SCO legal case poses a conundrum on how it should defend a DDoS

That dilemma may explain why the sco.com site has been very slow to load for more than a day even though the anticipated DDoS from MyDoom-infected computers isn’t triggered until Sunday. The company has publicly attributed the outage to a DDoS, and has a history of failure deflecting such attacks. People have speculated that the current slowness of response from the site may be caused by traffic from infected machines with incorrect system dates, by seperate DDoS attacks unrelated to the virus, or simply by bona fide http traffic caused by the number of articles written recently that include a url to the SCO site.

The spread of the MyDoom worm variants may provide a sterner test for Microsoft than Blaster, which is estimated to have controlled 220,000 windows machines. Estimates of the number of computers infected by MyDoom range from 300,000 to as high as 600,000. Presently, Microsoft is using AKamai for DNS services, but is serving the front page of www.microsoft.com directly from Redmond.



% ping www.microsoft.com

PING www2.microsoft.akadns.net (207.46.134.157): 56 data bytes

%whois -a 207.46.134.157

OrgName:    Microsoft Corp

OrgID:      MSFT

Address:    One Microsoft Way

City:       Redmond

StateProv:  WA

PostalCode: 98052

Country:    US

NetRange:   207.46.0.0 – 207.46.255.255

It will be interesting to see if Microsoft introduces Akamai http caching for the front page of www.microsoft.com in the run up to Sunday.

SCO legal case poses a conundrum on how it should defend a DDoS

What can we help you find?

Still can't find what you are looking for?

Let's talk. Contact us and a member of our team will reach out to you shortly.