Slashdot Mirror
Sprint Routers Stolen; NYC Internet Outage Ensues
cbnet2004 writes "This story on eWEEK reports that late Sunday night a number of Sprint's DS-3 network cards were stolen from a Verizon colocation center at 38th St in Manhattan. Some customers apparently have service back but a number remain down -- it could be a while. The latest rumor on this situation is that some fiber optic cables were cut as well; this could put the affected customers out for days more."
This quote sort of caught me off-guard as I imagine some customers might disagree:
Fleckenstein said that the outage was "not major," and not large enough to require a report to the Federal Communications Commission.
The beginning of the article states:
A handful of corporate customers were left without e-mail and Internet access Monday after the theft of networking equipment from a New York City office late Sunday.
So, I would guess that the "handful" of corporate customers who lost service probably felt it was major to them. I understand the notion that it was not major in the sense of being more widespread, I just think his comment could have been worded better.
Happy Trails!
Erick
http://www.busyweather.com/
Be on the lookout for crackheads with amazingly fast internet connections!
This story's been on for a while and i see very few posts .... not even the usual fp BS .....
How many people were affected by this?
What kind of stupid moron would steal something like that. Probably some crackhead shmuck who didn't know what it was and figured it was worth a buck.
Who'd you sell it to? Dude will be busted. Someone walks up to you in an alley and say "wassup cuz you wanna buy a ds3 innernet?" it raises eyebrows.
I don't need no instructions to know how to rock!!!!
If it's so easy to steal these things, I hope nobody steal's my ISP'#353708534 ### NO CARRIER ###
503 Sig Unavailable
The Signature could not be accessed. Please try again later or contact the administrator
Next week on Slashdot:
NIC thieves busted! Traced by MAC Address when the stolen components were plugged in.
Sounds like a disgruntled Verizon customer decided to take out his frustrations...in which case I can hardly blame him. It's unfortunate that others had to suffer, but a man can only get passed from call center to call center so many times before he snaps like a dried twig.
I'm surprised it didn't happen sooner.
---- El diablo esta en mis pantalones! Mire, mire!
Kind of like setting the password for your atmospheric shield to 1-2-3-4-5, then later finding out it's the same combination President Skroob uses for his luggage.
Much of the time, thefts at locales like this are often done by people with at least some inside knowledge of the site's security.
It'll be interesting to see where this investigation goes.
"You spoony bard!" -Tellah
...dumb crackheads with amazingly cheap DS-3 cards for selling on eBay.
I used to work in datacenters throughout Silicon Valley and let me tell you that unless they have hired some kick ass security guards than shit gets stolen all the time. Usually small stuff like PDAs, or the like. Once I heard of an entire rack being stolen when it was left outside, thank god they were empty. Security for these places should be like fortx knox, and the second the card was removed there should be of been a notification to the current on-site physical security detail. These systems will not work unless interopabrable measures are taken to make sure everyones eyes are wide open.
An Education is the Font of All Liberty
Sure, I could have brought in a stick and poked at lots of other customer's gear, thru the chainlink cubicles, but I mean, I was signed in and on camera.
Check the log - when did the affected net go down and who was there at the time?
It has got to be a short list of visitors and guards or somebody is really stoopid.
This issue is a bit more complicated than you think.
Some dude just sold me some DS3 cardz for like $30 bucks a piece! But they wont fit in my computer PCI slot! Plus I cant find where my phone jack plugs into it!!@!!!!!@# Someone help me! Man, im gonna be able to download so much more stuff than my dialup connection!
Thanks!~~~
How hard is this one to figure out?
"late Sunday night a number of Sprint's DS-3 network cards were stolen from a Verizon colocation center at 38th St in Manhattan"
This can also be read:
"late Sunday night a number of MAJOR TELCO's DS-3 network cards were stolen from a RIVAL MAJOR TELCO colocation center at 38th St in Manhattan"
The reward money can be sent to my spam-obfuscated email addy.
