Collocation Access

Warren Kumari warren at
Mon Oct 23 18:34:11 UTC 2006

On Oct 23, 2006, at 10:57 AM, Roland Perry wrote:

> In article <20061023103731.W56322 at>, John A.  
> Kilpatrick <john at> writes
>>> The fellow I chatted with at AT&T said they are not allowed to
>>> hand over their badge because it would compromise their security.
>> My tech said the same thing.  That keycard could grant central  
>> office access
> On its own? No keycode or anything. What if he lost it?
>> so he couldn't surrender it.
> But presumably it would need to be stolen. Wouldn't the tech notice  
> that happening... Or is there some way the colo security guy can  
> clone it undetected?

These are trivial to clone -- all you need is a reader hooked up to a  
PC and you can read the number off the card. You can then buy a batch  
of cards that cover the serial numbers that you are interested in  
(no, I don't really understand WHY you can buy numbered ranges, but  
you can...)

The other alternative is something like:
This device will read and clone a large number of proximity cards --  
you don't even need real access to the card, all you need to do is  
brush up against the cardholder with the antenna cincealed in your  

> -- 
> Roland Perry

If the bad guys have copies of your MD5 passwords, then you have way  
bigger problems than the bad guys having copies of your MD5 passwords.
-- Richard A Steenbergen

More information about the NANOG mailing list