Sprint Routers Stolen; NYC Internet Outage Ensues

cbnet2004 writes "This story on eWEEK reports that late Sunday night a number of Sprint's DS-3 network cards were stolen from a Verizon colocation center at 38th St in Manhattan. Some customers apparently have service back but a number remain down -- it could be a while. The latest rumor on this situation is that some fiber optic cables were cut as well; this could put the affected customers out for days more."

Was it easy? Why was it not major?

[erick99]

I wish the article had indicated how secure the area was where the cards were stolen. Was it a matter of walking into a room and pulling the cards or did the vandals have to go to a great deal of trouble? I hope it wasn't easy...I'd hate to think that this could be done on a widespread basis with relative ease.

This quote sort of caught me off-guard as I imagine some customers might disagree:

Fleckenstein said that the outage was "not major," and not large enough to require a report to the Federal Communications Commission.

The beginning of the article states:

A handful of corporate customers were left without e-mail and Internet access Monday after the theft of networking equipment from a New York City office late Sunday.

So, I would guess that the "handful" of corporate customers who lost service probably felt it was major to them. I understand the notion that it was not major in the sense of being more widespread, I just think his comment could have been worded better.

Happy Trails!

Erick

Re:Was it easy? Why was it not major?

[linzeal]

I used to work in datacenters throughout Silicon Valley and let me tell you that unless they have hired some kick ass security guards than shit gets stolen all the time. Usually small stuff like PDAs, or the like. Once I heard of an entire rack being stolen when it was left outside, thank god they were empty. Security for these places should be like fortx knox, and the second the card was removed there should be of been a notification to the current on-site physical security detail. These systems will not work unless interopabrable measures are taken to make sure everyones eyes are wide open.

Re:Was it easy? Why was it not major?

[jsse]

Security for these places should be like fortx knox, and the second the card was removed there should be of been a notification to the current on-site physical security detail.

Ar....that remind me of my days in a research lab.

Security guards downstair would be 'notified' whenever someone is attempting to reboot those SGI workstations at night. The problem was that SGI hanged up quite often. When this happen, we should either move to another workstation, wait til tomorrow morning. Sometime we had no choice but to trouble those security guards when we ran out of unhanged SGI. :)

Initially those security guards were nice to us as we didn't do reboot very often - until someone decided to replace all those SGI workstations with NT Alpha. You imagine how irritating to have been called 2-4 times every night.

Soon after the SGI were replaced by NT Alpha, those reboot-alarms were removed for obvious reason.

Re:Was it easy? Why was it not major?

[IgnoramusMaximus]

why would a guard care if a machine booted?

Not sure about SGI, but most standard UNIX machines can be rooted if you can get a custom boot floppy to boot so you can access the filesystem. NT is more difficult to compromise this way due to its convoluted/security-by-obscurity NTFS. That is not to say that NT is more secure, merely that this particular method is less useful.

Re:Was it easy? Why was it not major?

[IgnoramusMaximus]

Not really, all you need is a WinNT boot floppy with a few utils, none of the data is even encrypted.

What I meant is that it is harder to reset the root/admin password and/or install keyboard sniffers etc. And there is no such thing as a NT boot floppy, you mean a set of 4 uber-hacked disks at the minimum to get some sort of command prompt. NT is famous for being a royal PITA to repair from floppies, that is why there are bootable Linux CDs with (partial) NTFS support on them so you can at least try. Most

Re:Was it easy? Why was it not major?

[GSloop]

Jeepers...

That can be a boot floppy too.

On a NT/2000/2003 box, PDC/AD-PDC etc, I can get complete root access in less than 10 minutes, provided I can boot from CD/floppy. (If the file system is encrypted, then no go, but I suspect that is very rare.)

Sure NT/2000 can be a pain to *fix* if the filesystem trashes a bunch of things. But we're talking about a system that is functioning properly.

And with the shatter exploits, priviledged escalation is trivial on a Win box.

Frankly, for most boxes, local access is game over, but for Win boxes, it's pretty dang easy. Just do a google search for "NT reset password" - the first link is a free-ware utility that will do it easily for you. Ironically, it uses Linux and Linux drivers to do it for you...

Cheers,
Greg

Re:Was it easy? Why was it not major?

[SmackCrackandPot]

That reminds of a story I once heard. Some thiefs hired a pickup truck and attempted to steal a high-voltage sub-transformer from the side of building. Of course, they had to cut through the copper wiring first. (Un)fortunately, they failed to consider the concept of switching the power off first, and got the shock of their lives.

DataCenter Security

[kmahan]

The datacenters I've had gear located in have had great security. IN YOUR CAGE. They were very upfront about "if you leave your stuff laying around or your cage unlocked there's a good chance it'll be liberated."

Admittedly in these datacenters there were cameras everywhere..

And of course there are stupid people in these places -- like the folks (not from our company) that were wandering around and wondered "What does this Emergency Shutoff Button on this big power unit do?" Shut off a big portion of the datacenter. The result being certain folks permanently banned and better warnings/protection around the EPO buttons. (admittedly that's a tough one -- 'cause when you need to turn it off you REALLY don't want to waste time..)