It all comes down to physical security in the end. You can have the most secure network, but usually anyone with physical access to the equipment can attack it in several ways. They can obviously steal it, or steal parts of it. Hot swap hard drives are great except when someone can run up to a server in an unsecured server closet and in a few seconds have all of a company's data in their hands. Obviously most hardware vendors also put password "backdoors" (think default Cisco configs) that allow you to override any passwords, or recover passwords from a serial port.
Most people spend way too much time on thinking of attacks from the Internet or employees, but usually don't look at someone who wants to sabotage the equipment. Computer rooms usually contain all of the proprietary data in a company, and most companies don't put that much effort into patrolling computer rooms for people who shouldn't be there. Executives should make sure that physical security is part of the I.T. plan from the beginning and not an afterthought.
I'm assuming in this case it was in a Verizon C.O. which are usually somewhat secure, but something like this could happen anywhere, computer sabotage I think will become more and more common in the future as businesses rely more and more on them.
being investigated by New York City Police and members of the joint terrorism task force
That's just great. Not that I don't hope they find the crooks to walked off with this stuff - but once the word "terrorism" pops up, all of the sudden I'm thinking Patriot Act.
These thieves might have gotten themselves some kick butt network hardware - but I bet they won't get themselves due process
Ryan Kennedy opposes comm
The outage affected area customers of Sprint Corp., including Ziff Davis Media Inc., the publisher of eWEEK.com.
No wonder eWeek was the first on the story, even though it took them a while to publish it.
Then again, I suppose it does take some network connectivity to build a Beowulf cluster...
UNIX? They're not even circumcised! Savages!
What if a terrorist had got in there and blew up all our data.
Then, if your hosting company isn't full of morons, you will restore it from the multiple backups.
I've got more mod points and GMail invi
That's the truth. I've worked in places where the management is more concerned with the security of the accounting department (which is paperless btw) than the security of the computer room down the hall. The accounting department had key card access, restricted hours, etc. while the computer room just had a regular old lock and the keys were kept in an office managers drawer.
Imagine my surprise to see this up on slashdot. Last night around 10 PM mountain I saw a couple circuits go down in NYC. So being the enterprising person I am, I immediately decided that it must be a higher level service problem with our Provider. I call them up, tell them what's going on, and they (Qwest) complete my suspicions and confirm they are having a higher level outage problem. About 4 AM Mtn I called Qwest for an update. They informed me that they were still waiting access as the site was currently cordoned off as a police crime scene and they were still awaiting access. Wow... Cool... never heard that one before during the night shift.
Can you ping me now? no?!!! oh shit!!!
100K or so a year for fixing fiber optic cables... I'm definently in the wrong field. Of course, those technicians have to be very precise or else you get refraction in the wire.
I imagine fiber repair guys earn their pay, especially when it's out in some muddy hole and they have a couple hundred strands to fuse together while everyone is breathing down their necks.
Just wondering out loud... It would be really cute if some of the fiber repair guys worked for the NSA. "Of course there's a blip in the TDR, that's where we repaired it." "Okay, nevermind."
A dingo ate my sig...
I had two routers go missing from a transport room, which should have less people in and out. My name and phone number was all over the cabinet and the routers.
To be fair, I hadn't connected them yet, so they were just in the cabinet not powered up, and I was going to bring them up the next time I returned to that location, which was going to be in about 3 months. All to often, in a production environment, when there is an emergency, anything not powered up is often considered fair game. I'm sure that the routers are still in use at the company, I just can't find them.
Most colo space in our company is pretty secure. You'd have a pretty tough time getting in if you weren't supposed to be there. Even if you did get in to the colo space, most customers keep the stuff that they manage themselves in locked cages, inside the already secured colo space. Perhaps it was Verizon employees just trying to screw over Sprint. Or perhaps Sprint didn't secure their stuff properly.
------Can you hear me now?.
-- -- Warning. Do not stare directly at the sun.
