nanog mailing list archives
Re: SCO
From: Valdis.Kletnieks () vt edu
Date: Sun, 01 Feb 2004 19:36:04 -0500
On Mon, 02 Feb 2004 01:37:26 +0200, Petri Helenius said: (I was speaking to *this* particular incident, not to the question of "how to prevent it" in general. Remember that this is the 5th or 6th time SCO has been DoS'ed sucessfully...)
There are quite a few companies, big and small, who would be happy to sell you web or content "switches" which forward the HTTP requests to the actual servers based on almost any bit in the HTTP request.
Yes, but this assumes a sufficient supply of clue, available financial resources, and motivation to deploy, and then balance the cost of those type of boxes against the impact on your revenue stream of getting DDoS'ed. When your web server isn't generating any revenue, your ongoing support (patch download, etc) is via a still-working FTP server, and you can get lots of PR out of saying "Those Linux freaks let loose a worm to DDoS us", why should you invest in that technology?
Does anybody have any numbers to actually support the theory that there would actually be significant traffic flowing somewhere?
From SCO's 10K they filed with the SEC on Tues, Jan 28, and presumably actually written at least a day or two before: "Additionally, we have recently experienced a distributed denial-of-service attack as a result of the "Mydoom" worm virus. It is reported that the effects of this virus will continue into February 2004". So for them, the DDoS was already "past tense" a week ago. Not "expecting" or "will be shortly". Draw your own conclusions what happens if the DDoS attack fizzles for any reason, or if Netcraft's stats say a different story, etc... The best commentary I've seen on the whole sorry mess so far: http://ars.userfriendly.org/cartoons/?id=20040201
Attachment:
_bin
Description:
Current thread:
- Did Wanadoo, French ISP, block access to SCO? Sean Donelan (Feb 01)
- Re: Did Wanadoo, French ISP, block access to SCO? James Edwards (Feb 01)
- Re: Did Wanadoo, French ISP, block access to SCO? Thomas Seyrat (Feb 01)
- Re: Did Wanadoo, French ISP, block access to SCO? Rubens Kuhl Jr. (Feb 01)
- Re: Did Wanadoo, French ISP, block access to SCO? Valdis . Kletnieks (Feb 01)
- Re: Did Wanadoo, French ISP, block access to SCO? Rubens Kuhl Jr. (Feb 01)
- Re: Did Wanadoo, French ISP, block access to SCO? Stephen J. Wilcox (Feb 01)
- Re: Did Wanadoo, French ISP, block access to SCO? Jess Kitchen (Feb 01)
- Re: SCO Petri Helenius (Feb 01)
- Re: SCO Valdis . Kletnieks (Feb 01)
- Re: Did Wanadoo, French ISP, block access to SCO? James Edwards (Feb 01)
- Re: Did Wanadoo, French ISP, block access to SCO? Petri Helenius (Feb 01)
- Re: Did Wanadoo, French ISP, block access to SCO? Randy Bush (Feb 01)
- Re: Did Wanadoo, French ISP, block access to SCO? Petri Helenius (Feb 01)
- <Possible follow-ups>
- RE: Did Wanadoo, French ISP, block access to SCO? CHUNIKHIN Igor FTLD (Feb 01)
- Re: Did Wanadoo, French ISP, block access to SCO? Miquel van Smoorenburg (Feb 02)