Re:Was it easy? Why was it not major?

[pballsim]

My favorite one at my school was two people walked into a 'secure lab' - you needed an access card to enter into the room. The door was propped open to let some air in. They walked into the back room, picked up two servers, put it on a cart and left.

This happened when the lab was completely full in the middle of the day.

Re:Was it easy? Why was it not major?

[RollingThunder]

It's all about acting like you're supposed to be doing what you're doing. Act like you own the place, and nobody will say a thing to you.

How can they not figure out who did it?

[NotQuiteReal]

At least when I been into colocation facilities they had fairly rigorous check-in procedures.

Sure, I could have brought in a stick and poked at lots of other customer's gear, thru the chainlink cubicles, but I mean, I was signed in and on camera.

Check the log - when did the affected net go down and who was there at the time?

It has got to be a short list of visitors and guards or somebody is really stoopid.

Re:How can they not figure out who did it?

[harlows_monkeys]

At least when I been into colocation facilities they had fairly rigorous check-in procedures

The phrase collocation facilities could cover a wide range of facility types. It could cover a datacenter like you are thinking of, manned 24/7, or it could be a small switching center where Sprint has leased a rack from Verizon that is normally unmanned unless someone from Sprint or Verizon actually is working on the equipment.

There is one of the later near my apartment. Basically, a building smaller than a small house, with equipment from the ILEC and maybe one or two CLECs. I assume they have an alarm or security cameras, but someone could break the door, and be in and out, long before any police could arrive.

Unmanned Vz facilities

[Jayfar]

Verizon has more unmanned facilities (at least at night) than you can shake a stick at. As a nocster for a regional ISP, I can tell you - when a circuit goes down at night, if the testing and troubleshooting w/ Vz requires access to a CO, fugetaboutit till daytime - you can escalate to hell and back, but ain't nothing happening (for emergencies, their on-call techs typically don't respond to pages). Compounding the problem, most of our other circuit providers have to use Vz for the last mile 'tail' circuit.

Re:How can they not figure out who did it?

[tbase]

They could also keep an eye on this link. [ebay.com]

Re:Was it easy? Why was it not major?

[Zocalo]

A handful of WICs? Is that *all*? Lightweights! Real data center thieves take an entire mainframe, and *then* go back for a spare! [bbc.co.uk]

Then again, I suppose it does take some network connectivity to build a Beowulf cluster...

Re:Was it easy? Why was it not major?

[nolife]

One of those companies was our NY office ;)
We lost our direct extension phone dialing ability to them (could use the full 10 numbers though) and they completely disappeared from our network. They still had regular internet connectivity through a 100mbit cogent line and were able to access other company resources through our other offices Citrix metaframe farms [note 1] with almost full capacity but we still recieved numerous calls at our office as only the road warriors were actually used to using that method for access. We have the licences, horsepower, redundancy, and data sharing ability for this exact reason, well actually in case of another terrorist attack but it works for this too ;)

[note 1]
One thing stood out above all of this. About a year ago, a discussion at a network/desktop meeting lead to a disagreement but eventually a gadget VBS workstation AD weenie created a script on the pc's to "automatically" select connections to our fellow offices Citrix servers through the internal network if you were plugged into the internal network. It was to "eliminate" any http or https confusion as you technically did not need https if you were already on the company WAN, I guess the KISS approach was not a challenge. That was all fine and dandy until today when the route was down. They eventually pushed out an undo so you could connect either way but I wanted to call up and laugh and say I told ya so but I decided not too. What comes around goes around.

Re:Was it easy? Why was it not major?

[scenic]

Screw the implications for connectivity... if it's easy enough to break into rooms like this to steal crap... how hard is it to install sniffers and loggers? How often do people check the unmanned rooms? I realize the amount of data that would be generated, but presumably you could filter or do something with fast enough hardware or specialized equipment (I'm thinking big budget crime, not podunk credit card theft).

That bugs me more than people bringing down the Internet via theft...

sujal

Re:Was it easy? Why was it not major?

[Beowulf_Boy]

Not to sound stupid here, but I believe you can change MAC addresses. My school makes me report my mac address to plug in my computer, so I just swapped MAC's between my little linksys router and my desktop after I reported it, and then put all my equipment behind the router.

Potential Suspects

[The_Rippa]

Be on the lookout for crackheads with amazingly fast internet connections!

Re:Potential Suspects

[tsvk]

Be on the lookout for crackheads with amazingly fast internet connections!

I think we found them [slashdot.org] already....

Be on the lookout for...

[dark-br]

...dumb crackheads with amazingly cheap DS-3 cards for selling on eBay.

Re: Be on the lookout for...

[AlaskanUnderachiever]

hmm. . .

I don't see anything unusual yet [ebay.com]

That's odd ....

[jrl87]

This story's been on for a while and i see very few posts .... not even the usual fp BS .....

How many people were affected by this?

Re:That's odd ....

[goldspider]

".... not even the usual fp BS ..... How many people were affected by this?"

Good question, but now I guess we have a pretty good idea where all the FP trolls are from.