Even though this is a Verizon location, the fact that it's Sprint equipment just makes it BEAUTIFUL in my eyes. Last time we had a problem with our Sprint OC-3, I called up the emergency number and got a voice prompt run around. Mind you, the POS interface was down/down with no sign of why it happened. Finally I got a "tech" who said the line was working normally. Then he said that he actually didn't know if it was up or down. At that point, I flipped out and told him to put a real tech on the line who could help me. Of course, that never happened, he instead forwarded it to their Layer 1/2 group. That whole experience left me with a horrible taste in my mouth. At a previous job, I had a mere T1 to Genuity. One time my boss needed a crossover cable and he took the one between the router and the firewall (can't make this crap up). Within mere minutes, Genuity called (this was the weekend mind you) and said "Ethernet0 is showing down, any idea why?" Let's see, Genuity is proactive with a T1, yet Sprint couldn't give a damn about an OC-3 POS line.
"Nature doesn't care how smart you are. You can still be wrong." - Richard Feynman
Security for these places should be like fortx knox, and the second the card was removed there should be of been a notification to the current on-site physical security detail.
:)
Ar....that remind me of my days in a research lab.
Security guards downstair would be 'notified' whenever someone is attempting to reboot those SGI workstations at night. The problem was that SGI hanged up quite often. When this happen, we should either move to another workstation, wait til tomorrow morning. Sometime we had no choice but to trouble those security guards when we ran out of unhanged SGI.
Initially those security guards were nice to us as we didn't do reboot very often - until someone decided to replace all those SGI workstations with NT Alpha. You imagine how irritating to have been called 2-4 times every night.
Soon after the SGI were replaced by NT Alpha, those reboot-alarms were removed for obvious reason.
One of those companies was our NY office ;) ;)
We lost our direct extension phone dialing ability to them (could use the full 10 numbers though) and they completely disappeared from our network. They still had regular internet connectivity through a 100mbit cogent line and were able to access other company resources through our other offices Citrix metaframe farms [note 1] with almost full capacity but we still recieved numerous calls at our office as only the road warriors were actually used to using that method for access. We have the licences, horsepower, redundancy, and data sharing ability for this exact reason, well actually in case of another terrorist attack but it works for this too
[note 1]
One thing stood out above all of this. About a year ago, a discussion at a network/desktop meeting lead to a disagreement but eventually a gadget VBS workstation AD weenie created a script on the pc's to "automatically" select connections to our fellow offices Citrix servers through the internal network if you were plugged into the internal network. It was to "eliminate" any http or https confusion as you technically did not need https if you were already on the company WAN, I guess the KISS approach was not a challenge. That was all fine and dandy until today when the route was down. They eventually pushed out an undo so you could connect either way but I wanted to call up and laugh and say I told ya so but I decided not too. What comes around goes around.
Bad boys rape our young girls but Violet gives willingly.
See, that's why New Yorkers don't have cars.
:)
Comment forecast: Bits of genius surrounded by a sea of mediocrity.
Ahh.. I wonder if they will actually look on the other machines in the data center to make sure the theft wasn't just a cover for loading services/keyloggers/etc on the boxes through the data center... sort of a distraction with the fringe benefit of some sellable hardware.
meh
Sorry for the AC.
My business initally heard stolen equipment but we were later told that it was caused by damaged equipment from a "Verizon union employee".
I was not on the call but that type of information is VERY specific and there is no gray area or room for interpetation there. I assume this is either totally 100% completely false or someone else knows something more.
Dude...we're not talking about "network cards" in a PC. These are DS3 WICs, probably in 7206VXRs or the like. Not only is there no unscrewing of a case (other than the two thumbscrews at either side), but they're fine to yank while powered up.
What's amazing (and it may not be the case, as we don't know all of the details, I'm sure) is that a simple correlation of the start time of the network down event and the sign-in log and security cameras (if any) hasn't been done to ID who did it. These facilities aren't particularly heavily trafficed by people on Sunday evenings, and they usually aren't all that big.
