SEO

On Sat, 23 Aug 2003 20:43:58 -0500, Nucleon <tcfelker@mtco.com> wrote:

>Since yesterday or before, I can no longer access either sco.com or
>caldera.com. Across the net, many others are experiencing this, but
>nobody seems to know why. Does anyone know what's going on?

Sorry, I have not inside information. However doing a bit of testing,
I find that the www.sco.com server and one of the nameservers are
down. However, some of the boxes are up. stage.caldera.com is up.
(I'm too lazy to scan the IP block and see if there are any other
servers that are up).

Both www.sco.com and www.caldera.com are on some kind of load
balancing contraption which might be the culprit. Dunno.

08/23/03 21:21:25 dig www.sco.com @ ns.calderasystems.com
Dig www.sco.com@ns.calderasystems.com (216.250.130.1) ...
Authoritative Answer
Recursive queries supported by this server
Query for www.sco.com type=255 class=1
www.sco.com A (Address) 216.250.140.112 (down)
sco.com NS (Nameserver) nsca.sco.com (down)
sco.com NS (Nameserver) c7ns1.center7.com (up)
sco.com NS (Nameserver) ns.calderasystems.com (up)
sco.com NS (Nameserver) ns2.calderasystems.com (up)
ns.calderasystems.com A (Address) 216.250.130.1
ns2.calderasystems.com A (Address) 216.250.130.5
nsca.sco.com A (Address) 132.147.210.253

Since the web server is in the same IP block as the two working
nameservers, I can guess(tm) that only the web server is comatose and
that this is not a connectivity issue.

www.caldera.com (216.250.130.1) uses the same nameservers and sits in
the same IP class C block. No clue why both should decide to go
comatose at the same time unless it's the load balancer.


--
# Jeff Liebermann 150 Felker St #D Santa Cruz CA 95060
# 831.336.2558 voice http://www.LearnByDestroying.com
# jeffl@comix.santa-cruz.ca.us
# 831.421.6491 digital_pager jeffl@cruzio.com AE6KS

In article <8ffgkvg0j5fv19gt0bencgbvcf70vqpvtv@4ax.com>,
Jeff Liebermann <jeffl@comix.santa-cruz.ca.us> wrote:
>On Sat, 23 Aug 2003 20:43:58 -0500, Nucleon <tcfelker@mtco.com> wrote:
>
>>Since yesterday or before, I can no longer access either sco.com or
>>caldera.com. Across the net, many others are experiencing this, but
>>nobody seems to know why. Does anyone know what's going on?
>
>Sorry, I have not inside information. However doing a bit of testing,
>I find that the www.sco.com server and one of the nameservers are
>down. However, some of the boxes are up. stage.caldera.com is up.
>(I'm too lazy to scan the IP block and see if there are any other
>servers that are up).
>
>Both www.sco.com and www.caldera.com are on some kind of load
>balancing contraption which might be the culprit. Dunno.
I just talked to the VIAWEST NOCC, and the SCO and CALDERA web/FTP sites
are blackholed because some lovely miscreants are DDOS'ing them.

When the attack stops, they'll lift the block
at InterNAP.

LER


--
Larry Rosenman http://www.lerctr.org/~ler
Phone: +1 972-414-9812 E-Mail: ler@lerctr.org
US Mail: 1905 Steamboat Springs Drive, Garland, TX 75044-6749

"Larry Rosenman" <ler@lerctr.org> wrote in message
news:bi9h2d$7dj$1@lerami.lerctr.org...
> In article <8ffgkvg0j5fv19gt0bencgbvcf70vqpvtv@4ax.com>,
> Jeff Liebermann <jeffl@comix.santa-cruz.ca.us> wrote:
> >On Sat, 23 Aug 2003 20:43:58 -0500, Nucleon <tcfelker@mtco.com> wrote:
> >
> >>Since yesterday or before, I can no longer access either sco.com or
> >>caldera.com. Across the net, many others are experiencing this, but
> >>nobody seems to know why. Does anyone know what's going on?
> >
> >Sorry, I have not inside information. However doing a bit of testing,
> >I find that the www.sco.com server and one of the nameservers are
> >down. However, some of the boxes are up. stage.caldera.com is up.
> >(I'm too lazy to scan the IP block and see if there are any other
> >servers that are up).
> >
> >Both www.sco.com and www.caldera.com are on some kind of load
> >balancing contraption which might be the culprit. Dunno.
> I just talked to the VIAWEST NOCC, and the SCO and CALDERA web/FTP sites
> are blackholed because some lovely miscreants are DDOS'ing them.
>
> When the attack stops, they'll lift the block
> at InterNAP.
>
> LER


I would blame this on sco's management.