Haha

[stratjakt]

What kind of stupid moron would steal something like that. Probably some crackhead shmuck who didn't know what it was and figured it was worth a buck.

Who'd you sell it to? Dude will be busted. Someone walks up to you in an alley and say "wassup cuz you wanna buy a ds3 innernet?" it raises eyebrows.

Re:Haha

[gewalker]

Well, I just checked, the cards are not on Ebay (yet), but stolengoods.com looks promising :-)

(In reality, stolengoods.com is just a parked domain, no need to waste your time.)

Re:Haha

[Phurd Phlegm]

Who'd you sell it to? Dude will be busted. Someone walks up to you in an alley and say "wassup cuz you wanna buy a ds3 innernet?" it raises eyebrows.

We are talking NYNY here, right? Here in the Midwest, our impression is that no one would blink if you walked up to them and tried to sell them an oil drilling rig or an Aegis cruiser.

Re:Haha

[the pickle]

...or a local bridge.

Wanna buy?

p

Re:Haha

[identity0]

If these cards are like regular network cards, maybe they needed something to cut lines of coke with?

Imagine some druggie snorting coke off of a WinXP CD with the ds3 card, "Dude this is way better than a mirror and razorblade..."

Re:Haha

[Anonymous Coward]

Any true cokehead geek knows SODIMMS work best. They're just the right size, and even have a single notch for making neat little lines after you've chopped it all up.

I would have bought it in a second. Cash.

[Saeed al-Sahaf]

Well, neither you nor I may have use for them, but when I worked for Internet Entertainment Group, we had 2 (yes two) OC-3 lines and 6 T-1s RUNNING INTO OUR SERVER ROOM, all ours. Porn, people. Seth would have bought them without even a second thought.

My point is, Seth was not special, there are many many places to off high end network gear.

Re:Haha

[Bartgroks]

I dont know about the no market comment. This type of thing happens in the CATV industry all the time. One rural town had a cable system built entirely with stolen equipment and the system was awarded to the victim of the theft. My chief suspect would be a contractor who needed the cards to finish a job elsewhere.

Hmm

[Luigi30]

If it's so easy to steal these things, I hope nobody steal's my ISP'#353708534 ### NO CARRIER ###

Story from the mysterious future...

[nuclear305]

Next week on Slashdot:

NIC thieves busted! Traced by MAC Address when the stolen components were plugged in.

Re:Story from the mysterious future...

[Anonymous Coward]

Don't be nieve. If they have the brains to pull off this skilled robbery, surely they know to file off the MAC address.

MOD UP!

[papasui]

Funniest damn thing I've read since Sasser.

Re:Story from the mysterious future...

[morcheeba]

Nah, this kind of high-end stuff is usually sent to a chop-shop, where they'll part each one out into 28 T1 lines.

Re:Story from the mysterious future...

[Panaflex]

Evian

Disgruntled?

[bravehamster]

Sounds like a disgruntled Verizon customer decided to take out his frustrations...in which case I can hardly blame him. It's unfortunate that others had to suffer, but a man can only get passed from call center to call center so many times before he snaps like a dried twig.

I'm surprised it didn't happen sooner.

Re:Disgruntled?

[mausmalone]

I'm reminded of an old saying. "If you pay peanuts, you get monkeys." It used to apply to low paying jobs, but it seems to be spreading to any job where you're treated worse than the equipment (i.e. any non-management job). It's more like "you treat people like monkeys, they act like animals."

Small Business Killer

[yintercept]

I lived in an apartment complex where a small company was offering broadband internet access (circa 1998). Oddly, the day after they installed several grand in upgraded equipment...some jerk off broke into the telephone room and liberated the new routers. As the thief obviously knew the install dates and what to take, they figured it was either an employee or person in the supply chain.

The tiny company went out of business a few monthes later.

It is sad that we can't just put things in locked rooms and c

That's the same combination on my luggage!

[TheWanderingHermit]

Kind of like setting the password for your atmospheric shield to 1-2-3-4-5, then later finding out it's the same combination President Skroob uses for his luggage.

Poor security or inside job?

[Maul]

Much of the time, thefts at locales like this are often done by people with at least some inside knowledge of the site's security.

It'll be interesting to see where this investigation goes.

Re:Poor security or inside job?

[Neil Blender]

thefts at locales like this are often done by people with at least some inside knowledge of the site's security.

I have shopped around for a data center more than once. The people who take you on the tours are so eager for your business (at least nowdays) that they show you just about everything. One company even took me into a place where pretty much all the connectivity in Seattle passes through (a level 3 node or something, I can't recall the name.) This place was secured by two locked doors with no guards and street level access. I have seen plenty more 'security' that would be pretty easy to bypass. If you were a terrorist, it would be pretty damn easy to destroy many of these places.

The more

[Anonymous Coward]

I guess you could say the bigger the internet gets, the greater the chance it becomes for real life to come slapping it down. Somebody steals expansion cards from a CO = loss of service for 10's of 1000's of people. It's pretty interesting, almost reminds me of that Real Life DDoS schtuff.

