We present our analysis of the December 2003 Distributed Denial-of-Service (DDoS) attack against the SCO group. In spite of rumors that SCO faked the denial-of-service attack to implicate Linux users and garner sympathy from its critics, UCSD's Network Telescope received more than 2.8 million response packets from SCO servers, indicating that SCO responded to more than 700 million attack packets over 32 hours. The outage was also documented by Netcraft and others. We present the details of this specific analysis as well as the principles and techniques behind UCSD's network telescope observatory station.