[ISN] Net attack crushes SCO Web site

From: InfoSec News (isnat_private)
Date: Sun May 04 2003 - 23:59:03 PDT

  • Next message: InfoSec News: "[ISN] Hackers damage Internet radio site"

    http://news.com.com/2100-1002_3-999584.html
    
    By Stephen Shankland 
    Staff Writer, CNET News.com
    May 2, 2003
    
    An avalanche of data blocked access to the SCO Group's Web site for
    several hours Friday, said the company, which has come under fire from
    Linux fans for an ongoing lawsuit against IBM.
    
    At 10:45 a.m. PDT, the Unix and Linux seller was hit by a distributed
    denial-of-service attack that hampered its Internet operations, said
    SCO spokesman Blake Stowell. In a DDoS attack, numerous computers
    simultaneously send so much data across a network that the targeted
    system slows to a crawl trying to keep up with the traffic it's
    receiving.
    
    Stowell said SCO had no indication who was behind the attack or why it
    was launched, but the Utah-based company has incurred the wrath of
    many Linux enthusiasts infuriated with its lawsuit against IBM. SCO
    seeks more than $1 billion in the suit, which accuses Big Blue of
    taking Unix intellectual property to which SCO owns rights, and moving
    it into open-source Linux. On Thursday, SCO Chief Executive Darl
    McBride said Unix source code had been copied line-by-line into Linux.
    
    Unofficial open-source spokesmen such as Bruce Perens and Eric Raymond
    have condemned the lawsuit as an act of desperation, and others in the
    Linux community have been less gentle in their scorn.
    
    A DDoS attack is hitting below the belt, though, Stowell said. "It's
    one thing to have a complaint with SCO's lawsuit or with our position
    in terms of code being found in Linux. It's another thing to deal with
    that in an unprofessional way," he said.
    
    But if the attack is indeed a payback move, it wouldn't be the first
    time. Attackers took down the Web site of the Recording Industry
    Association of America, unpopular for its crackdown on music swapping.
    
    While the Iraq war was at its height, Arabic news site Al Jazeera was
    cut off from most of its audience because of a deluge of data. And two
    years ago, Internet attackers buried the White House's Web site in so
    much traffic that it, too, was inaccessible.
    
    Such attacks are quite common, but frequently go unreported. A
    two-year-old study of Internet traffic found that every week, some
    4,000 attacks lasting more than 10 minutes each are launched.
    
    SCO's Internet service provider, ViaWest, told SCO that about 100
    high-speed T1 data-transmission lines of network capacity--about 90
    percent of its total bandwidth--was being consumed in the attack. "It
    was a large, extremely well-orchestrated DDoS attack," ViaWest told
    SCO.
    
    The ISP worked to screen out the offending data, and SCO's Web site
    was back in operation by 4 p.m., Stowell said.
    
    ViaWest found 138 different machines were involved in the attack.  
    Apparently, the systems had been infected earlier with an DDoS program
    that was triggered by a signal. It was the second-largest onslaught
    ViaWest had experienced, according to SCO.
    
    The U.S. Attorney's office is investigating the attack, and
    information on its details was provided to the FBI's Cyber Crime
    Division, the software maker added.
    
    News.com's Rob Lemos contributed to this report.
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Mon May 05 2003 - 02:31:15 PDT