Do not fold, spindle or mutilate.
Verizon has more unmanned facilities (at least at night) than you can shake a stick at. As a nocster for a regional ISP, I can tell you - when a circuit goes down at night, if the testing and troubleshooting w/ Vz requires access to a CO, fugetaboutit till daytime - you can escalate to hell and back, but ain't nothing happening (for emergencies, their on-call techs typically don't respond to pages). Compounding the problem, most of our other circuit providers have to use Vz for the last mile 'tail' circuit.
FP!! Wtf though is up with these ungodly ping times here in NY.
The physical security is usually pretty good. About on par with a normal Fortune 500 company, where you scan into areas that you have a reason to be in. The switch room is usually a little harder to get in, especially since 9/11. At Nextel, they actually hired armed guards for a short while when we almost hired an alleged Felon. A competitors security guard recognized him and tipped off our security. Turns out he was supposedly part of a crew that carted off entire racks of telecom equipment.
Getting back on topic. The cards sound like they are the DS3 that pop into a larger fiber demark, like an OC12, 48 or 192. The cards are pretty small and just have coax-looking DS3 plugs on the front (in, out, and monitor). These aren't cards you could really ever use anywhere else. It almost sounds like someone accidentally yanked the wrong cards during maintenence. Although, most telecoms are very religious about not doing maint during the day (if the outage started at night, tho, I'd say it was a switch tech who screwed up).
The reason I'd assert this is the theft was too small to be of any other value. Three DS3 cards aren't going to fetch much, and they're tainted goods. If you're malicious, you're not going to just grab 3. If you're damaging a competitor, grabbing 3 cards is somewhat silly. We commonly have a backhaul path in preparation for things such as this. For example, when I worked at Nextel a fiber dig broke a couple DS3s we had going through PacBell. Within 4 or 5 hours, we swung the traffic over to other DS3s that bypassed the carrier and area with the break.
On a side note, it was also an eye opener that the "Protected, Redundant" Ring-topology that we were paying extra for was not being provided by the Telco. Let's just say there were some very colorful conversations going on between companies at the VP level.
Hello owing to the death of my rch uncle I have come into possesion of some advanced technology. However due to the import / export restrictions I am unable to move it out of the country. I have some ds3 internet cards I will give you in return. Please contact me as soon as possible.
911: 911 Emergency line
Slashdot user: I just lost all Internet!!!
911: Excuse me?
Slashdot user: I was just about to first post to Slashdot, and I clicked "Submit," and nothing happened. I tried to ping them to see if I was dreaming, but got nothing, so I tracerouted and found out I couldn't get past localhost.
911: I don't understa...
Slashdot user: My god, this first post would have done wonders for my karma! And now I've been beaten by a goatsex troll...
911: Sir, this line is used strictly for emerencies...
Slashdot user: THIS IS AN EMERGENCY, DAMN IT!!! Send ambulences! DSL repairmen! Cowboyneal! I won't leave this computer until I get my Internet back, and I only have half a can of Mountain Dew to live on till then!
Vixie gives it an allow ACL.
Cisco's "Packet" magazine calls it "this season's most secure flick".
NANOG calls it "an interface to remember".
(ignore the creative liberties. I was out of ways to tie things together...)
it worries me that people can just roll in there and steel our equipment
I don't need to worry about that because most of my equipment is steel already. Except my Powerbook, which is aluminum.
What if a terrorist had got in there and blew up all our data.
That would be terrible. I remember one time when I spilled all of my data on the floor. I was cleaning it up for days; it's almost impossible to get data out of a carpet once it dries!
For terrorists this would be a major blow to interest banking which they so abbhor.
I'm sure Osama bin Laden is at this very moment plotting to destroy those infidel bankers that are keeping his billions secure and earning him a nice revenue stream through his investments.
It's all about acting like you're supposed to be doing what you're doing. Act like you own the place, and nobody will say a thing to you.