Slashdot Mirror
Datacenter Robbed for the Fourth Time in Two Years
mariushm writes "According to the Register, the Chicago-based colocation datacenter C I Host was attacked by armed intruders recently, making it the the fourth time in two years that armed thugs have made off with data. According to a letter C I Host officials sent customers, 'At least two masked intruders entered the suite after cutting into the reinforced walls with a power saw ... During the robbery, C I Host's night manager was repeatedly tazered and struck with a blunt instrument. After violently attacking the manager, the intruders stole equipment belonging to C I Host and its customers.' Aggravating the situation, C I Host representatives took several days to admit the most recent breach, according to several customers who said they lost equipment, all the while reporting the problems as 'router failures'."
And if they have been robbed before - why not increase the security? Four times? - That's some kind of record. Maybe it's time to check if the localization of the whole thing is incorrect and move it to a better location where it's less likely to suffer from this kind of incident?
If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
Hopefully they were smart enough to encrypt the data this time. If not, the company should truly be shut down...
If you can read this... 01110101 01110010 00100000 01100001 00100000 01100111 01100101 01100101 01101011
"cutting into the reinforced walls with a power saw"
I would say that is an argument for underground data centers...
Don't tase me, bro!
Seriously, though, this sounds like something out of a really bad Hollywood B-Movie.
I didn't know you could do stuff like this in real life.
smells like an inside job / insurance scam 1st would be an anomaly , 4th time i would be looking very hard at the companies and its staffs finances
It turns out the router was unable to route wherever the thieves had taken it.
Hmm, I'm not using them anymore. They had regular power failures in Dallas - claiming 'UPS maintenance'. My home DSL setup is more reliable than their data centre.
Excuse me, but please get off my Pennisetum Clandestinum, eh!
The network is always the fall guy. Blame it on the network, they'll never know!!
After the first robbery, I'd seriously consider moving my data. If my data is still there after the second robbery, I feel stupid. If my data is still there after the third robbery, I should lose my job. If my data is still there after the fourth robbery, I need to promoted to executive management.
The entire purpose of off-site storage is disaster recovery, and prevention of major disasters like this. Why are these guys still in business?
http://blindscribblings.com - Tasty pop-culture in conceptual fashion.
In the brake room watching tv / playing games?
Doing the same thing in the big room with all of the tv screens?
I'm a Dreamhost customer, and the past couple years they've had a few issues, and some people have taken it as an opportunity to bash the hell out of them. Having used many hosts over the years myself and for customers, I've found them to be on par with, if not a little above many hosts. The biggest difference is DH is HONEST about their issues, on their status blog. When they fuck up, they say so. To me, that's more valuable than a host that makes it self look like it's more stable by lying, such as the parent article's subject. It means when DH tells me something, I can at least trust it's the truth.
jX [ Make everything as simple as possible, but no simpler. - Einstein ]
Suddenly, buying an old army bunker complex to house your datacenter doesn't seem that excessive.
shame on you. Fool me four or more times shame on me!
God, schmod. I want my monkey man!
I suppose calling the police is not in company guidelines?
It takes time to cut through a a wall with a power saw and it makes lots of noise. If someone cut their way into my place the cops would be there before the bad guys could get through the wall.
I have friends in the data center business and they never tell me about any of their businesses being broken into even once. Let's just say that I am somewhat skeptical.
Well..if they had said "route failure" that would of been accurate since technically the route HAS changed for those servers......
Anyway - maybe it's time to weave in copper mesh into the T-shirt of all datacenter employees to protect against tazers.
And notice from a comment to the article that any so called man trap doesn't exist - and the security seems to have been far too relaxed. Just a fine example of how not to do things. A good datacenter is located where almost nobody knows where it is - preferably underground in a nondescript location in the countryside. A set of optical fibers will take care of all the traffic. And very few persons shall have physical access to the hardware. Think about how the military handles their datacenters.
If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
That was a truly "professional" operation. It's happened four times. They're specifically targeting this datacenter, and management's reaction is anomalous. If I were a police investigator, I'd start probing. Maybe there's nothing to find, but I'd bet money that there is.
Kind of reminds me of that pizza bomber a couple of years ago.
For linux tips: http://www.linuxtipsblog.com
Well, if they actually care enough to try to prevent these attacks, I can see three solutions, any of which should be highly effective:
Deadly force. If you are being robbed at gunpoint on a regular basis, your employees can legitimately say that they fear for their lives, and thus, purchasing of firearms is legally and morally justifiable. Perhaps a couple of guards posted at the entrance with semiautomatic rifles, plus three or four in appropriately concealed locations within the facility (or more if the facility is large enough). Criminals (armed or not) will think twice before attacking.
Electrical interference. Hook a 230 kV transmission line directly to the rebar in the walls. Anyone who tries to cut their way in will likely spontaneously combust, or at the very least, be knocked several meters. Such an attack won't happen twice.
Oxygen deprivation. You probably already have halon fire extinguishers. Assign everyone emergency oxygen masks and a red button remote. In the event of an attack, press the red button and put on your oxygen mask. Assuming you dump enough halon, it will bond with all the free oxygen in the room, incapacitating or killing the intruders in seconds. Assuming they survive, they should still be unconscious when the police arrive to arrest them.
Check out my sci-fi/humor trilogy at PatriotsBooks.
Spooky...
reinforced? wtf were they reinforced with, toilet paper?
sounds like they are conducting business from a fibro and plaster board shack. you'd think they would aleast consider their staff's saftey after the first 3 attacks, i smell asshole managment who aren't willing to spend the cash.
If you mod me down, I will become more powerful than you can imagine....
