At 11:10 AM -0500 11/27/02, Eric Gauthier wrote:
I don't know which scares me more: that the hospital messed up spanning-tree so badly (which means they likely had it turned off) that it imploded their entire network. Or that it took them 4 days to figure it out.
If it's anything like a former employer I used to work for, it's possible the physical wiring plant is owned/managed by the telco group which jealously guards its infrastructure from the networking group. A subnet I used to work on was dropped dead for a day when a telco-type punched a digital phone down into the computer network causing a broadcast storm. It took half a day just to get the wiring map, then another half day to track down the offending port because the tech in the network group dispatched to solve the problem did not have a current network map. The subnet in question contained a unix cluster with cross-mounted file systems that processed CAT scans for brain trauma research. The sysadmin of that system told me that they lost a week's worth of research because of that cock-up. Hospitals are very soft targets network-wise, with hundreds, if not thousands of nodes of edge equipment unmanned for hours long stretches. On a regular basis, I saw wiring closets propped open and used as storage space for other equipment. Track down a pair of scrubs, and you can walk just about anywhere in a hospital without being challenged as long as you look like you know where you are going and what you are doing. Ten years later, there are still routers there that I can log into as the passwords have never been changed because the administrators of them were reorganized out or laid off and the equipment was orphaned. Minimal social engineering plus a weak network security infrastructure is a disaster waiting to happen for any major medical facility. -- Regards, Chris Kilbourn Founder _________________________________________________________________ digital.forest Int'l: +1-425-483-0483 where Internet solutions grow http://www.forest.net