"Smart" hands around Dulles airport / northern VA.
warren at kumari.net
Sat Jan 17 12:41:17 CST 2009
On Jan 17, 2009, at 10:37 AM, Jim Willis wrote:
> Q: What! Are you crazy? I'd never let a stranger into my cage!
> A: Huh, neither would I, but some people are less paranoid than us
> and / or know and trust me."
> I wouldn't allow my wife in my cage let alone a stranger and I
> hope my colo would deny you both as well!!!
Yup, I would hope that your colo would deny us (and everyone else as
well) -- unless you call in a ticket and say something like "Please
give Bob access to my cage / cabinet on Thursday at around noonish..."
As for the stranger bit -- we all have different levels of trust /
paranoia. I personally rank towards the top of the paranoia scale, but
if I had a widget in Wyoming that needed wiring and one of the people
that I know personally from the list happened to be around there, I'd
probably trust them more than the colo provided folks. This all
depends upon what the widget it, what needs doing and who the person
is -- there are some people that I wouldn't let near my gear with a
50ft pole and some people that I trust to some (small) extent.
There are some folks that are much more trusting (or possibly more
desperate) than us though. Last time I made this offer I got (amongst
other requests) a call in the middle of the night some someone I'd
never met (nor heard of) asking me to please go over and console into
a router as they had managed to push an ACL and lock themselves out --
he cheerfully volunteered his locally configured account info and
seemed surprised when I suggested that that, now that it was exposed,
he immediately change it everywhere...
The type of gear that I have in the cage also plays into this as well
-- if the only gear in the cage is networking gear I'd be more
comfortable that if there are servers and such. Yes, it is possible
that someone could insert a tap or connect to my management network
(or a whole host of other nefarious things), but a: this is something
that they could do anyway if they were determined enough (if you trust
your colo provider to provide perfect physical security than you are
1: stupid and 2: less paranoid than me) and b: I'd have an easier time
auditing network gear than servers.
> I suppose this may be useful for some as there have been two
> responses to your initial posting however, we use locked cabinets
> and cages for a reason. I can appreciate wanting to return the trust
> and community to the industry even though the outlook looks bleak on
> your behalf.
Just for information, I have received 8 off-list responses from people
thanking me and volunteering their time, ranging from NoVa to Chicago
to TX to the Bay Area -- sometime I'll set up a list or website where
people can list where they can help out.
Once again, this is purely an offer that people can take advantage of
if they want -- I am not forming some secret cabal of trained ninjas
that will break into people cabinets and swap linecards while no one
is watching, nor am I trying to coerce anyone into doing something
that they are not comfortable with.
It's your network, if you need an XFP swapped and would like me to do
so, great. If you don't, great.
> On Sat, Jan 17, 2009 at 10:56 PM, Brandon Galbraith <brandon.galbraith at gmail.com
> > wrote:
> On 1/16/09, Warren Kumari <warren at kumari.net> wrote:
> > Hi all,
> > This is a mail that I have been meaning to send ever since I moved
> back to
> > the NoVA area, but have only gotten around to now...
> > Many years ago I used to provide emergency, smart hands type
> assistance to
> > those in need, but had to give this up when I moved out of the
> area. Anyway,
> > I'm back and am willing to start doing this again....
> > This is primarily for those cases where you would normally have to
> > someone out to have them replace a line-card or two, hook up a few
> > maybe swap a disk in an array, etc. This is not for those cases
> where you
> > simple need someone to push the reset button, nor for rebuilding
> your entire
> > cage from scratch...
> > Anyway, if you have gear here and think that you might need to
> take me up
> > on this, drop me a mail and I'll give you my direct contact info...
> > If you like this idea, and are willing to also provide this sort
> of thing
> > to the community (either in this, or in another area), please let
> me know --
> > I'll look into setting up a website / mailing list / something...
> What Warren said. I'm in the Chicagoland area.
> Brandon Galbraith
> Voice: 630.400.6992
> Email: brandon.galbraith at gmail.com
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 2173 bytes
Desc: not available
More information about the NANOG