I've used them for years, and was an avid supporter of CI Host even while they were enduring constant negative publicity.. I was initially a client of their shared hosting, then upgraded to a dedicated hosting package, and never had an issue aside from the typical short downtime every now and then.. nothing crazy.. so a startup I was working with put a colocated server with them earlier this year and in around 6 months we endure an outage for numerous days, numerous BS excuses, then one day "Oh yeah by the way your server was actually stolen, and good luck finding the real thieves!" So now we come to find that this has happened 3-4 times in the past 2 years, the detective (and even a worker there I talked with) told me they believed it was an inside job. Obviously I am cancelling all of my accounts and taking my business elsewhere. I will proudly do my best to spread the word and tell EVERYONE I know to NEVER use CI Host for *ANYTHING*
I guess the thieves stole the serifs, too.
bow before my superior smartitude
'At least two masked intruders entered the suite after cutting into the reinforced walls with a power saw ... During the robbery, C I Host's night manager was repeatedly tazered and struck with a blunt instrument.
Good on them for hiring the disabled! Although perhaps the night manager position is not one suited to someone so deaf that they can't hear a Sawz-All cutting though the wall...
Three Squirrels
At first, I thought WTF???? Why would someone break into a data center.
Then, I thought about it, and being that a datacenter has more supposedly valuable stuff that you can pick up and leave with _and_ you have an easy time to sell it, well, I'm only surprised that this is not a daily occurrence.
In the "information age", what is more valuable than information? And the price/pound or volume makes information orders of magnitude more valuable than gold, art or even money itself.
It almost makes sense when you think about it, but there is a rational side of me that says that this makes no sense.
My head is about to explode.
Last November I had ALL my servers stolen there. Now over all the years I have had servers I have backed up data, upgraded servers, clean installed servers, etc., then that fateful day in November after being stonewalled for days I finally went over to the data center only to find ALL my servers stolen. All my data. Yea I had some offsite backups, etc, but .... stolen. I guess they thieves really liked my XServes. They were nice and shiny in a sea of beige and black.
Anyway, they gave me some free hosting after that, so, I said ok.. big mistake... about a month ago two of my three servers were stolen. Thankfully I had them a bit spread at the datacenter.
Well, can I sue? What can I do now? Same bs, promising me servers and nothing.
Last year I lost a lot of clients,,, granted all but two were mostly very small time hosting accounts. This time I now lost a big client even though I got them back up and running asap... get a server, install configure, read the files from the backup server, etc.
Anyway it was truly the worst feeling I have had in many a year.
It is definitely bs. And what do the Chicago PD do? Well your guess is as good as mine.. maybe they are out ticketing the thieves truck as their meter runs out.
Any lawyers out there that can help?
Mind | Body | Spirit | Cash
...this is how he'd do it.
While people will have a field day making fun of C I Host for this, I'd say it really wasn't the company's fault. Frankly, it's a corporate datacentre, not an armed installation. Their service extends to protecting your data against router problems, power outages, hacking attempts... Not armed incursion. That's not a web-host's job.
Though I'd agree it's definitely a poor representation of C I Host that they kept their customers in the dark about the attack. The frequency is odd, too... Do they have any particularly important customers who are being particularly targeted, or is the incidence of burglaries just bad luck?
As an ex-employee of CI Host (the shadiest web host on the planet), I find this humorous. It's only a shame the CEO, Chris Faulkner wasn't there to get tasered as well.
I'm not too sure what measures are realistic for a datacenter when the robbers are armed and carry the equipment they require to cut through walls.
I'll bet a big, multi-port Cicso router might be a better target, pound-for-pound, than a dell server. So the hosting company might have been telling the truth. "The router failed because, ummm, it's no longer connected!" My second thought on this-- it seems like a lot of work to go to (and huge legal risk) for a few dual Xeon servers. I wonder who (or what) was hosting on those boxes. Cutting through the walls and roughing up the security guard will add a lot of years to a conviction. Maybe there's more to the story we're not hearing, and will never know.
Everything I've ever learned the hard way was based on a statistically invalid sample.
Yes, the servers are expensive peices of kit, but I think frankly, its more likely that there is specific data for a specific site that is being stolen rather than just some hardware, and if thats true, they shoudl be hiding the friggin servers rather than leaving them sitting round "ooo rob me rob me rob me!" You gotta ask, who's the target?
I actually had a server hosted in that very Chicago facility. (I actually got referred to it by clicking a "$75 a month colocation" advertisement link on slashdot)
The datacenter in question is in a terrible neighborhood, and I can't see anyone bothering a truck there in the dead of night.
There was no man trap, and no security of any sort, just a tech guy who let me in and opened the glass datacenter door for me.
I doubt they have a panic button of any sort either.
You disable the one guy on call and there would be no police coming, period.
I've actually been in this datacenter. Tried to host some boxes there for a while... and when I finally gave up on their shenanigans, I was not near Chicago, so I just abandoned them there (cheaper than shipping).
First, this datacenter is literally two blocks from what is left of the infamous Cabrini-Green projects. Tough neighborhood, so it's not entirely impossible that it is an outside cracked-up scheme.
There was none of the double-man-trap doors or whatever there. The one staffer was in the back playing a Playstation. The couple of customers in the center exchanged cell numbers, so we could call each other to get let back when we needed to use the toilet.
The Dallas billing people weren't any better. Worst... host... ever.
down at the pawn shop!
Ok, so they robbed $50,000 of routers and servers.
Where are they going to fence them. The average geek has no need of 16 core Xeons, no matter what game they play. If they were dells, (IF) they are going to have TAG #s and it wouldn't be hard to see Dell doing a trace on em, ie very hot property.
Thirdly, no legit business, at least any I have worked in, would touch (some) state of the art servers at half price, no support, from a questionble source with no history. Same goes for all the cisco kit. Bet they end up abroad.
http://www.writeitfor.us - Writing IT for the IT generation.