Reading the Article and

[colk99]

in addition, no notice of the outage was posted to Sprint's Scheduled Maintenance and Outage page. Under FCC rules, phone carriers must report outages affecting more than 50,000 subscribers within two hours WHAT you are supposed to schedule your DS-3 cards being stolen 2 hours in advance

Re:Reading the Article and

[MBCook]

Well they tried to report it... but for some reason their internet connection was down.

:)

Did anyone check ebay?

[Neil Blender]

You might be able to get one cheap.

Probably being sold on the street

[acomj]

Those tables they set up with books music , watches videos. They have all sorts of stuff. When I was there, they were selling movies that weren't out in theaters yet. Shrink wrapped and everything.

stolen for money?

[dj42]

You have to assume they are going to sell them, but even so, it seems like if they show up on Ebay... If you're the kind of person that can pay for a DS3 connection to begin with, it's doubtful you need to be stealing that kind of hardware.

man....

[rune2]

Talking about stealing cable....

so.

[dj245]

There are a few explanations.

1. An employee stole the stuff and cut the wires to make it look like a vandal.
2. A vandal actually did it and will soon sell the goods on ebay
3. Spring is making the whole thing up to cover up their incompetence
4. The entire world is on crack.

Personally, I would vote choice 1.

You forgot....

[System.out.println()]

5. ?????
6. PROFIT!!!!

OMGOMGOMG!

[SCSi]

Some dude just sold me some DS3 cardz for like $30 bucks a piece! But they wont fit in my computer PCI slot! Plus I cant find where my phone jack plugs into it!!@!!!!!@# Someone help me! Man, im gonna be able to download so much more stuff than my dialup connection!
Thanks!~~~

Re:OMGOMGOMG!

[crashnbur]

Moderators, quick! Mod this up to put it on the FBI's radar. ;-)

CASE SOLVED

[jgaynor]

How hard is this one to figure out?

"late Sunday night a number of Sprint's DS-3 network cards were stolen from a Verizon colocation center at 38th St in Manhattan"

This can also be read:

"late Sunday night a number of MAJOR TELCO's DS-3 network cards were stolen from a RIVAL MAJOR TELCO colocation center at 38th St in Manhattan"

The reward money can be sent to my spam-obfuscated email addy.

Re:CASE SOLVED

[jdawg]

You're not kidding. My employer's voice provider [a CLEC, not Sprint] blamed Verizon techs for "stealing some boards from the CO" when I called to ask about our phone outage today.

VZ, especially in NYC, has a bad reputation for these antics.

Re:CASE SOLVED

[jrockway]

You called to ask about the phone outage? Umm, how did you go about that :)

Re:CASE SOLVED

[raygundan]

Perhaps he has one of those newfangled portable cellular phones in his automobile. I have heard that they can be as small as a briefcase.

Sweet validation.

[Shoten]

Okay, to the person who posted this [slashdot.org] in response to my personal description of some of VeriSign's security...THIS is why!

Physical Security

[Qbans]

It all comes down to physical security in the end. You can have the most secure network, but usually anyone with physical access to the equipment can attack it in several ways. They can obviously steal it, or steal parts of it. Hot swap hard drives are great except when someone can run up to a server in an unsecured server closet and in a few seconds have all of a company's data in their hands. Obviously most hardware vendors also put password "backdoors" (think default Cisco configs) that allow you to override any passwords, or recover passwords from a serial port.

Most people spend way too much time on thinking of attacks from the Internet or employees, but usually don't look at someone who wants to sabotage the equipment. Computer rooms usually contain all of the proprietary data in a company, and most companies don't put that much effort into patrolling computer rooms for people who shouldn't be there. Executives should make sure that physical security is part of the I.T. plan from the beginning and not an afterthought.

I'm assuming in this case it was in a Verizon C.O. which are usually somewhat secure, but something like this could happen anywhere, computer sabotage I think will become more and more common in the future as businesses rely more and more on them.

Re:Physical Security

[zerocool^]

Two cardinal rules of computer security:

1.) If it's plugged into the internet, it can be hacked.
2.) If they get to your hardware, you're fucked.

I'm still voting that it's an inside job.

~Will

Joint terrorism task force???

[pdcryan]

being investigated by New York City Police and members of the joint terrorism task force

That's just great. Not that I don't hope they find the crooks to walked off with this stuff - but once the word "terrorism" pops up, all of the sudden I'm thinking Patriot Act.

These thieves might have gotten themselves some kick butt network hardware - but I bet they won't get themselves due process

Re:Joint terrorism task force???

[Cid Highwind]

But seriously, as much as the internet is becoming the the globe's central nervous system, I don't see much problem with a limited suspension of due process rights with a theft of this scale, even if it still just boils down to theft.

I see a problem. Last year the Patriot act was only for infringing the constitutional rights of terrorists. Last week, it was only for terrorists and drug smugglers. Today it's terrorists, drug smugglers, and network card theives. Who's up next for loss of due process? People accused of robbery? Fraud? Speeding? Keeping overdue library books?

If you start denying due process to anyone it erodes the rights of everyone. Now we're seeing that slippery slope in action.

