/^F{[@ft,EףΫ]-GAGG71`Tg8XKVHmݜ(8&sz9I t!#K/HxzNsR^RXщzo&rb+ zoj Bp),f,՚RD&u]CuF|u7IXU+IUīsYUe/ǯlZiJdR. ?h$@P=xɾ#l:\SݹXh..N?%iN?/nuN{x Zѷhlԭsk:]|:w..B2̓L/橾xQ(X7OGYFuavʜT/6u&\ «XsxYx>+bh,.6q΀AwpD0/& ƕ^-01cj/;ֆS|zƋ#xYBﻅnsʡݜ{SC)֗g9s??˃=,?g0}Y}" ʯrC@?rϠ,.r޿y2~0~0~@ 忮/1*w3+U::~s/$)GAy+Zpzz;29)G9R{WK}(ϑgUsV^Va{jg~W {qkR+ ]q%>3-{ᘴ[˺r}ח c|U(X2T  )htVydSrbyeo?+))wOƻϝ)mGsu5nRr-Xѧ^5_9p=U2 !3Ɯub>sr)'էkAzK[<F4q=w]6tqS0n*0 4O3}.nm;yx#ֽ2b;w6 S췡\@❋ٝzÀ}G]Wl<-t&n\eyf(/@FAt p?$FF6^֪_p3lc}xsy:^uCg>k'[*8y:H4l?| H&Y$'QoBcعKjzG,t5HÅLqg0tshƎ4HjYj ~ZV-#\"aڌp=[)UUEVrp` VU+D`I9CTx|Feiƫ9 C8b;h8[閾(=^?AO'^ Sj2cofE߰Raw8a+h;rI Y$P&`!֞.^G$w -vbl{ݶMA^0–,ٵ&"mr*xN3ILa\Dm8G^ѣmtn`;Zlbq7𜙄׌̯#kL!I ɔ6ИI-3;~ɑL( V1 kEF(l#Bcc>mTώ;[9񽍆qufp ROێY:%ZgG"o[Ռ߳;3 Az!_)82)nq?ibr]6M b ه%OS˙a<@p_[h"cSHL#'I -sO=9$Id`m܀9 w.ěC{1L9 H\},.I5""HH "s{D|%{j9Sn.a9r \ ?cAoN[Q=$V*׽`$36ٕ۽ }מ'Xn2Lh}#Ϙm^'(z1̸>ΐR8oE|Ġ#)be h kk8h5o2s&zU Th<OSϫH1E![!% i[jKaRJz+6*ن[v I8<}"l%E a'ChE a,-sD<>7#;33Q1jkA/?H3۱x쥽%}Yq v|.}zX#U:.> <$+t#R.ڋOFې/)B,Kwl`IB`t0{T:ۉDEPމ!/[v2g S*4%SЌxu<ڢuK ğ?X \va;+C]VulÝg8E# d9f7Ct_U`7'~*VC'vktGG=m2`͍G:N$_)0uCr8vI )6- `zMF@6e֘H\*,lf) K?ZvqS]@Dq'˫Hvyml< ^:uKW}Q籺nGa|d[t% ^Fz‡%!ҶT)V#ʥ.Sܟ?Cbx ҇fF+Ke$Vi/ >.(ZF$Wc ҭ䅤<P8_AC.vQ%eN܌uFDmhT4X %*lˢS7M {^moymߋ ۲|ږa=vk`CΜ6 U =[=܋;}c\91F`=suVOEdg)dr̅2 !IyyU~ҥN.I,'_aQd+$*)ؐW k` bV@1,F,oԟN*)Asa#El [ApV7/\29Lg=K1E~1㡺_0UyulC^"foA0jPLP>9)z0~ \\K萻kÔüpaf#3/& wAx& =`#hxj"nRh1 Lb'k%I >d3#7Dj0Brm d[Hօt&vk{^޳hb'/bA,xr&r*]xWI"cXMb0Gt&W 3+R b%P?tYkh YI| κxH%;XaF'c*FRqOR|{?8XQ|;]&`֍^z:-Em{ӻlw Tv>Vnwߥ+==;`onsg~oUA,jU z' l5mEgl(3W'J^>۝7z"f/F)SذM*i29J{) 1^[)֦O*LΗ㇅c>lgLt ))vsmb-6C-;<"