[Dshield] SCO attack
jsage at finchhaven.com
Sun Dec 14 18:01:04 GMT 2003
On Sun, Dec 14, 2003 at 11:39:15AM -0500, Johannes B. Ullrich wrote:
> From: "Johannes B. Ullrich" <jullrich at sans.org>
> To: list at dshield.org
> Date: Sun, 14 Dec 2003 11:39:15 -0500
> Old-X-Envelope-To: list at dshield.org
> Subject: [Dshield] SCO attack
> You probably read the news reports by now about the DDOS attack against
> SCO, and some people not believing that it is real. Well, we do see
> quite a bit of backscatter from this. SCO's IP address is
> 18.104.22.168. Reports against this address look like DDOS backscatter:
> Details (not accessible all the time):
This is also well documented at CAIDA:
After that, I have to say "So what?"
This sort of thing happens all the time.
The particular fact that SCO was DoS'ed is not startlingly unusual:
ask anyone who has pissed-off some punk on IRC.
But let's get this point on the table right now:
SCO's current legal "situation" relative to IBM, Linux and the Open
Source/Free Software movement are certain to draw some wackos from out
of the woodwork.
Does this DoS reflect poorly on IBM, Linux or the Open Source/Free
Software movement? Not at all.
Just thought I'd put that thought out before this thread goes off the
"Most people don't type their own logfiles; but, what do I care?"
John Sage: InfoSec Groupie
ABCD, EFGH, IJKL, EmEnOh, Pplus+, Mminus-
ATTENTION: this entire message is privileged communication, intended
for the sole use of its recipients only. If you read it even though
you know you aren't supposed to, you're a poopy-head.
More information about the list