At 16:33 30/01/2004, a clever sheep wrote: >this is by far the strangest netcraft article i've seen. it does >mention freebsd, in what could be construed as a positive light (i >think): > >http://news.netcraft.com/archives/2004/01/30/wwwscocom_is_a_weapon_of_mass_destruction.html > >and it mentions colin percival and depenguinator! Yes, I noticed incoming traffic from there about 3 hours ago. It's definitely a wierd story. Also wierd is the fact that everyone's treating this like it's going to kill SCO's web site. It might, but only if they're idiots (which, admittedly, they often seem to be). Identifying infected systems is easy; the HTTP requests they send are distinctive. Filtering packets by source IP is easy. Once you can filter the packets, this DDoS isn't a problem: Send them to LaBrea, and the total bandwidth consumption of 500,000 MyDoom worms should be around 85 Mbps -- which SCO should certainly be able to afford. (Meanwhile, they'll be putting together a very complete list of IP addresses of infected machines.) Colin Percival _______________________________________________ freebsd-chat@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-chat To unsubscribe, send any mail to "freebsd-chat-unsubscribe@freebsd.org"