Microsoft faces Mydoom and lives

Microsoft's website remained online, despite a pre-planned attack by a Mydoom worm variant that infected hundreds of thousands of computers worldwide.

On Tuesday US time, thousands of computers infected with the virus Mydoom B variant were set to conduct a distributed denial of service (DDoS) attack against Microsoft web sites.

Microsoft and The SCO Group were both targets of DDoS attacks from Mydoom, which forced compromised systems to bombard the home pages of SCO and Microsoft in the hopes of overloading their servers and making the URLs inaccessible.

However, unlike The SCO Group's website -- which was brought down by the original Mydoom worm, Mydoom.a, over the weekend -- Microsoft's site remained up and running. SCO removed its original site from the Internet's global directory, and now offers www.thescogroup.com as an alternative.

A Microsoft spokesperson declined to discuss the specific remedies the software behemoth took to prevent the reported DDOS attack, simply stating “we are doing everything we can to ensure that Microsoft websites remain fully available to our customers.”

“Microsoft is aggressively working with our Virus Information Alliance partners to help protect customers from this outbreak,” he said.

UK website monitoring firm Netcraft reported Microsoft had shortened the time to live (TTL), on its DNS entry to five minutes, previously set to under an hour, in anticipation of the Mydoom payload.

Microsoft also made an alternative web site available at https://information.microsoft.com, as a back up in case people experienced difficulty accessing www.microsoft.com.

Netcraft said Microsoft had been circumspect towards the potential payload of Mydoom B virus, accepting the significantly higher load on its name servers. Netcraft also reported that response times on alternative SCO website, www.thescogroup.com, became erratic overnight as the site suffered over an hour of outages.