Seriously, cutting through a reinf. concrete wall is not trivial, if it was indeed just that. By code, the minimum thickness of a concrete wall is 6" and most used for loadbearing in anything but the cheapest residential construction are 8". You aren't cutting that with a reciprocating saw (aka Sawzall). Second, reinforced concrete walls are required (in order to be considered "reinforced" by code) to have steel bars equal to 0.0014 x wall area in both directions at a spacing no greater than 18". That typically works out to a 1/2" steel bar at 12" on center or a 5/8" steel bar at 16" o 18" on center both horizontally and vertically.
Now, this is a non-technical publication, so "reinforced" may mean anything - like a 1/2" bar at the top and bottom, and around jambs. Also, this is Chicago, known far and wide for severe corruption in the building inspection process.
Still, anything close to a RC wall is going to require a diamond blade and a gas powered saw for any kind of efficiency at all, and the cut rate is going to be measured in single-digit (or fractional) inches per minute. Most also require a water source for cooling. You'd have to be utterly incompetent not to catch these guys before they got in.
Is it just my observation, or are there way too many stupid people in the world?
For what it's worth, I feel the need to mention the nearest police department is .8 miles (2 minute drive) per Google Maps
Stronger walls, and maybe armed security guards. Heck, we have them up here in Canada and we don't have a tenth of the violent crime problems Chicago has.
-Billco, Fnarg.com
We all know that bad people don't have Internet access. If they did, they might try to google for something like 'chicago colocation buildings i can break-in to', which pops up a bunch of hits for C I Host. The third hit's page exerpt/description begins with "Location: 900 North Franklin, 3rd Floor, Chicago, IL 60610". The page also says it's a nondescript building with no signage (that's okay, we have the address *and* a provided photo!!) and... hmm, we know lots of design details about the building, and there's lots of information about where things go in and out of the building. I realize that a lot of that information might be important for potential customers to know, and has to be available to non-customers, but, I would be a little more careful if I was in charge of what information was available to whom and published where, probably going with a need-to-know basis for a lot of things.
You can effectively {describe your security, network resources, and ability to accomodate customers' equipment of varying size and shape without giving out nearly so much} and/or {keep track of what information you provide to whom, when, and under what circumstances so that you could at least be able to make some educated guesses about where to start investigations of security breaches even though information does tend to spread, especially when one tries to control information, particularly when done badly}.
As a company that host spammers, and threatens lawsuits (cartoonies) against anti spammers, I can only hope the crooks stole the spam servers as well.
http://www.spamhaus.org/sbl/listings.lasso?isp=cihost.com
Lawyers, MBA's, RIAA? A jedi fears not these things!
After the second time they would have someone sitting in there all
the time with this:
http://en.wikipedia.org/wiki/S&W_Model_500
Awwww yeah...
http://www.youtube.com/watch?v=IxLmiYiwvus
Take my server now bro!! I dare ya!
I left them (moving to tera-byte) over 5 years ago. At the time, C I Host had all sorts of DNS problems, yet they continued to deny there was any problem.
I found these links to the report from a post on theregister.co.uk
Report 1 Page 1
Report 1 Page 2
Report 2 Page 1
Report 2 Page 2
Report 3 Page 1
Report 3 Page 2
The guy says that $50,000 worth of stuff was stolen...not only servers, but misc crap like routers, and battery chargers for Black Berry units.
I'd say either look for a new web host startup in the Chicago area in the next year, or a lot of stuff going cheap on Ebay.
The saddest part about this is that the crims clubbed and zapped some innocent guy that would have offered zero resistance. For this, I hope they thieves go to jail for a long time.
And they didn't increase security? thats pretty irresponsible. At least give the poor guard a gun and a partner. How about a panic button ?
---- Booth was a patriot ----
A good datacenter is located where almost nobody knows where it is - preferably underground in a nondescript location in the countryside. A set of optical fibers will take care of all the traffic. And very few persons shall have physical access to the hardware.
That works fine if you are big enough to have your own datacenter.
If you are selling space to clients though it doesn't work so well, many clients preffer to colocate thier own hardware rather than renting from the provider and many clients will also want to see evidence that thier machines are really in a datacenter and not someones basement.
note: i'm known as plugwash most places but i screwd up registering that here somehow in the past and now can't register
replaced the servers with an IBM BladeCenter.
The company I work for used to be a client of theirs, and like many others here, eventually got fed up with their constant downtime. When we canceled our service and they shipped the servers back, all four rackmount servers had the rack-screw-tabs bent because they shipped them with no padding whatsoever. They were just rattling around inside the cardboard boxes during shipment.
A former employee of CI Host contacted us after we quit their service and told us this little gem:
That time early this year when their entire Chicago datacenter was down for two days? They forgot to pay their power bill.
If I was working in a place that had had several break-ins, I'd either have a shotgun handy or I'd resign.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
maybe it's time to weave in copper mesh into the T-shirt
Or Maybe arming some of the guards - but then again Chicago has some very restrictive gun laws, including a complete ban on handguns, so this may not be possible without relocating.
Think about how the military handles their datacenters.
The military has people with guns & radios protecting their datacenters. Which seems to be lacking in this case.
Most of the Savvis or 365 Main data centers use Kevlar embedded in the drywall, but there is always a weak link somewhere. Concrete block, fully reinforced, isn't a whole lot better, but is about 3x the cost.
The problem isn't really the lack of a man-trap, but lack of multiple zones of security or appropriate security measures. All facilities are prone to some level of an inside job, and only a few would really have the information required to prosecute after the fact.
If there is only one guard and no offside monitoring, you are counting on luck.
As for the military knowing what the he'll they are doing, just because they treat their data centers like missile silos doesn't mean the protection is adequate or appropriate for the risks involved.
So can anyone here be bothered to explain to the ignorant what a datacenter is? I'd never had need to think about this concept until I RTFA. Is it really a place that people rent real estate to put their equipment? Is this to just get it off-site of is it because the price /sqft is cheaper than in the office? Or is it for third-party security, which really makes this bad. In addition, what did they steal and why? Did they steal hardware just to sell as hardware or did they steal this stuff for the data in it...very movie like.