Re:Joint terrorism task force???

[Anonymous Coward]

04/29/04 Washington Post

Patriot Act Suppresses News Of Challenge to Patriot Act

By Dan Eggen
Washington Post Staff Writer

The American Civil Liberties Union disclosed yesterday that it filed a lawsuit three weeks ago challenging the FBI's methods of obtaining many business records, but the group was barred from revealing even the existence of the case until now. The lawsuit was filed April 6 in U.S. District Court in Manhattan, but the case was kept under seal to avoid violating secrecy rules contained in the USA Patriot Act, the ACLU said. The group was allowed to release a redacted version of the lawsuit after weeks of negotiations with the government.

"It is remarkable that a gag provision in the Patriot Act kept the public in the dark about the mere fact that a constitutional challenge had been filed in court," Ann Beeson, the ACLU's associate legal director, said in a statement. "President Bush can talk about extending the life of the Patriot Act, but the ACLU is still gagged from discussing details of our challenge to it."

A Justice Department spokesman declined to comment on the case.

The ACLU alleges that a section of the act is unconstitutional because it allows the FBI to request financial records and other documents from businesses without a warrant or judicial approval. The group also says such requests, known as "national security letters," are being used much more broadly than they were before the Patriot Act. The bureau has issued scores of the letters since late 2001 that require businesses to turn over electronic records about finances, telephone calls, e-mail and other personal information, according to previously released documents. The letters, a type of administrative subpoena, may be issued independently by FBI field offices and are not subject to judicial review unless a case comes to court.

The ACLU's complaint focuses on the use of national security letters to obtain information held by "electronic communication service providers." The group says the letters could force Internet providers to turn over names, screen names, e-mail addresses and other customer information without proper notice to the people involved. The lawsuit names as defendants Attorney General John D. Ashcroft, FBI Director Robert S. Mueller III and FBI Senior Counsel Marion E. "Spike" Bowman. A second plaintiff has joined the ACLU in filing the lawsuit, but that plaintiff's identity has been redacted from the public copy of the complaint.

Re:Joint terrorism task force???

[Malor]

So you only get due process if you're suspected of a LITTLE crime? Once you add a few zeroes after the dollar sign, the rules change?

If we take away rights from whoever is unpopular with the government today, then we don't have rights, period. The whole IDEA of rights are to protect you from the government and other citizens. The worst scumbags in the world have rights. In fact, it's probably the scumbags who most SHOULD have them, because they NEED them the most.

The measure of your rights is what you retain when your your government hates you and wants you dead. Rights that you have only when popular aren't rights, but privileges, which are revocable.

Any group of people that values life over freedom is easy to enslave.

Re:Joint terrorism task force???

[wibs]

So you only get due process if you're suspected of a LITTLE crime? Once you add a few zeroes after the dollar sign, the rules change?

That's funny, after watching the way white collar criminals were dealt with (enron, etc), I was under the impression you were only given due process if you had a few extra zeroes after the dollar sign.
And by due process I of course mean a red carpet...

Well, that explains that...

[LostCluster]

The outage affected area customers of Sprint Corp., including Ziff Davis Media Inc., the publisher of eWEEK.com.

No wonder eWeek was the first on the story, even though it took them a while to publish it.

Fiber Optics Cable Dynamics

[thedogcow]

The article mentioned that the fiber optics cables were cut, which is a great business opportunity for people who "join" those cables together.

100K or so a year for fixing fiber optic cables... I'm definently in the wrong field. Of course, those technicians have to be very precise or else you get refraction in the wire.

Re:Fiber Optics Cable Dynamics

[glitch!]

100K or so a year for fixing fiber optic cables... I'm definently in the wrong field. Of course, those technicians have to be very precise or else you get refraction in the wire.

I imagine fiber repair guys earn their pay, especially when it's out in some muddy hole and they have a couple hundred strands to fuse together while everyone is breathing down their necks.

Just wondering out loud... It would be really cute if some of the fiber repair guys worked for the NSA. "Of course there's a blip in the TDR, that's where we repaired it." "Okay, nevermind."

Working in the NOC

[Anonymous Coward]

Imagine my surprise to see this up on slashdot. Last night around 10 PM mountain I saw a couple circuits go down in NYC. So being the enterprising person I am, I immediately decided that it must be a higher level service problem with our Provider. I call them up, tell them what's going on, and they (Qwest) complete my suspicions and confirm they are having a higher level outage problem. About 4 AM Mtn I called Qwest for an update. They informed me that they were still waiting access as the site was currently cordoned off as a police crime scene and they were still awaiting access. Wow... Cool... never heard that one before during the night shift.

Re:How they did it

[lucifuge31337]

Dude...we're not talking about "network cards" in a PC. These are DS3 WICs, probably in 7206VXRs or the like. Not only is there no unscrewing of a case (other than the two thumbscrews at either side), but they're fine to yank while powered up.

What's amazing (and it may not be the case, as we don't know all of the details, I'm sure) is that a simple correlation of the start time of the network down event and the sign-in log and security cameras (if any) hasn't been done to ID who did it. These facilities aren't particularly heavily trafficed by people on Sunday evenings, and they usually aren't all that big.

the verizon dude now sez

[zenrandom]

Can you ping me now? no?!!! oh shit!!!

