[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] [segfault] SCO DOS attack legit (fwd)

Subject: [ale] [segfault] SCO DOS attack legit (fwd)
From: kaboom at gatech.edu (Chris Ricker)
Date: Mon Dec 15 12:35:57 2003
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]>

On Fri, 12 Dec 2003, Pete Hardie wrote:

> Groklaw's commentary mentioned that a SYN attack is old hat, and easily defended 
> against - why was SCO caught by such a trick?  Perhaps they are leaving 
> themselves open so they will be an easy target and can point their fingers at 
> open source zealots?

It's really hard to say one way or the other without knowing a lot more
about their topology, their equipment and connectivity, and how much traffic
they were seeing than any of Groklaw's armchair analysts know ;-). To some
extent SYN-flooding can be protected against at the end host (on some OSes),
but it's primarily something to deal with upstream from end hosts, at least
if traffic levels are non-trivial....

later,
chris

References:
- [ale] [segfault] SCO DOS attack legit (fwd)
  - From: kaboom at gatech.edu (Chris Ricker)
- [ale] [segfault] SCO DOS attack legit (fwd)
  - From: pete.hardie at sciatl.com (Pete Hardie)

Prev by Date: [ale] Red Hat and the GPL
Next by Date: [ale] Emulator vs. Virtual Machine
Previous by thread: [ale] [segfault] SCO DOS attack legit (fwd)
Next by thread: [ale] replacing text
Index(es):
- Date
- Thread