From mboxrd@z Thu Jan 1 00:00:00 1970 Message-Id: <3A197D36-CE21-4D9B-B57F-BD133AFE46DE@storytotell.org> From: Daniel Lyons To: lucio@proxima.alt.za, Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> In-Reply-To: <3b4e65462cfd5539606cdee9efae9e65@proxima.alt.za> Content-Type: text/plain; charset=WINDOWS-1252; format=flowed; delsp=yes Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (Apple Message framework v935.3) Date: Thu, 6 Aug 2009 22:55:46 -0600 References: <3b4e65462cfd5539606cdee9efae9e65@proxima.alt.za> Subject: Re: [9fans] a few Q's regarding cpu/auth server Topicbox-Message-UUID: 3bc68f5e-ead5-11e9-9d60-3106f5b1d025 On Aug 6, 2009, at 10:19 PM, lucio@proxima.alt.za wrote: >> I have direct experience as a contractor where I have entered >> many a co-lo; and was unimpressed with their security to say the =20 >> least. >> I had constant and easy access to a large number of nameless servers, >> it's a nobrainer to access keyboard/monitor pairs in many of these =20= >> places. > > That would be vandalism. You didn't indulge in it, why would you > expect someone else in your situation to do differently? Or are you > lying to us? Story time. :) Several years ago I worked for a company here that had decided to =20 colocate a server locally (yeah, brilliant, in Albuquerque) instead of =20= getting a hosted server somewhere with better access. I wound up going =20= down there a few times to add RAM to the system. Apart from my =20 company, there were a smattering of other smalltimers with big tower =20 computers from Dell on this rack and off on the other side of the =20 facility was a fenced off area with four or five racks of Dell =20 hardware. The owner casually mentioned to me that the company who =20 owned the racks had something to do with airline ticket sales. I guess =20= because I chuckled at that, he also mentioned to me that the computer =20= next to ours was hosting the governor's re-election website. I thought =20= about doing something malicious, because I'm not a big fan of =20 Richardson, but decided it wasn't worth the trouble. Later on one of the owners of the colo facility got bought out and =20 blew up. He went into the facility and ripped out the primary router, =20= then took the upstream cable and plugged it into another port on the =20 backup router such that the packets wound up going in a cycle. Then he =20= damaged the backup power system and flew out the door with the primary =20= router. Not really taking a position here but your comments reminded me of the =20= story. I guess there's always a bigger jerk out there and sometimes he =20= runs your colo facility. =97 Daniel Lyons