Osama World OnLine!

[GaryOlson]

Osama Bin Laden is proud to announce our new Osama World -- over 120Mbs throughput for even the most demanding user! Building schematics, engineering specifications, maps, satellite photos, passport templates, and more INSTANTLY available to expedite your next business trip or publicity event.

Large chat rooms available for to discuss with the experts on a variety of subjects: cultural assimilation, border crossings, language skills, practical chemistry, and MORE.

GIRLS, GIRLS, GIRLS!!!!!

Find the young Islamic girl of your dreams -- hajib optional. All credit cards accepted.

Visit Osama World OnLine NOW!!!

Routers Missing - Happens a lot.

[z_gringo]

I had two routers go missing from a transport room, which should have less people in and out. My name and phone number was all over the cabinet and the routers.

To be fair, I hadn't connected them yet, so they were just in the cabinet not powered up, and I was going to bring them up the next time I returned to that location, which was going to be in about 3 months. All to often, in a production environment, when there is an emergency, anything not powered up is often considered fair game. I'm sure that the routers are still in use at the company, I just can't find them.

Most colo space in our company is pretty secure. You'd have a pretty tough time getting in if you weren't supposed to be there. Even if you did get in to the colo space, most customers keep the stuff that they manage themselves in locked cages, inside the already secured colo space. Perhaps it was Verizon employees just trying to screw over Sprint. Or perhaps Sprint didn't secure their stuff properly.

------Can you hear me now?.

I am so NOT surprised.

[pyite]

Even though this is a Verizon location, the fact that it's Sprint equipment just makes it BEAUTIFUL in my eyes. Last time we had a problem with our Sprint OC-3, I called up the emergency number and got a voice prompt run around. Mind you, the POS interface was down/down with no sign of why it happened. Finally I got a "tech" who said the line was working normally. Then he said that he actually didn't know if it was up or down. At that point, I flipped out and told him to put a real tech on the line who could help me. Of course, that never happened, he instead forwarded it to their Layer 1/2 group. That whole experience left me with a horrible taste in my mouth. At a previous job, I had a mere T1 to Genuity. One time my boss needed a crossover cable and he took the one between the router and the firewall (can't make this crap up). Within mere minutes, Genuity called (this was the weekend mind you) and said "Ethernet0 is showing down, any idea why?" Let's see, Genuity is proactive with a T1, yet Sprint couldn't give a damn about an OC-3 POS line.

I found it -

[4ginandtonics]

on ebay [ebay.com]

Well... maybe not found it... but sure found a replacement!

I wonder if Sprint can afford it.

Hmm... I wonder if I just put myself, or them, on the FBI watch list...

New York Theives... If it aint locked down

[acomj]

In the mid 1990s parked my GTI in the West 12 th with out of state plates. I was staying at a friends young and naive. Only thing I left in the car was the "Matt pack" in the front seat and a small bag of dirty laundry out of site in the hatch. The Mattpack was a 5 pound lead acid battery with some electronics and LEDs on top for charging and current/voltage control.. About the size of a soda can but square and black. The top contained custom electronics job by Matt Kahn electicrical engineer extrodinare.
Who would want this? Its big its heavy and useless to anyone but me (It powered a flash for my camera.)

Stolen.

So were the dirty clothes.

Basically if your not carefull or tie stuff down in NY it will be stolen. I got over it but I still miss New York

Re:New York Theives... If it aint locked down

[nomadic]

See, that's why New Yorkers don't have cars.

Forget co-lo. Go solo

[rjamestaylor]

Or, if you can't afford solo, go managed hosting with a company like Rackspace.

I do.

I've been to one of their data centers. I met the former black ops specialist who's responsible for building them up and locking them down. Take a router? Ha. You can't get in door of the datacenter, much less into the datacenter.

I'll go back to my own equipment when I need my 1000th redundant DB master. Then I think I can afford to build the redundantly powered, redundantly backed up, quadratically backboned, overly secured, continuously manned building that goes around important production servers. Funny how the facility is usually left out of the equation not only of the cost but of the requirements for 24x7 uptime.

I've seen one too many people lingering in the XO co-lo facility on Barranca in Irvine, CA (last time I was there, anyway) reading the ID tags and ip addresses of the servers in adjacent cages. No thanks. I think I can begin to keep out Internet intruders, but physical accessors always have an advantage (cloop.o or not).

But Quietly..

[bigattichouse]

Ahh.. I wonder if they will actually look on the other machines in the data center to make sure the theft wasn't just a cover for loading services/keyloggers/etc on the boxes through the data center... sort of a distraction with the fringe benefit of some sellable hardware.

38th street datacetner

[Anonymous Coward]

Ok - this is MY main pop - but im not a Sprint customer.

I mention this because I have some anecdotal evidence that shows that as secure as the mantrapped and biometrically scanned datacenters are, they really arnt.