Obviously you can't please everyone, but that doesn't mean you have to go
so incredibly far out of your way to antagonize a planet full of fresh
young linux whiz-kid hackers just itching for something to flex their
muscles on.

Shrewd.

It must say somewhere in the very early chapters of the "IT Industry
Organization Operators Handbook" "Don't piss off all the hackers on the
planet unless your servers are deep in a salt mine and not connected to
the rest of the world and powered off and disassembeled. It doesn't matter
if you are 'right'"

--
Brian K. White -- brian@aljex.com -- http://www.aljex.com/bkw/
+++++[>+++[>+++++>+++++++<<-]<-]>>+.>.+++++.+++++++.-.[>+<---]>++.
filePro BBx Linux SCO Prosper/FACTS AutoCAD #callahans Satriani

On Sun, 24 Aug 2003 05:05:17 +0000, Larry Rosenman wrote:

> I just talked to the VIAWEST NOCC, and the SCO and CALDERA web/FTP sites
> are blackholed because some lovely miscreants are DDOS'ing them.
>
> When the attack stops, they'll lift the block at InterNAP.
>
> LER

That's interesting, but can anyone confirm it? With some web searching, I
can only find info about the DDoS on May 2, which SCO was quick to blame
on Linux users. If there were another one, especially one that has
continued for at least two days, wouldn't we have heard about it in the
news?

It's quiet. Too quiet.

--
Nucleon, <tcfelker@mtco.com>
<http://vlevel.sourceforge.net> - Stop fiddling with the volume knob.

Life is like an analogy.

On Sun, 24 Aug 2003 14:20:02 -0400, Brian K. White wrote:

[snip]
>> I just talked to the VIAWEST NOCC, and the SCO and CALDERA web/FTP
>> sites are blackholed because some lovely miscreants are DDOS'ing them.
>>
>> When the attack stops, they'll lift the block at InterNAP.
>>
>> LER
>
> I would blame this on sco's management.
>
> Obviously you can't please everyone, but that doesn't mean you have to
> go so incredibly far out of your way to antagonize a planet full of
> fresh young linux whiz-kid hackers just itching for something to flex
> their muscles on.
>
> Shrewd.
>
> It must say somewhere in the very early chapters of the "IT Industry
> Organization Operators Handbook" "Don't piss off all the hackers on the
> planet unless your servers are deep in a salt mine and not connected to
> the rest of the world and powered off and disassembeled. It doesn't
> matter if you are 'right'"

Understandable though it may be, there's nothing shrewd about this DOS
attack - it's blemishing the (so far) unspoilt reputation of sensibility
of the Open Source community. In Eric Raymond's words at
http://linuxtoday.com/infrastructure...2400126NWCYLL:

"With whatever authority I have, I ask that the DOS attack cease
immediately. Please stand down now. We have better ways to win this fight.
There are at least three reasons running a denial-of-service against SCO
is a bad idea:
First: We're the good guys. But that doesn't matter if we aren't seen to
be the good guys. We cannot fight our war using vandalism and trespass and
the suppression of speech, or SCO will paint us as crackers and maybe win.
Let's keep the moral high ground here. Second: We have other tools that
are more powerful. We have an astonishingly strong set of facts on our
side. SCO has been caught in multiple lies, wholesale IP violations, and
defamatory statements. The way to destroy them is with legal weapons. We
can do that. Third: SCO is its own worst enemy. Every time its
spokespeople open their mouths, they dig their company's grave a little
deeper. Consider their statements at SCOforum and what followed. We're in
an even stronger position than we were three days ago."

In other words: give 'em enough rope to hang themselves. As recent events
suggest, SCO is perfectly capable of orchestrating it's own well-deserved
demise. The more utter bogus they launch into the world, the faster this
realm of greed, slander and paranoia can be burnt to the ground, ploughed
over and forever buried - by legal means that is. This DOS attack is
probably the best thing that could happen to them now, so it's vital that
it stops as soon as possible.

