Why San Francisco's network admin went rogue

An inside source reveals details of missteps and misunderstandings in the curious case of Terry Childs, network kidnapper

By Paul Venezia
July 18, 2008

Talkback

E-mail

Printer Friendly

Reprints

Like many network administrators who work in the rarified air of enterprise network architecture and administration, Childs apparently trusted no one but himself with the details of the network, including routing configuration and login information. Again, from the source's e-mail:

“The routing configuration of the FiberWAN is extremely complex. Probably more so than it ought to be; I sometimes got the feeling that, in order to maintain more centralized control over the routing structure, [Childs] bent some of the rules of MPLS networks and caused problems for himself in terms of maintaining the routing.

“Because the system was so complex (and also because he didn't involve any of the other network engineers in his unit), Terry was the only person who fully understood the FiberWAN configuration. Therefore, to prevent inadvertent disruption of this admittedly critical network, he locked everyone else out. I know most of the networking equipment … does use centralized AAA, but I get the impression he may have configured the FiberWAN equipment for local authentication only.”

Childs' attitude toward other administrators is by no means unusual in the IT industry. This is generally due to the fact that admins who are tasked with constructing and maintaining networks of this size and scope care for them like children, and eventually come to believe that no one else could have the knowledge and skills to touch the delicate configurations that form the heart of the network.

Sole administrator
A key point made in the e-mail is that Childs' managers and coworkers all knew that he was the only person with administrative access to the network. In fact, it was apparently known and accepted in many levels of the San Francisco IT department. Again, quoting from the e-mail:

“This is where it gets tricky for the prosecution, IMO, because the localized authentication, with Terry as sole administrator, has been in place for months, if not years. His coworkers knew it (my coworkers and I were told many times by Terry's coworkers, 'If your request has anything to do with the FiberWAN, it'll have to wait for Terry. He's the only one with access to those routers'). His managers knew it.

"Other network engineers for the other departments of the City knew it. And everyone more or less accepted it.

"No one wanted the thing to come crashing down because some other network admin put a static route in there and caused a black hole; on the other hand, some of us did ask ourselves, 'What if Terry gets hit by a truck?' If a configuration is known and accepted, is that 'tampering'?”

Paul Venezia is senior contributing editor of the InfoWorld Test Center and writes The Deep End blog.

Continued
« PREVIOUS PAGE | 1 | 2 | 3 | 4 | 5 | 6 | NEXT PAGE »

Add to:

Digg

Talkback:

comment Post a Comment

MOST COMMENTS

>> Talkback: Have your say

COMPREHENSIVE DATA PROTECTION AND DISASTER RECOVERY
Traditional backup and recovery is becoming irrelevant. You need more. Watch this InfoWorld and Dell Equallogic webcast to learn the current trends in Comprehensive Data Protection and Disaster Recovery for VMware Virtual Infrastructure. Sponsored by Dell Equallogic:

» Click here to view this Webcast

Enterprise Data Security Solutions Guide
Data security used to be about outside threats. These days the biggest challenge for data-driven organizations is the management of secure information from the inside out. Data is available on laptops, your network and even USB devices, but not always secure. Read this Solutions Guide to learn the best ways to keep it safe. Sponsored by ISC2

» Click here to download now

- Special Advertising Partners -

WHITE PAPERS

AT&T Article: Reinventing the Telephone with VoIP - After weighing Internet telephony's costs against its benefits, some managers are deciding that VoIP is vital to their organizations...
AT&T Business Continuity Survey on Risk Management - For the seventh consecutive year, AT&T surveyed 500 leading American IT executives to learn what they're doing about business...
New from AT&T: Fixed-Mobile Convergence for High Performance - The newest fixed-mobile convergence (FMC) strategies could enable enterprises to increase the productivity and effectiveness...
Machines That Speak: The Machine-to-Machine Wireless Network - The new M2M systems are transforming everyday devices into never-blinking sentinels that provide both information and insight...
Securing the Converged Enterprise II - Securing the converged enterprise has become a multidimensional discipline requiring a centralized, defense-in-depth approach...
Securing the Converged Enterprise I - Balancing the many benefits of convergence with the associated security risks can be tricky. While convergence eases communications...

» Technology White Papers Library

Technology White Papers by Topic

Technology White Papers E-mail Alert

Find out when the latest white paper is available:

INFOWORLD MARKETPLACE

Deliver REMOTE SUPPORT Easily. Try WebEx FREE! - DOWNLOAD WEBEX SUPPORT CENTER FREE! Deliver efficient, effective support. CRUSH SUPPORT LOG JAMS!
Migrating to an IP-VPN? XO Can Make It Happen - Learn the five critical success factors with a free whitepaper from XO Enterprise Solutions.
Sign up to TRY WEBEX SUPPORT CENTER FOR FREE! - Get your FULL FEATURED trial here. Share documents and applications, address support challenges.
IP Networks Boost Secure Health Communications - AT&T provides secure communication to keep health care moving forward.
Why a CMDB? - IT best practices (ITIL) have shown the benefits of a CMDB. Click for whitepapers.

