nanog mailing list archives
Re: Spanning tree melt down ?
From: Chris Kilbourn <kilbo-list () forest net>
Date: Wed, 27 Nov 2002 09:13:36 -0800
At 11:10 AM -0500 11/27/02, Eric Gauthier wrote:
I don't know which scares me more: that the hospital messed up spanning-tree so badly (which means they likely had it turned off) that it imploded their entire network. Or that it took them 4 days to figure it out.
If it's anything like a former employer I used to work for, it's possible the physical wiring plant is owned/managed by the telco group which jealously guards its infrastructure from the networking group.
A subnet I used to work on was dropped dead for a day when a telco-type punched a digital phone down into the computer network causing a broadcast storm. It took half a day just to get the wiring map, then another half day to track down the offending port because the tech in the network group dispatched to solve the problem did not have a current network map.
The subnet in question contained a unix cluster with cross-mounted file systems that processed CAT scans for brain trauma research. The sysadmin of that system told me that they lost a week's worth of research because of that cock-up.
Hospitals are very soft targets network-wise, with hundreds, if not thousands of nodes of edge equipment unmanned for hours long stretches. On a regular basis, I saw wiring closets propped open and used as storage space for other equipment.
Track down a pair of scrubs, and you can walk just about anywhere in a hospital without being challenged as long as you look like you know where you are going and what you are doing.
Ten years later, there are still routers there that I can log into as the passwords have never been changed because the administrators of them were reorganized out or laid off and the equipment was orphaned.
Minimal social engineering plus a weak network security infrastructure is a disaster waiting to happen for any major medical facility.
-- Regards, Chris Kilbourn Founder _________________________________________________________________ digital.forest Int'l: +1-425-483-0483 where Internet solutions grow http://www.forest.net
Current thread:
- Spanning tree melt down ? Marshall Eubanks (Nov 27)
- Re: Spanning tree melt down ? Stephen J. Wilcox (Nov 27)
- Re: Spanning tree melt down ? Joe Abley (Nov 27)
- Re: Spanning tree melt down ? Stephen J. Wilcox (Nov 27)
- Re: Spanning tree melt down ? Joe Abley (Nov 27)
- Re: Spanning tree melt down ? Eric Gauthier (Nov 27)
- Re: Spanning tree melt down ? Chris Kilbourn (Nov 27)
- Re: Spanning tree melt down ? Stephen Sprunk (Nov 29)
- Re: Spanning tree melt down ? Daniel Golding (Nov 29)
- Re: Spanning tree melt down ? David Lesher (Nov 29)
- Re: Spanning tree melt down ? Daniel Golding (Nov 29)
- Re: Spanning tree melt down ? Rafi Sadowsky (Nov 29)
- Re: Spanning tree melt down ? Daniel Golding (Nov 29)
- Re: Spanning tree melt down ? Jim Segrave (Nov 30)
- Re: Spanning tree melt down ? Rafi Sadowsky (Nov 30)
- Re: Spanning tree melt down ? Stephen Sprunk (Nov 30)
- Re: Spanning tree melt down ? Sean Donelan (Nov 30)
- Re: Spanning tree melt down ? David Lesher (Nov 29)
- Re: Spanning tree melt down ? Stephen J. Wilcox (Nov 27)