If you know anything you know this a load of crap. Yeah the guy was an Idiot and yeah he should and most likely will go to jail. My issue is with the retards SF has working in their IT dept. Anybody that can get physical access to the switches and routers can reset the passwords. Yeah it would be a hassle and take time but it's not the end of the world and they certainly should not have to replace the equipment.
|
Does Verizon's Voyager stack up to the iPhone? |
|
|
5 IT skills that won't boost your salary 
[1,407]
Women 4 times more likely than men to cough up personal info [589]
Japan's 10 funniest tech-related commercials [Videos] [407]
Throwing away a promo CD is "unauthorized distribution"? [1,265]
Adults too quick to dismiss educational video games [682]
Attack of the iPhone clones [Slideshow] [578]
10 things IT needs to know about AJAX [1,258]
This Year's 25 Geekiest 25th Anniversaries [Slideshow] [409]
|
|
physical hardwawre
Not sure about the previous comment of this being a load of crap. High end gear does not have a "reset" switch like home routing gear does. Even if it did, the complexity of setting up WAN links and security is not an elementary issue. Accurate documentation is key to protecting infrastructure. To call professionals "retards" seems awfully crass. If the person commenting is involved with the system setups, that's one thing. Otherwise, I question the validity of his/her comment.
Obviously you have never changed the password on a Cisco
You can change the register it boots to and reset the password and change the register back. That goes for 90% of cisco stuff. I dont see why you would have to replace it.
Also, if it came down to it I am sure they can wipe it and just load a config.
I'm not talking about a reset switch...
I'm not talking about a reset switch. I'm talking about have a laptop with a serial cable hooked to the device. Most all devices have a method by which when you reboot the device and hit key combinations or enter certain commands while the device is booting you can break into the device and reset the passwords. I have personally done this with high end cisco gear and other vendors harware.
Exactly!!
You are correct, and I've put the same info in another posting of my own. If you have physical access to the box, you should be able to do a password recovery operation. Anyone can look up the procedure at Cisco.com.
I didn't find anything "crass" about your comments. But I don't like it when peole throw around replies critical to a post while saying "I'm not sure about..". If you aren't sure, then listen to the person who is!
And as far as recreating WAN line configurations, addressing, etc. - it shouldn't be required for this incident, but I think you and I know that backup config files should be around, and even if they weren't you could deal with it in other ways.
I don't understand why this one incident is making such big headlines! So far, he hasn't destroyed or leaked data, hadn't denied them use of the network, etc. He definitely IS an idiot, but there are bigger crimes out there on a regular basis. This flap just builds on people's lack of understanding and computer network fear.
SF
I agree with this comment completely, except that I'm not sure about him being an idiot. The manager should be fired for stupidity.
So nobody else knows how to reset the routers?
If the news reports are accurate and Childs is just holding the admin passwords hostage what' sthe big deal?
As a field tech I hit this same problem at least 2-3 times a month, albeit not for the same reason, usually passwords have been forgotten/not written down/ or the admin that set it up has moved on.
I end up resetting the switch 7/or router to bare factory defaults and then reload the configuration and apply new passwords.
I then include that info in the job file and e-mail it to the client.
Viola! problem solved (until next time)
Not so easy..
It is true that usually a serial cable and going through the router password reset sequence will be enough. This does however firstly require down-time to the router or switch.
Having said that, its very important to note that Cisco added a command to 12.3 no service password-recovery which disables the ability to do a break in. Not completely, but once this has been configured the configuration cannot be recovered.
Now.. is this a disaster.. well, in a properly managed network where you have enough redundancy to take down a device and recent backups to recover the device, its not an absolute disaster, but its very time consuming and highly inconvenient to say the least.
Password Recovery
Based on other news stories I though this guy locked staff out of databases or servers of some kind.
Getting into a Cisco Router without a password only requires a serial cable, a PC, and a terminal emulation program.
If this the command "no service password-recovery" was entered prior to this incident. The city will also need to have valid configuration files, because after this command is issued, one can "break" into a router, but the configuration will be erased. If this command was not issued, the City simply has to schedule a short down time for each router (15 - 20 minutes should work). Power down the system, issue the break command during boot up, make a change to the config file and reboot (Some devices will require a change to the config register, others may also require a change to AAA settings).
If you would like to see a detailed explanation of the procedure go to Cisco.com and search on password recovery.
How do you get new equipment outside of your budget ?
1)Hire someone less than professional
2)Have them set up your equipment
3)Don't have them give you the passwords & config info
4)Piss them off and fire them
Now you have the "critial disaster" you need to solve
--- How?
Why new replacement equipment of course!
No way anybody could budget for a "Critical Disaster"!
And as a bonus you need extra overtime and more staff than you have to install the replacement gear (again not in your budget).
Of course the powers that be understand that this all has to be done yesterday ---
CaChing.
How do you get new equipment outside of your budget ?
1)Hire someone less than professional
2)Have them set up your equipment
3)Don't have them give you the passwords & config info
4)Piss them off and fire them
Now you have the "critial disaster" you need to solve
--- How?
Why new replacement equipment of course!
No way anybody could budget for a "Critical Disaster"!
And as a bonus you need extra overtime and more staff than you have to install the replacement gear (again not in your budget).
Of course the powers that be understand that this all has to be done yesterday ---
CaChing.
Post new comment