A positive attitude may not solve all your problems, but it will annoy enough people to make it worth the effort.
"If you are selling space to clients though it doesn't work so well, many clients preffer to colocate thier own hardware rather than renting from the provider and many clients will also want to see evidence that thier machines are really in a datacenter and not someones basement."
I think they'd be better off hosting in someone's basement than in that data center. The "someone's basement" has a lot going for it, at least in my case ... relatively anonymous, protected by 3 big dogs, and the only entrance to it is via a concealed trap door.
Figures. Good ol' stringent gun laws just mean the armed criminal will not have to worry about anyone having a firearm.
I fault the datacenter less than I do the general city which bans legit people from protecting themselves, and giving a field day to robbers.
Had this data center been in another state like Nevada, the robbers would have probably not even attempted this, or if they did, would have died of acute lead poisoning.
One possible solution involves building a steel- and concrete-reinforced bunker, akin to a very secure bank vault, several levels underground. It should be designed such that even if someone managed to dig underground from an adjacent property, they would be met with several feet of thick concrete, followed by twelve-inch-thick hardened steel. This would exist on all four sides, as well as on the top and bottom of the bunker.
On the inside, entry would require entering through several stages of reinforced doors to access an elevator to the bunker below. Following that, one would need to enter via a vault door very similar to the one at a bank vault. This vault door would open only by providing a passphrase and three forms of biometric identification, including a retinal scan, a hand scan, and a voice scan, in addition to a mechanical combination. Those guarding the building would NOT be authorized by the system to gain entry, so that intruders would be unable to gain access by threatening or beating them. This fact would be posted prominently at the entrance to the complex.
Inside the vault, the equipment proper would be rack-mounted in heavy duty locked steel enclosures.
Obviously, all of these measures would need to be combined with a thorough and comprehensive system of electronic and software security, which would protect the system from malcontents connecting through a network as well as to monitor physical and electronic intrusion.
Once installed in this manner, it would clearly become difficult for a group of thieves to break into such a vault and steal equipment before the arrival of police on the scene.
Basically yes. You'd want to use a datacenter for your servers because they (supposedly) will have engineered backup systems for just about anything that can go wrong. This means generator backup for power and cooling, effective surge protection, redundant high speed internet connections, security, professional monitoring of the equipment and environment, etc.
I couldn't make this stuff up. They're advertising for a security guard,
"We are seeking motivated individuals" ... translation: work cheap.
"Prior security experience preferred." ... translation: not really a requirement, but if we can get it at no extra cost ...
"Some College is also preferred." ... if you managed to drop out of college instead of high school, you're more "presentable" to our insurers, who are now royally pissed at us ...
"Armed Hand-gun license/permit and ability to supply own weapon a Huge Plus! : translation: "we're cheap! You're desperate AND stupid! Let's talk!"
Does it have a proper redundant power system with backups and proper redundant aircon system supplied by protected power? Is it in an area prone to floods and if so have flood precautions been taken (e.g. selction of a location other than the basements)?
Maybe the answer to theese is yes but the problem still holds that the potential customer can't verify theese things if they don't know where their server will be located and if the potential customer knows the location so does the potential criminal.
note: i'm known as plugwash most places but i screwd up registering that here somehow in the past and now can't register
I ended up dropping that configuration.
I'm in Maine, a very long way out at the end of a long line of potential failure points on almost any network you want to get access to. A T1 from a top level company was costing me $1500 a month. Dedicated bandwidth from the cable company was $1000 a month. Neither was 100% reliable (surprisingly, the cable company was no less reliable in my case than was my T1 provider as it turned out).
I had (still do actually) 12kw generator fired on LP gas with a 250 gallon LP tank burried in the back yard. Line conditioned UPS gear decent routers and switches, and that T1 -- total cost was pretty big.
Now that colo and rented servers are so cheap, it makes NO sense for me at all. I've got a couple of boxes at ServerBeach locations instead for all my public facing stuff. I still have my home gear, but it only serves me. For that, a cable modem and consumer account is fine.
For less than 300 dollars a month now, I have better power redundancy, way better network performance, way better network redundancy, 24 hour on-staff hardware or reboot support, and I don't have to buy the hardware. When I want to upgrade, I just start paying for a different machine.
Renting the servers ends up being way cheaper, way faster, way more reliable, and way more supportable.
The problem with quotes on the internet, is that nobody bothers to check their veracity. -- Abraham Lincoln
Off topic, but any reason you went with ServerBeach instead of RackSpace? I'm looking at doing something similar, and keep running into RackSpace as the sort of default for managed boxes.
Mod point free since 2001
Or Maybe arming some of the guards - but then again Chicago has some very restrictive gun laws, including a complete ban on handguns, so this may not be possible without relocating. But, that's unpossible! Everyone knows that once you ban guns in an area, crime immediately ceases and the criminals turn to a life of petting puppies and painting rainbow butterflies. Sheesh. To hear you talk, one would think that the criminals would (gasp!) exploit a legally-imposed tactical advantage or something.
Everyone knows that if you have a problem, you pass a law and it goes away! There's no need to arm corporate datacenter thugs with children killing automatic firearms. Just outlaw robbing datacenters!
Sheesh.
Don't blame me, I didn't vote for either of them!
"you're probably nowhere near interested in this entire field."
Well you're a cock rock aren't you. Let the guy get a decent answer and go lock yourself back in your own datacenter.
Ah yes, Canada is a magical place where there is no crime and people shit pure butterscotch.
Considering that they've been robbed 4 times, twice this year, and that it was probably an inside job, if anyone's still thinking of hosting with them, they might as well just take a sledge hammer to their boxes instead.
