Spanning tree melt down ?
Chris Kilbourn
kilbo-list at forest.net
Wed Nov 27 17:13:36 UTC 2002
At 11:10 AM -0500 11/27/02, Eric Gauthier wrote:
>I don't know which scares me more: that the hospital messed up spanning-tree
>so badly (which means they likely had it turned off) that it imploded
>their entire network. Or that it took them 4 days to figure it out.
If it's anything like a former employer I used to work for, it's
possible the physical wiring plant is owned/managed by the telco
group which jealously guards its infrastructure from the networking
group.
A subnet I used to work on was dropped dead for a day when a
telco-type punched a digital phone down into the computer network
causing a broadcast storm. It took half a day just to get the wiring
map, then another half day to track down the offending port because
the tech in the network group dispatched to solve the problem did not
have a current network map.
The subnet in question contained a unix cluster with cross-mounted
file systems that processed CAT scans for brain trauma research. The
sysadmin of that system told me that they lost a week's worth of
research because of that cock-up.
Hospitals are very soft targets network-wise, with hundreds, if not
thousands of nodes of edge equipment unmanned for hours long
stretches. On a regular basis, I saw wiring closets propped open and
used as storage space for other equipment.
Track down a pair of scrubs, and you can walk just about anywhere in
a hospital without being challenged as long as you look like you know
where you are going and what you are doing.
Ten years later, there are still routers there that I can log into as
the passwords have never been changed because the administrators of
them were reorganized out or laid off and the equipment was orphaned.
Minimal social engineering plus a weak network security
infrastructure is a disaster waiting to happen for any major medical
facility.
--
Regards,
Chris Kilbourn
Founder
_________________________________________________________________
digital.forest Int'l: +1-425-483-0483
where Internet solutions grow http://www.forest.net
More information about the NANOG
mailing list