Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
Location: Georgia, on the Florida line, right above Tallahassee
10,471 posts, read 15,778,959 times
Reputation: 6435
Advertisements
Report: IT Admin Locks up San Francisco's Network - Yahoo! News (broken link)
The employee, 43-year-old Terry Childs, was arrested Sunday. He gave some passwords to police, which did not work, and refused to reveal the real code, the paper reported.
Just a reminder to be nice to your IT admin. And assuming we're talking about routers and servers, aren't there ways to bypass/break/reset the passwords? I know its really easy with consumer grade stuff and Windows.
Just a reminder to be nice to your IT admin. And assuming we're talking about routers and servers, aren't there ways to bypass/break/reset the passwords? I know its really easy with consumer grade stuff and Windows.
As the saying goes... if you have physical access to the device, all bets are off. So yes. Cisco router/switch passwords can easily be changed by changing the boot register, and just about all servers OS's can be "breached" if you have console access. Unix by going into single user mode and Windows through a number of tools.
I'm wondering if they're afraid to do anything because of potential zero-day exploits or time bombs that may have already been installed by the guy....
I'm just surprised that the owners of such a critical system would allow something like this to happen. Their IS Director needs to be scrutinized.... administrative controls should have been in place to not allow one person to have the "keys to the kingdom". What if this guy was cool but got hit by a bus???
I'm just surprised that the owners of such a critical system would allow something like this to happen. Their IS Director needs to be scrutinized.... administrative controls should have been in place to not allow one person to have the "keys to the kingdom". What if this guy was cool but got hit by a bus???
You hit the nail on the head. This is not the admins fault this was allowed to happen but someone higher. And physical access is usually whats needed to regain access to anything, but I think there is more to the story. I think he has root on some boxes and thats what they dont have, and has locked out some admin functions or something. The network is up and working, but they are locked out of some features. As much as it damages the reputation of respectable admin types, it gives the disgruntled ones like me a little giggle.
You hit the nail on the head. This is not the admins fault this was allowed to happen but someone higher. And physical access is usually whats needed to regain access to anything, but I think there is more to the story. I think he has root on some boxes and thats what they dont have, and has locked out some admin functions or something. The network is up and working, but they are locked out of some features. As much as it damages the reputation of respectable admin types, it gives the disgruntled ones like me a little giggle.
He probably disabled physical access on them and now they need to be hard reset... and Im not knowledgable enough to know if there are ways to physically reset things to zero.
Plus, this is the equipment for the city of San Francisco's police department... its not like there's a time period when its not being used.
They're probably working on finding some way to brute force the passwords without disabling remote access.
its tough to keep your IT guys from having too much access if they choose to abuse it.
IT folks who want to know more details about this story will enjoy the article at the link below. It provides lots of explanation about what was locked and a lot of first-hand opinions from people who know they guy who did the locking.
Wow. Sounds like they're going to have to hard reset everything and start from scratch. I bet they'll document everything, including the passwords, this time around. I wonder how long it'll take to get all the bugs out.
If nothing else, there will be a lot of unhappy network admins across the country as their networks and who has access, and what access levels come under serious scrutiny.
It sounds to me like he may have been able to enable other people into the network, or set up sniffers to catch data... but it doesn't sound like that was his intent...
Please register to post and access all features of our very popular forum. It is free and quick. Over $68,000 in prizes has already been given out to active posters on our forum. Additional giveaways are planned.
Detailed information about all U.S. cities, counties, and zip codes on our site: City-data.com.