Attack On SCO Servers Ends

The SCO Group Inc. that the denial-of-service attack that caused serious disruptions in the company's business operations had ended, and the software maker's computer systems were running normally.

InformationWeek Staff, Contributor

December 12, 2003

3 Min Read
InformationWeek logo in a gray background | InformationWeek

The SCO Group Inc. said Friday that the denial-of-service attack that caused serious disruptions in the company's business operations had ended, and the software maker's computer systems were running normally.

The Lindon, Utah, company, severely criticized by open source groups for its legal challenge of Linux, said the attack that started early Wednesday ended between 6 p.m. and 7 p.m. EST Thursday. The company had all its systems back up within two hours.

"It basically just stopped," Jeff Carlon, director of information technology infrastructure for SCO, said of the attack. "It stopped in a matter of minutes."

As of Friday morning, SCO's systems were working normally. "For the most part, according to my experts and the ISPs (Internet service providers), it looks like everything is fine," Carlon said.

The distributed denial of service attack, which lasted about 36 hours, began when someone commandeered several thousand computers connected to the Internet and then overloaded SCO's web site with illegitimate requests. XO Communications, one of SCO's primary ISPs, said the requests were coming from computers connected to 50 other ISPs, according to Carlon.

The assault forced the company to take its web, mail and FTP (file transfer protocol) servers offline. The latter system is used by customers to download patches and updates to SCO's Unix operating system.

The company estimates the attack cost it about $300,000 in lost productivity alone, based on estimates that the company pays as much as $25,000 an hour to employees, who were only able to achieve less than half their usual output. SCO has about 300 employees worldwide.

About 33,000 outgoing and incoming e-mails could not be delivered until after the attack, Carlon said. "If you think about 30,000 e-mail messages, and the impact on customers and the impact on our company's employees and their productivity, it's significant."

The company has suffered three or four other similar attacks in the last four to six months, but none as severe as the latest assault, Carlon said.

SCO has been accused by participants in various IT chat rooms on the Internet of making up the attack in order to discredit the community of Linux developers. SCO denies the allegations.

The Cooperative Association for Internet Data Analysis, however, confirmed that the attack did take place, and found that early in the assault, the company's web servers were receiving about 34,000 requests per second.

"In spite of rumors that SCO has faked the denial-of-service attack to implicate Linux users and garner sympathy from its critics, (the University of California, San Diego) Network Telescope received more than 2.8 million response packets from SCO servers, indicating that SCO responded to more than 700 million attack packets over 32 hours," CAIDA said in a report published on its web site.

CAIDA is a collaboration of commercial, government, and research sectors aimed at providing a neutral framework to support cooperation in the engineering and maintenance of the Internet infrastructure.

SCO, which claims to hold the copyright to the Unix operating system, has filed a $3 billion lawsuit against IBM, claiming the company violated its license with SCO by inserting some of its copyrighted code into Linux. SCO has also threatened legal action against companies refusing to pay royalties for the use of Linux, and has challenged in court the legality of the general public license governing the use of Linux.

Read more about:

20032003
Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights