Attack On SCO Ends

SCO Group says the denial-of-service attack that caused serious disruptions in the company's business operations has ended, and the software maker's computer systems are running normally.

The company, severely criticized by open-source groups for its legal challenge of Linux, said the attack that started early Wednesday ended between 6 p.m. and 7 p.m. EST on Thursday. The company had all its systems back up within two hours.

"It basically just stopped," Jeff Carlon, SCO's director of IT infrastructure, said Friday of the attack. "It stopped in a matter of minutes."

As of Friday, SCO's systems were working normally. "For the most part, according to my experts and the ISPs, it looks like everything is fine," Carlon said.

The distributed denial--of-service attack, which lasted about 36 hours, began when someone commandeered several thousand computers connected to the Internet and overloaded SCO's Web site with illegitimate requests. XO Communications, one of SCO's primary ISPs, said the requests came from computers connected to 50 other ISPs, according to Carlon.

The assault forced SCO to take its Web, mail and file transfer protocol servers offline. The latter system is used by customers to download patches and updates to SCO's Unix operating system.

The company estimates the attack cost it about $300,000 in lost productivity, based on estimates that it pays as much as $25,000 an hour to employees, who were only able to achieve less than half their usual output. SCO has about 300 employees worldwide.

About 33,000 outgoing and incoming E-mails could not be delivered until after the attack, Carlon said. "If you think about 30,000 E-mail messages, and the impact on customers and the impact on our company's employees and their productivity, it's significant."

The company has suffered three or four other similar attacks in the past four to six months, but none as severe as the latest assault, Carlon said.

SCO has been accused by participants in various IT chat rooms on the Internet of making up the attack in order to discredit the community of Linux developers. SCO denies the allegations.

The Cooperative Association for Internet Data Analysis (CAIDA) confirmed that the attack did take place, and found that early in the assault, the company's Web servers were receiving about 34,000 requests per second.

"In spite of rumors that SCO has faked the denial-of-service attack to implicate Linux users and garner sympathy from its critics, (the University of California, San Diego) Network Telescope received more than 2.8 million response packets from SCO servers, indicating that SCO responded to more than 700 million attack packets over 32 hours," CAIDA said in a report published on its Web site.

CAIDA is a collaboration of commercial, government, and research sectors that aims to provide a neutral framework to support cooperation in the engineering and maintenance of the Internet infrastructure.

SCO, which claims to hold the copyright to Unix, has filed a $3 billion lawsuit against IBM, claiming the company violated its license with SCO by inserting some of its copyrighted code into Linux. SCO also has threatened legal action against companies refusing to pay royalties for the use of Linux, and has challenged in court the legality of the general public license governing the use of Linux.