Contrary to what the article says, the police report says that a door lock was jimmied open, and there was nobody on the premises at first - the employee responded to an alarm report.
Liki I said, even my (or your) basement is more secure. When I'm not at home, at least there's still 3 big dogs, and there's the neighbors. This place was in a dump where nobody goes after dark.
It's not about the real estate, it's about redundant everything and lots of backup systems. If an idiot with a backhoe cuts their uplink, they have a couple more so that you don't lose connectivity. If someone flys a kite into the power lines, they have generators to keep things running until power is restored. If a squirrel eats a hole in the air conditioner, they have another one so things don't melt.
Or is it for third-party security, which really makes this bad.Computer equipment is expensive and a data center has a lot of this, so their security compared to what you would have should be a similar relation as a bank's security compared to your sock drawer. That's when it's not a selling point. When it is advertized as a selling point, it sounds like something out of Mission Impossible.
Please stay in Canada. Oy? I mean Ok?
Liki I said, even my (or your) basement is more secure.
Maybe so but security isn't the only thing you required for a datacenter (defined here as a place hosting servers that mostly serve clients on other sites and require high uptime and possiblly also high bandwidth).
a basic list of requirements other than security:
Redundant high quality internet connections
Redundant power
Redundant aircon running off redundant power (not much point in having the redundant power if your boxes are overheating due to lack of aircon)
To get theese things at a reasonable cost per server requires aggregating a lot of servers together. Unless you are huge yourself that means you have to rent space in a datacenter run by someone else. Prospective clients will also want to know where the datacenter is so they can verify that it really does have theese things and is not just a single T3 line and a handfull of servers running off a power strip plugged into plain utility power in someones non air conditioned basement.
I do agree though that customers were stupid not to do some serious research on thier hosts security after the first incident.
note: i'm known as plugwash most places but i screwd up registering that here somehow in the past and now can't register
"Had this data center been in another state like Nevada, the robbers would have probably not even attempted this, or if they did, would have died of acute lead poisoning."
Nope. CI Host had nobody on location when the break-in started (this time they just jimmied the door lock. The previous time, they smashed through a wall). The employee only showed up later, and that was when he was tazered.
So, a hosting center that's already been broken into 3 times in 3 years, nobody there at night, shabby part of the city, no physical security ... gee - sounds like a great place to host ... host your competitor's stuff, that is.
Besides, both the police and customers now think it was an inside job.
The military also puts their datacenters into areas where there are people at night (this place was unmanned - the employee only showed up after the break-in started). They also use half-decent locks that can't be jimmied so easily (a customer went there the next morning and reported that the door to the office had been forced - not that a wall had been broken through).
Basically, don't use this shitty company.
The fact that someone lost their stuff is tough luck.
Then again, CI Host could just as well have terminated their account for _NO REASON_ and taken their money instead. That's also theft - and something CI Host has been known to do (yup, it happend to me, I'm a very annoyed EX-customer of this shitty company).
Morale: Don't use CI Host. They either steal your money or let your equipment be stolen.
Did I mention they never returned any emails I sent them? Neither did they return any phone calls.
Crap company. Use another hosting company... if you're using CI Host I recommend that you switch NOW, before it's too late.
If you check, you'll see that CI Host had none of the things you mention as requirements, except for the bandwidth.
Anyone in an urban area can get bandwidth nowadays. Heck, if I want to move a few blocks, I can get a 100 mbps fiber connection to my doorstep.
CI Host's location was a rented office in a slummy building, with nobody there at night, protected by what in this case proved to be an easily forced door lock, which is how entry was gained this time. How is that better than someone's basement? At least in someone's basement, there's more likelyhood of someone being around, or at least of neighbors being around. And maybe a dog or two?
Maple syrup you inconsiderate hoser hater.
Having the armed guards supply their own weapons is actually reasonable. They are more likely to be familiar with them and thus more effective.
Time to move, I actually live in a rural area, but due to location there was a particular bank that could not be defended, robbed eight times in two years, they finally closed the thing, and voila no more bank robberies in town. Once these people figure something out that works they will become accustomed to more income, they will come back until they get caught, or the easy pickings disappear.
Under the influence of Post-Cyberpunk Gonzo Journalism
Ah, Canada, where all the children are above average.
A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.
The night manager was unavailable for comment as he kept stuttering and jerking.
You must have very poor memory, nuzak, if you can't recall what it was like learning your trade.
When I was in high school, I knew I wanted to work in the computer field, yet I didn't know what a datacenter was. If I had met a pretentious jerk like you, I might not be managing a datacenter, today. Luckily, I met people who answered my questions instead of people like you. I also asked questions on slashdot, and learned quite a lot from this place.
And to answer the original question: A datacenter is a room full of computers with experts monitoring and maintaining them 24/7. It has special air conditioning, wiring, and security. Sometimes people rent servers or space there. Sometimes they contain only the computers of the company that owns the datacenter.
A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.
Okay Frankie. Youse got da info we need to break inta da place, right?
Yeah boss! Lookie here, on da webpage!
Name: CDC-03
Location: 900 North Franklin, 3rd Floor, Chicago, IL 60610
NPA/NXX: 312/640
Not bad, Frankie...not bad! Uh-oh...what's dis? Dis could hold us up...
No signage, nondescript building
No problemo, boss! See? They gave us a picture!
*snort* An dey call us teeves dumb...
[End Of Line]
They're advertising for a unix/linux admin position in texas, 4000 servers, and, get this - high school or equivalent"
All this, and high school or equivalent? WTF!?!Sounds like they're looking for someone with really low $$$ expectations. Is it responsible to put someone who could only get - maybe - a GED in this sort of position???
