sco.com refusing connections
Page 1 of 3 123 LastLast
Results 1 to 10 of 30

Thread: sco.com refusing connections

  1. #1
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324

    sco.com refusing connections

    Whether it is the true effects of MyDoom or whether it's SCO shutting it's doors in a "panic" to prevent it from happening, who knows? Either way, as of 8:40am there is no connection to SCO.com.



    Check out the Internet Storm Center for more details on attack activity.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  2. #2
    Senior Member
    Join Date
    Sep 2001
    Posts
    1,027
    Bouahaha: "current status: green www.sco.com unreachable " !

    Ammo
    Credit travels up, blame travels down -- The Boss

  3. #3
    Senior Member
    Join Date
    Sep 2001
    Posts
    1,027
    News.com has an article on it; it really is because of MyDoom...
    http://news.com.com/2100-7349_3-5151...l?tag=nefd_top

    Ammo
    Credit travels up, blame travels down -- The Boss

  4. #4
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    Humor aside, this is a pretty devasting attack. The "I Love You" attack was bad and certainly Code Red is/was irritating. Worst case scenario: create a worm that on a specific day bombards "broadcasts" on subnets. How long before the Internet is down? or one that goes after the prime DNS servers?

    This will cost huge bucks. How will SCO even stop this? Changing DNS won't help. They might have to start an alternative site until things calm down somewhat.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  5. #5
    BANNED
    Join Date
    Nov 2003
    Location
    San Diego
    Posts
    724
    or at least until the 12th
    When death sleeps it dreams of you...

  6. #6
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    Don't forget that Microsoft will be next (Tuesday I believe). So companies lose big bucks. Now I know that MS can handle to lose some and SCO as well but what if this is done against a small organization who can't afford to lose money online? What if it was done to you?
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  7. #7
    Symantec's website says this:


    There is a 25% chance that the worm will perform a Denial of Service (DoS) on February 1, 2004 starting at 16:09:18 UTC, which is also the same as 08:09:18 PST, based on the machine's local system date/time. If the worm does start the DoS attack, it will not mass-mail itself. It also has a trigger date to stop spreading/DoS-attacking on February 12, 2004. While the worm will stop on February 12, 2004, the backdoor component will continue to function after this date.
    I wonder what laws of probability they used? LOL.

    All jokes aside, this is very very serious, despite how the Gnu/Linux community or anyone else for that matter feels about SCO or Microsoft.

    Again, as I always say, "the bad guys" (the worm launchers) have made it so that the good guys will probaly lose some type of right or priviliege, and also gives the government room to step in and pass legislatioin on certain things. I don't know what those things are, but I bet SCO is going to go full steam ahead to make sure nothing like this happens again. I bet SCO's IT department, vendors and consultants are painstakingly moving thier website over to a site with no DNS entry, allowing only present customers access to it. All this does is set the tone for another variant to target the new ip address. I am very very curious to learn how SCO is handling this and how Microsoft is planning to handle it. Does anyone know?
    - Boyam


  8. #8
    BANNED
    Join Date
    Nov 2003
    Location
    San Diego
    Posts
    724
    "While we expect this attack to continue throughout the next few weeks, we have a series of contingency plans to deal with this problem and we will begin communicating those plans on moday morning," Jeff Carlon, worldwide director of information technology infrastructure at SCO Group, said in the statement.

    full steam ahead?
    When death sleeps it dreams of you...

  9. #9
    "While we expect this attack to continue throughout the next few weeks, we have a series of contingency plans to deal with this problem and we will begin communicating those plans on moday morning," Jeff Carlon, worldwide director of information technology infrastructure at SCO Group, said in the statement.
    WOW, I would have thought different. Especially if their ecommerce is tied into their content website. This may not be the case though sense I am speculating. This response from SCO is a surprise to me. This may be their way of protecting themselves from variants. what do you guys think?
    - Boyam


  10. #10
    Senior Member
    Join Date
    Jan 2002
    Posts
    1,207
    Mittens: good point...

    If the MyDoom instead flooded all of the top-level name servers with useless (but unfilterable) requests, the entire internet would become inoperable. That would be well within the capability of the author I suspect, but he chose for his own reasons to attack sco instead... hence we're safe for now

    Slarty

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •