LWN: Comments on "ESR: Let SCO hang itself"

ESR: Let SCO hang itself

wwns — Mon, 25 Aug 2003 18:05:25 +0000

I assume that SCO was just cleaning various useful things from their web servers this weekend. With all the anti SCO evidence they had on their site I would not be surprised. My thoughts on the controversy and the outcome can be found here After that there is a test :-). I hope others find in worthwhile. Dave

ESR: Let SCO hang itself

strombrg — Mon, 25 Aug 2003 17:40:44 +0000

Rumor has it that SCO has an ftp server up that's vulnerable to a remote-root exploit.

If someone cracks it, SCO will be able to say "Look at those mean linux people attacking us again!" and "Look how insecure linux is. You wouldn't have this problem if you bought our products..."

Further, rumor has it that someone has been trying to alert SCO to this problem, and SCO has been deftly ignoring it.

The question then is, "Has SCO intentionally left that vulnerability, so they can spread FUD with righteous indignation?" Seems like maybe they want us to hang ourselves.

If you're interested in some more information on this, check out an archive of the full-disclosure mailing list.

FYI: traceroute from down under

jeff@uclinux.org — Mon, 25 Aug 2003 16:38:24 +0000

Silence is golden... facts speak for themselves. Eric doesn't speak for "the community".

Eric is however a part of "the community" that often speaks.

Jeff.

Scox "upgrading" service from Linux to "real" UNIX

walterbyrd — Mon, 25 Aug 2003 16:23:12 +0000

Apparently it was embarassing to scox to run their own web servers on mandrake linux. Scox is trying to switch over to unix, and having some trouble.

Eric's source

dwalters — Mon, 25 Aug 2003 15:01:21 +0000

With friends like this, who needs enemies!

I trust Eric will do the right thing and co-operate with the authorities in telling them everything he knows about this "associate" of the attacker.

FYI: traceroute from down under

WRatzka — Mon, 25 Aug 2003 11:45:32 +0000

Sorry, but the link between the DOS attack and the Linux community would have
been made anyway.
So it is important to emphasize, that such actions are not condoned by the
community.

FYI: traceroute from down under

antonio — Mon, 25 Aug 2003 09:42:06 +0000

I don't think Eric's letter was a good idea. Can you imagine the headlines that SCO and other Open Source opponents can make out of this?
There was no need to establish in public a connection between our community and the DOS attack.

Eric, please think twice before speaking for us (or ask somebody for advice before doing it)

FYI: traceroute from down under

bojan — Mon, 25 Aug 2003 05:14:26 +0000

> So, unless ESR knows something we don't (I certainly hope he doesn't), it would be better if he didn't come out with things like this.

Apparently he does know more:

http://linuxtoday.com/infrastructure/2003082501026NWCYLL

FYI: traceroute from down under

namaseit — Mon, 25 Aug 2003 00:12:07 +0000

I have actually seen this happen before earlier this week. Exact same thing happened to
homelan.com

It wasnt a DOS attack. Just a drop off.

FYI: traceroute from down under

bojan — Sun, 24 Aug 2003 21:53:35 +0000

9 137.39.31.190 182.438 ms 179.052 ms 179.155 ms
10 152.63.0.114 176.487 ms 152.63.0.150 179.120 ms 178.973 ms
11 152.63.1.26 218.494 ms 152.63.2.37 200.979 ms 203.032 ms
12 152.63.123.221 226.429 ms 152.63.89.233 218.978 ms 219.149 ms
13 152.63.72.77 218.351 ms 219.054 ms 152.63.72.81 217.111 ms
14 157.130.162.54 210.334 ms 211.010 ms 212.945 ms
15 * * *

This is where it ends. You can also read about this here: http://news.netcraft.com/. It isn't clear at this point that this is a DOS attack. So, unless ESR knows something we don't (I certainly hope he doesn't), it would be better if he didn't come out with things like this.

Not clearly DDOS

ccchips — Sun, 24 Aug 2003 19:59:53 +0000

Nonetheless, it's good to see that there are people who will stand up for proper behavior.

It's not so much that somebody involved with Linux did it, as that we won't tolerate such behavior.

Re: Not clearly DDOS

fLameDogg — Sun, 24 Aug 2003 18:13:07 +0000

Or SCO is doing it to themselves, with hopes of giving the OSS/FS community a black eye.

Okay, maybe that's a little off the deep end...

Not clearly DDOS

rst — Sun, 24 Aug 2003 17:30:12 +0000

Further analysis by folks in this comment thread on GrokLaw suggests that this is more likely some sort of routing anomaly than anything else. Eric may well be jumping the gun here...

ESR: Let SCO hang itself

proski — Sun, 24 Aug 2003 17:13:36 +0000

It's an insult for LWN readers to imply that those responsible for the DoS attack read LWN. Try posting on Slashdot, it may be more effective :-)

ESR: Let SCO hang itself

dwalters — Sun, 24 Aug 2003 16:00:06 +0000

I still can't reach sco.com (Sunday 16:00 GMT), so it looks like the DOS attack (if indeed that's what's responsible for the outage) is still going on.

Come on guys. We're better than this! This isn't the way to win this fight!