nanog mailing list archives

Re: Banc of America Article

From: Roger Marquis <marquis () roble com>
Date: Tue, 28 Jan 2003 08:26:10 -0800 (PST)


alex () yuriev com wrote:

It could be that BoA's network wasn't flooded / servers infected, but that
the ATM's do not dial BoA directly, and dial somewhere else (ie, maybe some
kind of ATM Dial Provider, nationwide wholesale, etc), and then tunnel back
to BoA to get the data.  Could be that the upstream of either the dial
provider, or BoA was just flooded...


Again, that design makes nearly no sense. The vast majority of the ATMs that
banks own and operate directly are located in the LATAs with bank branches.
Those branches do have good connectivity to the bank processing centers be
that via dedicated links, VPN or carrier pigeons.


While the exact mechanism of BofA's exposure is important it is
nowhere near as important as the fact that they were, and presumably
are still, exposed.  My money's on Frame Relay congestion.

Some department at BofA, short on engineers and long on budget-oriented
management, likely made a decision that saving a lot of money was
worth a bit of exposure.  I know that decision has been made at
other banks.

-- 
Roger Marquis
Roble Systems Consulting
http://www.roble.com/

Current thread:

RE: Banc of America Article, (continued)
- RE: Banc of America Article Ray Burkholder (Jan 26)
  - Re: Banc of America Article Mike Nice (Jan 26)
    - Re: Banc of America Article alex (Jan 27)
  - RE: Banc of America Article Alex Rubenstein (Jan 26)
    - Re: Banc of America Article Jack Bates (Jan 26)
  - RE: Banc of America Article alex (Jan 27)
- Re: Banc of America Article Steven M. Bellovin (Jan 26)
  - Re: Banc of America Article Mike Nice (Jan 26)
- RE: Banc of America Article Temkin, David (Jan 26)
  - RE: Banc of America Article alex (Jan 27)
- Re: Banc of America Article Roger Marquis (Jan 28)
- RE: Banc of America Article alex (Jan 28)
- Re: Banc of America Article Steven M. Bellovin (Jan 28)