Richard Rasker

--
Linetec Translation and Technology Services

http://www.linetec.nl/

On Sun, Aug 24, 2003, Brian K. White wrote:
.....
>It must say somewhere in the very early chapters of the "IT Industry
>Organization Operators Handbook" "Don't piss off all the hackers on the
>planet unless your servers are deep in a salt mine and not connected to
>the rest of the world and powered off and disassembeled. It doesn't matter
>if you are 'right'"

This relates to the adage relating to getting into pissing contests with
newspapers. It doesn't pay when your opponent buys ink by the barrel.

The SCO management actions are more akin to going into a battle of wits
unarmed. McBride's latest rants on IBM's financing the opposition sound
like a ``B'' movie villain.

Bill
--
INTERNET: bill@Celestial.COM Bill Campbell; Celestial Systems, Inc.
UUCP: camco!bill PO Box 820; 6641 E. Mercer Way
FAX: (206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676
URL: http://www.celestial.com/

Just because you do not take an interest in politics doesn't mean politics
won'ttake an interest in you. -- Pericles

In article <pan.2003.08.24.18.31.20.925466@mtco.com>,
Nucleon <tcfelker@mtco.com> wrote:
>On Sun, 24 Aug 2003 05:05:17 +0000, Larry Rosenman wrote:
>
>> I just talked to the VIAWEST NOCC, and the SCO and CALDERA web/FTP sites
>> are blackholed because some lovely miscreants are DDOS'ing them.
>>
>> When the attack stops, they'll lift the block at InterNAP.
>>
>> LER
>
>That's interesting, but can anyone confirm it? With some web searching, I
>can only find info about the DDoS on May 2, which SCO was quick to blame
>on Linux users. If there were another one, especially one that has
>continued for at least two days, wouldn't we have heard about it in the
>news?
>
>It's quiet. Too quiet.
Read what I said. My post was after I talked to a gentleman (I didn't
write his name down) in the ViaWest NOC.

I don't have enough traffic at the ISP I work for to tell what's going on.

The ViaWest folks have apparently put the lid on, as I tried to verify
my post earlier today for someone, and couldn't get information.

The traceroute I ran acts like an ACL or NULL ROUTE or combination
of the two. (I'm a network engineer by trade, and the person that
does these blocks for us).

SO, the evidence is an ACL/NULL route for the /24 that the SCO/Caldera
web/FTP sites live in. the reason can't be 100% verified because
ViaWest can't say to a NON-Customer what's going on (standard policy).

LER

--
Larry Rosenman http://www.lerctr.org/~ler
Phone: +1 972-414-9812 E-Mail: ler@lerctr.org
US Mail: 1905 Steamboat Springs Drive, Garland, TX 75044-6749

On Mon, Aug 25, 2003, tony@aplawrence.com wrote:
....
>
>All you have to do is read slashdot for a week to know that the
>intelligence and maturity level of the Linux community is incredibly low.
>
>Eric's words won't fall on deaf ears, but they will fall on dumb ones.

Cute Tony. You're painting with a very broad brush there. The slashdot
crowd is hardly ``the linux community''.

Bill
--
INTERNET: bill@Celestial.COM Bill Campbell; Celestial Software LLC
UUCP: camco!bill PO Box 820; 6641 E. Mercer Way
FAX: (206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676
URL: http://www.celestial.com/

``Never do your enemy a minor injury.''
- Machiavelli

tony@aplawrence.com wrote:
>
> All you have to do is read slashdot for a week to know that the
> intelligence and maturity level of the Linux community is incredibly low.
>


Syllogism:

1) The intelligence and maturity level of the Linux community is
incredibly low.

2) Tony is a member of the Linux community.

3) ... ;-)

Frankly, I don't think you can reliably prove anything by reading
Slashdot for a week. Except maybe how to turn your brain to mush.

--
Ian Wilson.

<tony@aplawrence.com> wrote in message news:bictkd$b73$2@pcls4.std.com...
> All you have to do is read slashdot for a week to know that the
> intelligence and maturity level of the Linux community is incredibly low.

I somehow differ in that opinion, as /. can hardly be used as a reference
for determining demographics within the Linux community.

Newsgroup postings would be far more accurate in that determination.

Though, I have lost all interest in /. some time back because of the
cretins.

> Eric's words won't fall on deaf ears, but they will fall on dumb ones.

That assumes /dev/ears is even simlinks to /dev/head/leftear and
/dev/head/righteear which from past experience has shown to be linked to
/dev/wall/brick