Location: Exodus, New Jersey (its the datacenter that was in the big new building above the first path station in NJ - I just cannot remember the name of the building or the train station!)

Time: summer 1999

Issue: company needs to move 16 servers, 2 routers, a firewall, some switces and hubs out of the datacenter.

Procedure to enter: get signed in via biometric security and massive checkin procedure at front door. To get to the front door, you have to walk by the freight elevator, as well as a little wooden door with a twist lock on it.

How I got my kit out: I simply "borrowed" a hand cart, and walked out the back door (the little one I passed on the way to the checkin facility) The twist lock was on the inside, so I just un-locked it and walked out without anyone seeing me.

This made me feel REALLY secure.

Stolen or damaged?

[Anonymous Coward]

Sorry for the AC.

My business initally heard stolen equipment but we were later told that it was caused by damaged equipment from a "Verizon union employee".

I was not on the call but that type of information is VERY specific and there is no gray area or room for interpetation there. I assume this is either totally 100% completely false or someone else knows something more.

Hmm...

[retro128]

My spidey sense tells me that there are four really cheap DS3 cards to be had on eBay. Gotta go!

FP !!!

[Anonymous Coward]

FP!! Wtf though is up with these ungodly ping times here in NY.

Isn't it obvious?

[Godeke]

The pirates who wanted more bandwidth [slashdot.org] have landed in New York!

Switch room ops

[JohnnyComeLately]

I worked as a switch tech at Nextel and later as second tier tech support at Sprint PCS.

The physical security is usually pretty good. About on par with a normal Fortune 500 company, where you scan into areas that you have a reason to be in. The switch room is usually a little harder to get in, especially since 9/11. At Nextel, they actually hired armed guards for a short while when we almost hired an alleged Felon. A competitors security guard recognized him and tipped off our security. Turns out he was supposedly part of a crew that carted off entire racks of telecom equipment.

Getting back on topic. The cards sound like they are the DS3 that pop into a larger fiber demark, like an OC12, 48 or 192. The cards are pretty small and just have coax-looking DS3 plugs on the front (in, out, and monitor). These aren't cards you could really ever use anywhere else. It almost sounds like someone accidentally yanked the wrong cards during maintenence. Although, most telecoms are very religious about not doing maint during the day (if the outage started at night, tho, I'd say it was a switch tech who screwed up).

The reason I'd assert this is the theft was too small to be of any other value. Three DS3 cards aren't going to fetch much, and they're tainted goods. If you're malicious, you're not going to just grab 3. If you're damaging a competitor, grabbing 3 cards is somewhat silly. We commonly have a backhaul path in preparation for things such as this. For example, when I worked at Nextel a fiber dig broke a couple DS3s we had going through PacBell. Within 4 or 5 hours, we swung the traffic over to other DS3s that bypassed the carrier and area with the break.

On a side note, it was also an eye opener that the "Protected, Redundant" Ring-topology that we were paying extra for was not being provided by the Telco. Let's just say there were some very colorful conversations going on between companies at the VP level.

Re:Switch room ops

[apayne]

Well, depending on the make and model of the switch, the DS-3 interfaces could be rather spendy. We have 4 such Cisco 6500 series modules at my day-job. Together they cost upwards of $100K US 3 years ago.

Someone mentioned tracking by MAC address... an OC-3/DS3 is a channelized TDM line. 28 DS1 channels of serial data. This is below IP layer. The only identification is going to be a serial number. This will only matter if someone attempts to connect it with a service contract with the manufacturer.

Someone

new Nigerian Scammer

[Darthmalt]

Hello owing to the death of my rch uncle I have come into possesion of some advanced technology. However due to the import / export restrictions I am unable to move it out of the country. I have some ds3 internet cards I will give you in return. Please contact me as soon as possible.

Terrifying 911 call from incident

[shadowmatter]

911: 911 Emergency line
Slashdot user: I just lost all Internet!!!
911: Excuse me?
Slashdot user: I was just about to first post to Slashdot, and I clicked "Submit," and nothing happened. I tried to ping them to see if I was dreaming, but got nothing, so I tracerouted and found out I couldn't get past localhost.
911: I don't understa...
Slashdot user: My god, this first post would have done wonders for my karma! And now I've been beaten by a goatsex troll...
911: Sir, this line is used strictly for emerencies...
Slashdot user: THIS IS AN EMERGENCY, DAMN IT!!! Send ambulences! DSL repairmen! Cowboyneal! I won't leave this computer until I get my Internet back, and I only have half a can of Mountain Dew to live on till then!

38th Street CO

[mclaugh]

Like most/all Verizon Central Offices, security is via a keycard. If your keycard does not automatically grant you entry to the C.O., you must be manually allowed in by a guard. Each "guest" must sign in.
38th Street C.O. is just about the highest trafficked C.O. in the world, in terms of Frame Terminations and the like. Being in Central Manhattan, near one of the major CoLoc Hotels nearby, only increases the data throughput on all the eqpt therein.
Vandalism is most likely, performed by another company's techs.
Also- when they say it's not considered a "major" failure, it's b/c Verizon is strictly governed by the PSC's guidelines as to what constitutes "major". These guidelines provide the framework that determines how Verizon (and others) are/can be fined each year with respect to how many/long outages.

