SCO Denial-of-Service Attack, Take Two | eWeek

SCO Denial-of-Service Attack, Take Two

Dec 13, 2003
2 minute read
eWeek Inhalte und Produktempfehlungen sind redaktionell unabhängig. Wir können Geld verdienen, wenn Sie auf Links zu unseren Partnern klicken. Mehr erfahren

Days after a denial-of-service attack laid its Web site low, controversial Unix contender The SCO Group Inc. on Saturday was apparently hit by a second DoS attack.

When alerted to the outage by eWEEK.com, Blake Stowell, director of public relations for the Lindon, Utah, company, checked with his companys IT department and reported to eWEEK.com, “Theyre in the middle of calling in all the network engineers; were clearly under another denial of service.”

Stowell added, “This doesnt do SCO any good, but this kind of thing doesnt do the open-source community any good either.

After the attack, Stowell said, “The attack began at 3 a.m. on Saturday morning and stopped on Sunday at around 11 p.m.” It is also Stowells understanding that the CAIDA (Cooperative Association for Internet Data Analysis) site, an independent research group with no ties to SCO, which was analyzing the attack on SCOs site, was actually attacked for a few hours on Friday night.

SCO was attacked earlier in the week by what it described as an SYN distributed denial of service (DDoS). The weekend attack, according to Stowell, was also an SYN attack.

Some Linux advocates suggested that the first attack could have been faked by SCO in an attempt to blacken the open-source communitys reputation because of the companys current dispute with IBM and other Linux companies and users over code it said is covered by its copyrights. Later, though, CAIDA showed proof that the SCO Web and FTP sites had indeed undergone a DDoS attack.

After the first attack, some securtiy experts on Groklaw claimed that SCO should have been able to easily stop the SYN DoS attack. According to many security documents though, such as Ciscos Defining Strategies to Protect Against TCP SYN Denial of Service Attacks, for public sites such as SCOs Web site, “there is no clear cut defense against [an SYN] attack from a random IP address.”

Other technical discussions of SYN attacks point out that while there are operating system patches that can help against an SYN flood, as Mariusz Burdach points out in his Hardening the TCP/IP stack to SYN attacks, “under heavy SYN attacks (like Distributed SYN flooding attack) these methods may help but still not solve the problem.”

It would appear that under a heavy enough SYN attack, any public site can be brought down even if it uses best-of-breed protection methods.

Today, SCOs site is back online.

Discuss This in the eWEEK Forum

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Eigentum von TechnologyAdvice. © 2026 TechnologyAdvice. Alle Rechte vorbehalten

Werbetreibenden-Offenlegung: Einige der auf dieser Website erscheinenden Produkte stammen von Unternehmen, von denen TechnologyAdvice eine Vergütung erhält. Diese Vergütung kann beeinflussen, wie und wo Produkte auf dieser Website erscheinen, einschließlich beispielsweise der Reihenfolge, in der sie erscheinen. TechnologyAdvice schließt nicht alle Unternehmen oder alle auf dem Marktplatz verfügbaren Produkttypen ein.