Oops, this time I used preview ... fixed url here
Funny thing is that I know what router is, I know what a switch is, but wouldn't have a clue what a 1U rack box is (I'm assuming it's something like the blade server thingy's). So I suppose I should have asked you if you could be 2/3rds bothered. Anyhow, the interest for me here is: why would people try to steal anything from a data center? Is there more to it than value of the hardware? As my assumption of a datacenter based on the article was a place where there's a bunch of computers storing information, I had to wonder why would folk break in? Is it some sort of Mission Impossible thing for the actual data or just a bunch of junkies who figure it's an easy score for drug money. As the latter is the less exciting and interesting, I was hoping for the former espionage theory. Not having the exact answer myself, I turned to /. knowing that many people on here would be able to give me an answer. Don't feel bad though, I don't hold anything against you for your impolite elitism, I'll just regard you as one of those lonely, sad and frustrated posters.
A positive attitude may not solve all your problems, but it will annoy enough people to make it worth the effort.
Well..technically, that's the case in every country. Every child will be above average in at least one facet or trait. Some will be above average intelligence, some will be above average athletes, some will have above average eyesight, etc. But everyone will be above average in something.
Revenge is in sight: the crooks stole Vista machines.
Table-ized A.I.
Chicago is very corrupt, but also very cheap. Just slip a fiver to a daily campaign guy and install the anti aircraft gun already. My blind great uncle got a drivers license for a couple Italian sausages.
Well.. maybe. Or Maybe not. But Definitely not sort of.
Oh good, everyone's a winner!
-1 disagree is not a modifier for a reason. -1 troll, flaimbait, redundant, overrated are NOT acceptable substitutes.
If the protection they give missile silos is the same they give data centers, and it isn't adequate for data centers, I think we have a problem with our missile silos.
Fortunately, I don't think this is the case.
-1 disagree is not a modifier for a reason. -1 troll, flaimbait, redundant, overrated are NOT acceptable substitutes.
Try a shotgun and a big old mantrap with a hole for the shotgun barrel. Yeah, and real walls, TYVM.
"We returned the General to El Salvador, or maybe Guatemala, it's difficult to tell from 10,000 feet"
use google. It's basically a big building with computers and AC in it. There's more, but you really should be able to find out for yourself.
"We returned the General to El Salvador, or maybe Guatemala, it's difficult to tell from 10,000 feet"
They would just bring guns instead of a taser and shoot the guard. Duh!
Not sure about your parent, but I went with ServerBeach because they had Debian servers (you have choice between Redhat, Debian and Windows). RackSpace only has Redhat and Windows, as far as I can see.
Je ne parle pas francais.
from the link
Physical Structure:
* Floor Load: +125 lb./ sq. ft.
Id be afraid to stand with my feet together.
That's an amazingly apt description of how governments arise.
Secession is the right of all sentient beings.
Computers are worth money. Data is worth money - especially when it contains credit card numbers, personal details, etc.
"There's an old saying in Tennessee -- I know it's in Texas, probably in Tennessee -- that says, fool me once, shame on -- shame on you. Fool me -- you can't get fooled again." --President "ugh" George W Bush, Nashville, Tenn., Sept. 17, 2002
I hope this is the final nail in your coffin. It's been a long time coming.
The problem with such deadly ideas is false alarms and liability issues. So how about temporarily depriving the burglars of their sense of sight instead?
Several manufacturers offer fog security systems that fill the room with artificial fog. It's similar to theatrical fog generators but denser and produced much more rapidly. Some add strong strobe lights to make it more effective. They may also include menthol smell so nobody should mistake it for fire smoke and a recorded message with instruction to "stay in your place and wait for the police" so the burglars won't sue you if they run in the fog, fall and break their leg.
Stop worrying about the risks of nuclear power and start worrying about the risks of not using nuclear power.
There's an old saying in Tennessee - I know it's in Texas, it's probably in Tennessee - that says, rob me once, shame on ... shame on you. It rob me. We can't get robbed again."
ServerBeach is self-managed so it doesn't directly compete with Rackspace. Peer 1 Dedicated Hosting is where you'd go for managed hosting from the same company as ServerBeach.
http://astutehosting.com/
Rather than real estate, you will usually be renting a locked cabinet with network and power drops.
Also, infrastructure is very expensive. Redundant generators, UPS'es, and network connections are all major costs, not to mention the staff you would need to support it all. It usually ends up being much cheaper just to rent a cabinet or two in a data center. There are actually much fewer data centers than you would be lead to believe by different hosting companies' website. The vast majority are renting space in somebody else's data center, which they are trying to pass off as their own.
One thing that a lot of people may not realize, is that data centers should be near other data centers or bandwidth carriers, usually in an internet building or carrier hotel. You want to have easy access to your upstreams and peers, so you're not paying a fortune to run links to them.
Now, you can just have a fiber circuit that runs to a carrier hotel, but then you're adding an additional point of failure, and uptime is everything in this business. You can mitigate that somewhat by having redundant fiber circuits that take different paths, which can often be hard to find and/or difficult/expensive to run.
http://astutehosting.com/
If guns are difficult to get, then fewer people will have them to abuse and shoot someone with.
The ready availability of guns is a bad aspect of the USA. You would have much less gun crime if they were banned.
Robbing data centers makes about as much sense as robbing the postman -- a lot of effort for an unknown return, in fact even more effort, since you have to recover data off the servers, reverse-engineer DB schemas and data storage methods, etc. Worthwhile for known data, but a lot of effort to merely obtain a DB of shoe sizes or orthodontic records or something, especially when there's already an existing global marketplace in stolen credit card info and other identity theft details.
I think the only real reason to hit this would be for industrial espionage or some other cloak-and-dagger business.
The hardware can't have a ton of resale value, unless there's some pipeline sending stolen servers to Russia/China/Mexico, as the machines are likely generally 1+ years old and there's not a ton of business customers looking to buy used servers off the back of a truck (are there?).
