How to protect your self from the architect of the network ?

Almost everyone uses Cisco equipment. They have to have physical access to the routers and even if they are not Cisco it should be no problem. I can get into any router no matter the password in under three minutes as long as I have physical access. And then I can change any password with no problem at all.

Every router in the world has this type of back door just for these cases. It does not surprise me however as almost every state employed IT person I have ever met is unqualified for their job.

I have had to do this in the private sector many many times. It's not that hard guys.

Rick Cook has written thousands of articles, and that means what--- he knows "Microsoft Word"?
Phaseit? WHO? No. Seriously...WHO?

Want to know SECURITY go take a few classes at SANS. (http://www.sans.org/)

SANS - those who create YOUR internet!

why is all the hubbub about this guy blocking access to everyone else? Worst case they can contact the manufacturer of the servers, routers or whatever to regain access.
If they can't regain access, the whole IT department should be fired!!

No really, who is this guy that wrote this article?

Because from what he wrote, it is meaningless. Mentioning NASA and the military and using 2 people's key to access something is not even a possibility. I'd be glad to be proven wrong, but I know I've worked on a great number of routers and switches from most manufacturers and have yet to see any type of authentication mechanism.. Doesn't exist. Not saying it wouldn't be a good idea to add to their OS, but doesn't exist currently.

And as configs stand now, there will always be someone who holds the top password/root access to something. Someone or multiple people in your orginization. Point is, any of those could kill the other accounts, and leave his only. That's why manufacturers of network appliances, system OS's, and the like all have a back way if you have physical access. Secure the physical access, alwys backup running config, always document and have a disaster recovery plan that is in multiple places.

There's how you recover! Not this guy who doesn't know what he is talking about!

piece of shit I've seen covering the Child accusation yet!

"You have a clue what the OSI model is and what basic security practices are in a IT infrastructure -- there end of this article."

If you think Networking actually operates on the OSI model you're a joke. The OSI model is nothing but a convenient way of outlining general principles, and falls apart whenever applied to a real network. It's just not that simple.

The real problem here is that we have a massive influx of moron wannabes in the IT industry. People who watch ITT tech commercials and say to themselves "I could be a network engineer too! how hard can it be?" Just because you know how to set up a LAN at home does not make you network engineer. Unfortunately those are the kind of people that are finding their way in a lot of times. There are plenty of proven security policies and principles which could have prevented this entire mess from happening, but most of this guy's colleagues were obviously either too stupid or too lazy to care.

People like the anonymous psoter of the quote above are perfect examples of this. If you think you can break network security down into a one line statement about the OSI model, then you're a bloody windowlicker. If you're actually in a position to be in charge of entwork security for anything other than your home LAN, I weep for your employer.

Well the city of SF got caught with the old knickers around their ankles. From the size of the cash being paid out it also sounds like they did not have any system configuration or image back up policy in place.
I just hope this does not result in an industry wide issue of suspecting all sys admins of being edgy and "rouge" ha ha.
Are there any articles that present Childs point of view? I'm curious because they either reallllly pissed him off or he, in fact, is edgy and rouge.