Wed, 23 Jul 2008
Even More . . .
Inforworld has great column up with more details about teh Sf h4x0r if you're interested.
Some key points/quotes:.As for the impact of [Childs'] actions to the rest of the City, the mayor's statement basically has it right. The network is completely up and running. No servers that I'm aware of are affected. No one has had any downtime (yet). But until they get back into those routers, they can't make any changes. I don't know yet if Terry's lockout applies only to the FiberWAN or also to the other routers, firewalls, switches, etc. in the City network..Wheeee
.Terry's area of responsibility was purely network. As far as I know (which admittedly is not very far), he did not work on servers, except maybe VoIP servers, AAA servers, and similar things directly related to the administration of the network. My suspicion is that you are right about how he was 'monitoring e-mail'; it was probably via a sniffer, IPS, or possibly a spam-filtering/antivirus appliance. But that's just conjecture on my part..
A key point made in the e-mail is that Childs' managers and coworkers all knew that he was the only person with administrative access to the network. In fact, it was apparently known and accepted in many levels of the San Francisco IT department. Again, quoting from the e-mail:
"This is where it gets tricky for the prosecution, IMO, because the localized authentication, with Terry as sole administrator, has been in place for months, if not years. His coworkers knew it (my coworkers and I were told many times by Terry's coworkers, 'If your request has anything to do with the FiberWAN, it'll have to wait for Terry. He's the only one with access to those routers'). His managers knew it.
"Other network engineers for the other departments of the City knew it. And everyone more or less accepted it."
23 Jul 13:53 | /rants_and_raves | 0 comment(s)
Trackback
TrackBack ping me at:
http://www.kenneths.org/flog/rants_and_raves/sftech4.orlytrackback