» BUY A LINK NOW

Why San Francisco's network admin went rogue

MOST COMMENTS

» Technology White Papers Library

Technology White Papers by Topic

Technology White Papers E-mail Alert

Video

Podcasts

InfoWorld Blogs

Columnists

Find Products and Companies

Resource Center

Sponsored Technology Links

Sponsored Technology Links
AT&T - New from AT&T: Discover Fixed-Mobile Convergence Now AT&T - Securing the Converged Enterprise I AT&T - An AT&T Article: When Content is King AT&T - The Spirit of Innovation: 100 IT Leaders Speak Out AT&T - Machines That Speak: The Machine-to-Machine Wireless Network AT&T - The Top 10 Best Practices for Server Virtualization Planning Rocket Gang - Jazz Meets Development in IBM Rational Team Concert Nokia - Interaction between Nokia Intrusion Prevention and Nokia Firewall Riverbed - Five Ways to Reduce IT Costs in 2009 AT&T - AT&T Article: Reinventing the Telephone with VoIP (ISC)2 - I'm an SSCP Go-To Guy. See what I do. Click here! AT&T - AT&T Business Continuity Survey on Risk Management AT&T - Maximizing Mobility in Communications Rackspace - The True Value of a Hosting Provider AMD - The Future is Fusion. Only from AMD. Learn more. Nokia - The Case for a Specialized Security Platform Intersystems - Develop and integrate faster with InterSystems Ensemble. AMD - Learn how the new Quad-Core AMD Opteron(TM) processor improves performance AT&T - Securing the Converged Enterprise II AT&T - An AT&T White Paper: Enterprise IPTV Solution HP - HP Architect Planning Tools for MS Office Communications Server 2007 HP - Best Practices for Deploying Microsoft Office SharePoint Server 2007 HP - HP ProLiant BL480c Server Blade Microsoft Exchange Server 2007 HP - HP Smart Array P800 Controller and HP MSA60 2,500 Oracle - Top 3 Ways to Cut Costs in 2009 with Oracle Content Management AMD - See the power of the new Quad-Core AMD Opteron(TM) processor ASG Software - Transform your IT Organization now! ISC2 - Network Security Solutions Guide		Infoblox - The Costs and Impacts of DNS and IP Address Management Riverbed - Virtualization Solutions Guide Armstrong - Delivering Actionable Enterprise Architecture HP - HP StorageWorks products-control, consolidation and confidence. Vision Solutions - Solving Downtime Challenges to Manufacturing and Supply Chain Operations Oracle - The Top Three Ways to Cut Costs in 2009 HP - Predict the future with HP Insight Power Manager HP - Affordable technology-no compromise. HP server solutions. Motorola - The Enterprise Mobile Messaging Benchmark Report Data Domain - IDC Workbook: Assess the Value of Deduplication for your Storage Consolidation Initiatives Vision Solutions - Real-Time, On-Demand Information for Business Intelligence and Data Integration Samsung Printing Solutions - control workflow, costs and operations Check Point - Check Point Endpoint Security White Paper Get to know - BlackBerry Professional Software-find out more Oracle - Oracle Universal Content Management Oracle - Information Workplace Platforms: Oracle vs. Microsoft Oracle - Performance Monitor: ERP at the Speed of Light Sony - Discover the advantages of Sony LTO media at sony.com/lto. Sun - Virtual Machines: Sun's xVM Virtualization Portfolio Verisign - The Latest Advancements in SSL Technology CA - Plan IT better, Manage IT better. CA - Manage your IT more effectively. Intel - Processor-enabled Virtualization. That's IT as it should be. Microsoft - Get the virtualizing power of Windows Server 2008 with Hyper-V Microsoft - Microsoft SQL Server 2008. Read Case Studies & Try for Free Microsoft - Learn about the software-based VoIP solution from Microsoft. Oracle - Nucleus Report: Who's ready for SMB? Qwest - Learn how Qwest voice and data solutions can save you time.

	HOME NEWS BLOGS PODCASTS VIDEOS TECHNOLOGIES TEST CENTER EVENTS	About \| Advertise \| Awards \| RSS \| Contact Us
Copyright © 2008, Reprints, Permissions, Licensing, IDG Network, Privacy Policy, Terms of Service. All Rights reserved. InfoWorld is a leading publisher of technology information and product reviews on topics including viruses, phishing, worms, firewalls, security, servers, storage, networking, wireless, databases, and web services. CIO :: ComputerWorld :: CSO :: Demo :: GamePro :: Games.net :: IDG Connect :: IDG World Expo Industry Standard :: IT World :: JavaWorld :: LinuxWorld :: MacUser :: Macworld :: Network World :: PC World :: Playlist TecChannel :: TecCommunity