However, for a variety of reasons, only a fraction of the machines infected by the virus are taking part in the attack, Schmugar
said.
Machines that have been turned off for the weekend cannot attack. And, due to a coding error in the virus, only around one
in four machines that are running and infected will launch an attack, he said.
NAI estimates that between 25,000 and 50,000 machines were involved in the attack on www.sco.com Sunday, Schmugar said.
Speaking on Friday, SCO spokesman Blake Stowell said that the company had contingency plans that would sidestep the coming
DDoS attacks, but did not want to give the Mydoom author advance notice of what those plans were.
He denied that SCO was considering moving its site to a managed network such as the one owned by Akamai Technologies, Inc.
Any efforts to block the attack would be managed internally at SCO, he said.
Among the options SCO was considering was moving its Web site to a new Internet address that is not targeted by Mydoom, Stowell
said.
As of Friday, SCO was speaking with customers about its plans and giving them ways to stay in contact with SCO during the
attack. SCO would release more information about steps it was taking to deal with the Mydoom attack "on Sunday or Monday,"
Stowell said.
The Mydoom virus is programmed to continue its attack on www.sco.com until February 12, 2004, F-Secure said.
The SCO Web site may be reachable before then, as the owners of infected computers remove the virus from their machines. However
the site will probably continue to be slowed until Mydoom turns itself off, Schmugar said.
E-mail
Printer Friendly
Reprints
(InfoWorld) - In the litigious world we live in, deploying a unified communications platform in your enterprise could...