I've always thought that the "military grade" security surrounding most DCs was a joke and for PR purposes only. Banks are seldom robbed successfully, and you can walk right in, why does a data center need 8 biometric data points, a smart card and an access code to get into a room with caged & locked equipment?
please explain how to get this 100mbps connection for a decent price to your doorstep? I will be moving in a few years and that will be one deciding factor for where I move.
Unless the operation is big enough (or secret enough) to be able to afford a large team of armed guards a vault in a metropolitan area to me seems the more secure option.
...
"out of the way" and "nearly unknown location" are just security by obscurity
Yeah. Would you choose a neurosurgeon who pokes around people's brains in his spare time? I wouldn't.
That's not such a good speed. After all, it's only one bit every two weeks or so. We has faster modems in the 80s!
Time to move to the Equinix data center at 350 E. Cermak. That place is like a frickin' military bunker. That's where the real men in the Chicago area have their servers.
A datacenter is a site for server location. Though CI Host seems to be kind of a joke, datacenters are generally chosen for their redundant backbones, deeply redundant power and environment control and the cheap high-end bandwidth. (It's a lot cheaper to get a DS3 at a datacenter than at the office, since you don't have to pay the phone company to lay a loop out to your office.) Combine that with that a real datacenter tends to have a much better security system - these guys seem to have just been lying, but real datacenters like Level3 have armed guards, dogs, huge walls and so on - and you've got a good buy. The datacenter I host at is in a building with six foot thick walls - it used to be a grocery warehouse.
It's usually best to visit your datacenter, or if it's in another city, to have a friend visit it. I wish one of CI Host's customers (or the Illinois State Attorney General) would sue them for false advertising. It's hard for real datacenters to sell service when your competition just lies to make their offerings look better than they really are.
StoneCypher is Full of BS
I thought there was only one company offering it here - turns out I may not have to move after all - Videotron has tested a 100 mpbs service. They currently offer 20mpbs. With the bonding of multiple channels, you can also expect an increase in upload speeds - or better yet, devoting one or more channels only to uploading, to give high speeds in both directions.
And that's why "winning" doesn't mean anything anymore, because the team that lost every game or the kid that bombed the test was obviously the leader in "trying!" or "not giving up!".
Pretty much all texans are morons. :-(
They'd probably have better luck in Wyoming or Montana.
This is the point where the company needs to step up and be clear in everything. Otherwise they should just shutdown the data center in Chicago.
Sure they don't have security like Fort Knox, but they shouldn't even need that. I've worked at numerous companies downtown who had MILLIONS of dollars of equipment without much more security than a couple locked doors. Yet no place I ever worked at had one break-in let alone four?!?! Something doesn't make sense at ALL!
Just by looking at their own website, it is clear that they have no clue regarding even half-assed security: Tempered glass doors, basic commercial drywall, padlocks, sesamee locks, bolt-together, clamp-together industrial cages that can be cut through or torn apart in mere seconds, the absence of their alleged man-traps, no visible cameras, et cetera, ad nasueum. No wonder they're so popular with criminals. This is an example, soon to be classic textbook, of how not to do security. Pocket the money you save on security and charge beaucoup bux for it--competitive rates, you know--and be prepared to spend it on legal fees or escape to Brasil.
me. --a by-product of public education
20 mbps is more than enough for me for the next couple to few years, but its in canada, and asynchronous speed, otherwise i'd probably move if it was around $100 per month.
CI Host claims that the datacenter is at 900 North Franklin. The Near North Side is posh: Wells, one street off, has all sorts of good restaurants and fancy boutiques. Is the datacenter not actually where their website claims it is?
now we need to go OSS in diesel cars
The scary part is that there are enough people offended by your comments that you get -5 flamebait.
:)
Seriously, you're right, this is News for (IT is implied) Nerds and forums to discuss said "news".
If someone showed up on say... a dirtbike forum where we discuss forged internals, carburetors, and other mods, and asked "How fast do dirtbikes go?" I'd be just as concerned.
In all fairness though, you could at least given him an answer in the end
No no, Candians shit pure butterscotch and piss maple syrup! Get it right, geez... :P
Is Capitalism Good for the Poor?
OK, I'm no datacenter expert, but C I Host has a photo tour of their datacenter at http://www.cihost.com/about/virtual-tour/cdc03.php . Looks pretty cheesy security-wise to me. And is it normal to have GLASS man-traps?
Funny thing is that I know what router is, I know what a switch is, but wouldn't have a clue what a 1U rack box is (I'm assuming it's something like the blade server thingy's).
A 1U rack box is simply a computer with a height that is equal to one rack unit (1.75"), commonly referred to as a "U". A 2U server would be 3.5" and so on. If you ever watch shows like 24 or CSI:NY, you'll see a bunch of rack mount servers of varying heights. A 1U server is also commonly called a "pizza box" because of its shape (although they're generally rectangular rather than square).
A rack mount server is just a server designed to be installed into a rack. Part of its design goals is to allow service without being removed from the rack (just extended out on its mounting rails). A rack mount server has all of the standard components including power supplies and fans. A blade server is actually a minimized server designed to go into a blade chassis. The chassis provides power, cooling, and usually other connections for things like networking and external storage. The benefit of blade center is server density i.e. how many servers you can fit into the same space.
As for your actual point of interest, both data and equipment could be worth a lot of money, but the latter is more easily salable and easier to find. They were probably hit by professional thieves that found an easy target or it was an inside job as suspected. They could easily make off with tens of thousands of dollars of equipment (if not more) each time.
As every kid on Slashdot knows, data can not be stolen — when a copy is made, the originals and the backups remain in place.
Who cares for some hardware — the rich owners can buy new, but the poor robbers must've had a difficult childhood.
In Soviet Washington the swamp drains you.
