Attack On SCO Servers Ends

The Lindon, Utah, company, severely criticized by open source groups for its legal challenge of Linux, said the attack that started early Wednesday ended between 6 p.m. and 7 p.m. EST Thursday. The company had all its systems back up within two hours.

"It basically just stopped," Jeff Carlon, director of information technology infrastructure for SCO, said of the attack. "It stopped in a matter of minutes."

As of Friday morning, SCO's systems were working normally. "For the most part, according to my experts and the ISPs, it looks like everything is fine," Carlon said.

The distributed denial of service attack, which lasted about 36 hours, began when someone commandeered several thousand computers connected to the Internet and then overloaded SCO's Web site with illegitimate requests. XO Communications, one of SCO's primary ISPs, said the requests were coming from computers connected to 50 other ISPs, according to Carlon.

id

unit-1659132512259

type

Sponsored post

The assault forced the company to take its web, mail and FTP (file transfer protocol) servers offline. The latter system is used by customers to download patches and updates to SCO's Unix operating system.

The company estimates the attack cost it about $300,000 in lost productivity alone, based on estimates that the company pays as much as $25,000 an hour to employees, who were only able to achieve less than half their usual output. SCO has about 300 employees worldwide.

About 33,000 outgoing and incoming e-mails could not be delivered until after the attack, Carlon said. "If you think about 30,000 e-mail messages, and the impact on customers and the impact on our company's employees and their productivity, it's significant."

The company has suffered three or four other similar attacks in the last four to six months, but none as severe as the latest assault, Carlon said.

SCO has been accused by participants in various IT chat rooms on the Internet of making up the attack in order to discredit the community of Linux developers. SCO denies the allegations.

The Cooperative Association for Internet Data Analysis, however, confirmed that the attack did take place, and found that early in the assault, the company's web servers were receiving about 34,000 requests per second.

"In spite of rumors that SCO has faked the denial-of-service attack to implicate Linux users and garner sympathy from its critics, [the University of California, San Diego] Network Telescope received more than 2.8 million response packets from SCO servers, indicating that SCO responded to more than 700 million attack packets over 32 hours," CAIDA said in a report published on its web site.

CAIDA is a collaboration of commercial, government, and research sectors aimed at providing a neutral framework to support cooperation in the engineering and maintenance of the Internet infrastructure.

SCO, which claims to hold the copyright to the Unix operating system, has filed a $3 billion lawsuit against IBM, claiming the company violated its license with SCO by inserting some of its copyrighted code into Linux. SCO has also threatened legal action against companies refusing to pay royalties for the use of Linux, and has challenged in court the legality of the general public license governing the use of Linux.

*This story courtesy of Techweb.com.