And it isn't Friday (yet)
I suppose Simon would be proud.
Of course, as any BOFH knows: ALL managers are stupid. That's why they were promoted to the position!
The sysadmin accused of hijacking San Francisco's network may have surrendered the passwords needed to regain control of key parts of the system, but the move hasn't gotten anyone very far. A judge has refused to lower his $5m bail, and officials say they are still locked out of some portions of the network. The decision came …
How the f**k can a single person wipe out so many critical networks covering such a wide range of functions?
Sounds to me this is a case of incompetent network design.
It reminds me when I stayed in San Fran for a couple of weeks some years back, one morning a considerable part of the city had lost power.
The cause? A former employee still had door keys to a power distribution station and took it upon himself to wipe out the electricity supply.
They just seem to be so completely inept, it's unreal.
You see all these horror stories, films where hackers wipe out infrastructure services using the internet and you now realise: this could only happen in America. The risk is real.
Is it really possible to rig a network to fail in the event of a power failure, or if someone carries out maintenance on it. I'd love to know how, has this guy actually gone into every network device and modified the internal code ?
Come on Reg. Let's have an analysis on what he might have done and how he might have done it.
>prosecutors said during a hearing Wednesday that Terry Childs intentionally rigged >the network to fail during maintenance or any time it experience a power failure.
>Childs's decision two days ago to cough up the passwords during a jail-house visit
>by San Francisco Mayor Gavin Newsom came only after a scheduled power outage
>on July 19 failed to trigger the meltdown
So they went ahead with a scheduled power cycle, even though they were under the impression that it would seriously foul up their network?
Hmm.
So either they hoped it would happen, to give them more ammunition for their case , or they were too stupid to work out the consequences of what they were doing, or they're lying.
Yes. You haven't been following the whole story. Childs doesn't keep the config for all the devices written into their NVRAM. Every time a box reboots, he has to re-load the configuration (There was some suggestion that Childs may even have deleted these copies of the configs, so it wouldn't be possible to reload them as they don't exist any more). For some of the more remote units he allowed the config to be stored in NVRAM, but with a no service password recovery command.
The guy configured the routers but then purposely didn't write the config to memory. So when the power goes off they come up blank and they had to call him out to download the config from his PC. He was the only guy on call and the only guy with the passwords so no one new the configs except him. He thought he was god essentially.
Jerk more like
You'd have thought that someone else in San Francisco knows how to reset a router/switch password locally. Must have done something unpleasant to the memory to and left the config in flash so they carried on running, so the only way they would boot would be via the network.
So waterboard the chump until his gives up the passwords to the server with the network configs and config brand new devices to replace they ones he's "tampered" with.
See? easy. Now there is the unpleasant matter of my bill.
"Is it really possible to rig a network to fail in the event of a power failure"?
Apparently he didn't bother saving the routers configuration to the flash memory so the configuration would have been wiped if the power was cycled.
Someone posted a link yesterday to an article which had an interview with one of his workmates who shed a lot more light on the whole situation.
surely it would be possible for the maker of any kit involved to access the device, read the config in NVRAM and write it out to a file and reset the password?
i am over-simplifying something i dont understand?
Now , if its was OS X, you could simply boot from the CD and use the 'Reset Password' Utility....
...they really will be up shit creek. Why don't they get someone to redo the design of the network and replace the lot? Surely he isn't the only CCIE in SF?
I once had a contract where I had to move a network and a bunch of systems where the sysadmins responsible were being made redundant. Needless to say, they didn't provide anything - passwords, diagrams, etc. I broke into the systems and figured out how everything was connected and then re-invented the network in the new location.
Is it just me, or is there an inherent conflict of interest in this case?
Is the judicial / court's network part of overall city network which Child's was managing? If so, it would seem pretty darn easy to prove a mis-trial in a higher court as the judge would not be impartial to the proceedings.
This incident illustrates why information security and IT audit people keep harping on "segregation of duties" and "dual control."
Maybe some psychology grad student would like to explore why so many network admins/architects are so secretive, but until then, I offer a layman's explaination of what I call: "Ciscoitus."
Ciscoitus: A form of obsessive-compulsive/paranoid persecutory disorder generally afflicting only network administrators and architects, marked by paranoid persecutory delusions that any disclosure of the configuration details of technology (routers, switches, etc.) under their control will result in unjustified and irreparable harm. Behaviors often attributed to this disease are:
1) Compulsive and unremitting need to be constantly aware of the state of the technology under their control. Usually manifested by the construction of various methods of self-torment, such as systems that transmit pages and emails in the middle of the night to notify the afflicted party of subtle or irrelevant events.
2) Concealment of any relevant details of their designs based on the irrational fear that peer review will result in persecution.
3) The irrational but firmly held fast belief that knowledgeable persons in roles of authority (quite often represented by the cohort group of information security practitioners) have conspired to belittle their intellectual efforts.
4) The need to implement technologies of ever-increasing complexity having no actual practical benefit (see definition: MPLS) in order to support their internal concepts of grandeur and to justify their advancement (see definition: resume padding) to positions of greater authority and control.
5) Extreme social isolation and self-imposed social constraint to only those persons who speak the Internetworking Operating System language. Profound behaviors of tribalism and xenophobia to those perceived to be outsiders.