Slashdot Mirror
Is it Just Me, Or Is Our Mainframe Missing?
xnuandax writes "Here's a salient lesson for those system security personnel who spend their time fretting over the theoretical crack-ability of their 1024 bit encryption keys. Australian Customs have recently suffered a rather unfortunate set back in their "War Against Terror" with the admission that two of their secure mainframe servers have been wheeled out of the building by persons unknown. I'll bet my $2 that the root password on those boxes was 'trustno1'."
is more important than anything else. Some years ago, people stole from Harrods in london, by simply taking a whole cash register, while disguised as maintenance men.
Oh well, what the hell...
The big question has to be; what have they left behind? The guys who knicked the servers were floating around the Customs building for the better part of 5 hours. I'd bet a penny to a pound that they left backdoors open to get back in when they feel like it.
From my perspective as a former sysadmin/security guy, how could someone not notice that 2 main fileservers were suddenly offline? Alarm bells should have been ringing the second they came offline. Where's the monitoring? I suppose at the very least that its a kick in the ass to anyone who thinks that physical security and good procedures are any less important than firewalls and network intrusion detection.
"I'm tired of all this 'Aren't humanity great' bullshit. We're a virus with shoes" - Bill Hicks
Hey, why all the hassle ?
A good sysadmin has all important stuff backed up. And if you do it properly the backup is sent to a offsite location. Isn't it easier to steal those backup tapes or discs? If you are lucky the outsourced company doesn't even notice the theft or someone who does not want to loose his job does not tell anyone.
So my question is: Do *you* encrypt your backups?
So, the servers had neither personal nor business data on it. So what's left? The server must have been empty then, good riddance.
Heh. I had friends who used to do A/V work at various hotel ballrooms for conventions and the like. Even when they weren't working, they could put on black t-shirts, throw a wrapped up extension cord over a shoulder, and waltz in through the service entrance, straight through the kitchen, and nab a LARGE drum of Hagen Daas from the freezer without breaking a problem.
This sig intentionally left justified.
If I call up my IT help department to reset a password, they check 1) what extension I'm calling from, 2) they ask for my employee ID number, and 3) they CHECK whether they match up!
After that, they will reset a password for me, which I am *required* to change upon my next log in.
If I'm not calling from my own extension (which requires physical access to my office), they won't reset anything until one of their people meets me and confirms my identity.
It always amazes me when I hear how sloppy some places are.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
It was in a central room, which had one door and no windows. The door opened to a hallway. From that hallway, you could either go out past the receptionist, past one of the company founder's office, to get out the front door, or you could go the other way, past my office, and the offices of a couple other programmers.
We noticed the machine missing at noon. It had last been used at 11am. Between that time, the receptionist had been on duty, the founder had been at work in his office with the door open, and four programmers had been at work with their doors open, facing the hallway.
There had been the usual bathroom breaks, trips to the printer, and stuff like that, but still...it seems like it would require amazing timing to find an opportunity in there to sneak the thing out...and there was no vantage point outside the building from which one could see that the route would be clear.
At a previous employer, one of our customers had their main Netware server stolen during the working day.
Two men dressed as couriers wandered into the reception, said that had a faulty machine to pick up, were let into the machine room, and walked out with the 3000 file server.
It took the network admin over an hour to realise that the server had been taken - they had even logged a fault call with us stating that users were having problems accessing their data.
Reminds me of that ATM machine that was stolen from Snow Hall on military base, they didnt find it for 2 years until a long dry spell let a pond get real low.
For those that dont know Snow Hall is a tech training center and has 24 hour security and video cameras. The machine was quite large and bolted to the floor and since it was the day before payday it was full also. 250k was in it I believe.
Only bank robbers I know of that got away with it AFAIK.
Long ago, I worked on a military project. One of the people in the same office was an army officer. He had a picture of himself in the full uniform of his rank - in the KGB. He had the uniform made up, and a pass - right colour, right photo, but otherwise entirely in Russian. He walked right into a highly securre area and went, in full KGB uniform, to tell the Head of Security what he thought of the security precautions.
Consciousness is an illusion caused by an excess of self consciousness.