The rapidly spreading MyDoom worm (a k a Novarg.A by Symantec Corp. and MiMail.R by Trend Micro Inc.) is poised to perform a denial of service (DOS) attack against The SCO Group Inc.'s Web site (www.sco.com).
The new worm has many of the standard malware worm behaviors of recent attacks in addition to the DOS attack, and this is not the only recent DOS attack against SCO's Web site. As is shown by performance monitoring of access to the Web site by the British security analysis firm Netcraft Ltd., the recent performance problems at the site may or may not be related to the worm, and we had no trouble getting to the site. MyDoom also opens TCP ports in the range of 3127 to 3198 to create an open proxy server for remote access by attackers.