Our firm originally maintained servers at CI Host. Shortly after they opened their Chicago Data Center, we visited their facility and found the data center empty other than just a few standalone servers. The data center was hot, well over 80 degrees. There was one person manning the facility. As for security, there wasn't any. I won't mention the unethical practices of a CI Host employee trying to solicit directly to our customers. We found this practice and their data center unacceptable. We now operate and maintain our own data center with enhanced security, climate control, complete power backup system, and operating speeds of OC-48/OC-192. If anyone is interested in top quality hosting, dedicated or shared, please call. Visit our website at http://www.pagedesk.com./
http://digg.com/security/Data_Center_Robbed_for_the_Fourth_Time_in_Two_Years
I think this thread may be the most learner-friendly thready i've ever read on /.
what happened to geek territorialism? sooner or later we'll start cooperating at this rate..
Kudos guys, for having the patience to explain that to him.
http://www.xkcd.com/354/
Serverbeach is 30 to 50% less expensive, but the support isn't anywhere near as good. Getting through to a human is painfully difficult. They DO have excellent reliability and they have easily accessed web based "reboot" tools and in the case of Linux they'll auto-recover from a web site, but booting in a way that mounts your linux drive to a known good system so if you know your stuff you can ssh in and fix your drive config the reboot your machine. If you actually need a person, it will take time and their service is to essentially reformat for you.
In other words, if you KNOW what you're doing and you don't need or want support, Serverbeach is cheap and fast.
I'm VERY happy with Serverbeach, and they're very friendly and so on -- but they're clearly NOT in the support business. As long as you know what you're buying, you'll be fine.
Rackspace, on the other hand, is REALLY good at holding your hand if you need it. They're more expensive but they're top of the line from a support and reliability perspective. As my site grows, the cost difference won't mean as much and I will be going to Rackspace for a key server.
Hope this helps.
The problem with quotes on the internet, is that nobody bothers to check their veracity. -- Abraham Lincoln
http://www.cihost.com/about/virtual-tour/cdc03.php It looks like their Chicago facility has already been robbed.
Right, because criminals don't violate laws.
I just came across this.
C I Host Celebrates Grand Opening of Its Chicago Internet Data Center - August 15, 2003
http://epressroom.net/release/C-I-Host-Celebrates-Grand-Opening-of-Its-Chicago-Internet-Data-Center.html
Why don't they just use a firewall? I mean, literally.
The worst experience I've ever had in all my years of existence (possibly worse than that time when a train ran me over leaving me stranded for hours until a helicopter ambulance finally came only for it to crash and burn over the mountains shortly after takeoff where I survived for two months by eating slugs and other niceties while slipping away from the jaws of death on half a dozen occasions that involved running away from leopards, moose and, once, a lion), was dealing with C I HOST support and staff about 5 or so years ago.
Any money that I made back then all went to the good folks at C I HOST who were more than happy to cleverly suck it from me. So it came as no surprise to learn that following a recent robbery of one of their datacenters, they did what they do best: they reached into their bag of tricks and came up with the best way to tell their customers about the unfortunate situation: blatantly lying to them and saying it was caused by a router failure. It's ironic that the "Register" article is titled "Masked thieves storm into Chicago colocation (again!)"
Were it not the case that people's data got stolen and that they'll probably not be reimbursed by C I HOST, again no surprise, I'd have said that karma's a pretty cool guy. How that company has survived for so long given the rotten way it deals with customers is a mystery.
Mmmmm... Butterscotch! I smell envy!
:)
Seriously though, we have maple syrup. That's like a peace pipe to the umpteenth power. You just can't stay angry at someone when they're pouring liquid sugar in your mouth
-Billco, Fnarg.com
To provide a more general answer to your question, check out Sun Blueprints' Enterprise Data Center Design and Methodology. It's by no means complete, but it's a great starting point. We used it when we planned the deployment of a data center in Mali last year.
I'm proud of my Northern Tibetian Heritage
A few years back CIHost support oops'ed one too many times... we switched providers. Sure glad we did! We were able to cut our hosting monthly expense by a factor of 12, and got so much more than we had with CIHost.
Naw, I re-read the question, and I was wrong to flame the guy. I really don't know why I read flaming into his question, or why I felt compelled to feed those flames I had perceived. I was wrong in either instance, and wrong-squared for following through with a response.
To The Great Pretender: I apologize for my completely uncalled-for response. You certainly didn't deserve being treated that way.
I recall one of my first questions about networking (on FidoNet): "What's a Node?" Actually took a while before I really got a straight answer, most people thought I was baiting them with dumb questions (I think "trolling" hadn't come into common usage yet). I guess I've become the same sort of cynic, and I hope I didn't contribute to creating another one.
Done with slashdot, done with nerds, getting a life.
> A 1U server is also commonly called a "pizza box" because of its shape (although they're generally rectangular rather than square).
I always heard "Pizza Box" in describing Sun Sparc 10's and other desktop boxes with similar form factors. The 1U rack form factor was just "rackable" -- they're really way too big to call 'em pizza boxes. Maybe Little Ceasar's "pizza pizza" boxes.
Done with slashdot, done with nerds, getting a life.
You can look at the building (900 North Franklin, Chicago, IL 60610) in Google Street View. Older brick building with casement windows. Main entrance has wooden doors with big glass panels. No sign of external cameras. Rear of building has an external fire escape. Extensive graffiti on upper story doors leading to fire escape. Upper story windows easily reachable from fire escape.
The problem is assuming all threats are the same. The means and objectives in penetrating a missile silo are fundamentally different than for a data center. A guard with a gun isn't going to stop the "evil packet."
there's no doubt in my mind it was an inside job. that place is run like a sweat shop. the owners sue anybody who slanders or even attempt to slander them. they're so litigious, it makes Johnny Cochran look like a helpless baby (albeit a dead one).
I worked there because after the tech bubble popped. I helped get a host of my friends to work there too. It was hell on earth. They're just getting what they deserve.
--
-- ghx