Stupid Security

[rednox]

We used to have a rack in a very prominent facility with lots of excellent security measures.

1. Security guards at the front desk to check photo ID passcards
2. Swipe passcard at light-beam turnstile for entrance to facility.
3. Passcard to activate elevator
4. Coded lock on cage
5. Locked server rack cabinet

Unfortunately every one of these security measures could be easily bypassed.

1. Security Guards didn't even look at you, let alone your photo ID passcard
2. People swiped their passcard wrong so often that the guards just waved you through if they heard the beep of an improper entry.
3. Anyone coming in at the same time as you would swipe their card, unlocking the elevator buttons.
4. Our cage door lock stopped working (probably a dead battery), and I discovered that anyone with reasonably long fingers could easily reach the latch on the other side and open the door.
5. I forgot the keys to our rack cabinet one time and a sharp tug easily forced the cheap lock to open.

The security guards didn't even ask us any questions or look at our ID when we moved our gear out of there. I'm glad we did!

Hollywood Movie

[macdaddy]

From the makers of "Dude, Where's My Car?" comes this summer's romantic routing comedy, "Dude, Where's My Router Blades?", a traceroute through a DS3 interface's puberty through to it's first 3-way handshake.

Vixie gives it an allow ACL.

Cisco's "Packet" magazine calls it "this season's most secure flick".

NANOG calls it "an interface to remember".

(ignore the creative liberties. I was out of ways to tie things together...)

No Comment

[cyranoVR]

I would write something, but unfortunately I live in NYC and can't get online to make a comment right now.

Sucks... :(

COs are typically rigorous on uptime/reliability

[Anonymous Coward]

and security is definitely a part of that. When I was in school in Pittsburgh we went on a tour of the local CO. This was a relatively major CO in that it linked long distance lines between the south and northeast corridors, and also was the first roll-out for DSL in the country. It also handled Internet backbone traffic for CMU and UPitt, so the need for reliability was high. The only reason we were allowed in was that our prof was nationally known in the telco industry.

First off, let me just say that the one thing telcos get right is engineering for uptime and reliability. When companies talk about "dial tone" reliability, there's a reason for it. Think about it, when was the last time your phone stopped working (assuming you're still with a Baby Bell for local calls)? They have engineered triple redundancy for power for the station:

1. Two independent power feeds from separate substations each running at 50% with a crossover switch. If one station goes down, the other flips to 100% draw with no downtime.
2. Failing that, 2 diesel powered generators with enough fuel to run the CO for 3 weeks without interruption.
3. Failing that, enough lead acid batteries to run the entire station for 13 hours. Some of those dated back to the 60s, but were maintained in pristine condition.

Now, the one thing I will say is that co-located equipment was treated like it was coated in anthrax. It was maintained in a separate cage that could not be accessed from the main building. All co-located equipment was accessed from a separate street level entry that only had a single door and no monitoring. So if the stolen equipment was from Sprint in a Verizon CO, odds are that no one from Verizon was even watching it. (This was back when the 94 telecom bill was just coming into effect, so all of these rules were new...)

For the main building, we had to be escorted at all times, and the engineer we were with got antsy if we bumped against any of the equipment (including some great old magnetic physical switches that were still in use for some old lines). But I wasn't too impressed with the overall security. Some locked doors and a security guard but nothing fancy. That said, if any of Verizon's equipment had broken/shut down I'll guarantee that they have an immediate monitoring/notification system.

Hmm...

[Max Threshold]

Anything look familiar [ebay.com]?

It's hard to imagine anybody would be so stupid, but then, it wouldn't be the first time.

Re:vulnerability

[idiot900]

Everybody is so concerned with security online. It means nothing if somebody can just walk into your building and take your stuff.

Sure it does. Suppose your data is encrypted using your public key, and you keep your private key with you. If your data is worth more than the media it's stored on, you've just averted a catastrophe by keeping it from falling into the wrong hands.

Re:vulnerability

[Qbans]

That's the truth. I've worked in places where the management is more concerned with the security of the accounting department (which is paperless btw) than the security of the computer room down the hall. The accounting department had key card access, restricted hours, etc. while the computer room just had a regular old lock and the keys were kept in an office managers drawer.

Re:This is really bad.

[System.out.println()]

What if a terrorist had got in there and blew up all our data.

Then, if your hosting company isn't full of morons, you will restore it from the multiple backups.

Re:This is really bad.

[Anonymous Coward]

it worries me that people can just roll in there and steel our equipment

I don't need to worry about that because most of my equipment is steel already. Except my Powerbook, which is aluminum.

What if a terrorist had got in there and blew up all our data.

That would be terrible. I remember one time when I spilled all of my data on the floor. I was cleaning it up for days; it's almost impossible to get data out of a carpet once it dries!

For terrorists this would be a major blow to interest banking which they so abbhor.

I'm sure Osama bin Laden is at this very moment plotting to destroy those infidel bankers that are keeping his billions secure and earning him a nice revenue stream through his investments.