[funsec] An interesting packet inspection problem

Stephen Villano stephen.villano at us.army.mil
Mon Jan 16 05:56:52 CST 2006


But it's *SOOO* much more fun to come on shift at beginning of business to
find things are going wrong with no warning.
Why only a couple of months ago I came in, opened our shop, booted up and
logged in (cached logon it turned out) and found I couldn't find the shares
from three servers, then couldn't find the mail server.
I trotted to the server room in the next building and opened the door to
hear:
Silence.
It turned out that the facility lost power, the building UPS kicked in but
the generator had a bad battery. The building UPS eventually failed, the
rack UPS's eventually failed...

Or when I came on shift and found a rack full of servers in various states
of downness (either locked up hopelessly or appearing to be operational,
just missing network connectivity due to the protocol layer having a nervous
breakdown. It seems that the rack UPS decided to die and glitch the power
during the process...

Or when the higher command noc-monkeys decided to block SMTP. Not a big
deal, save to the mail servers for the command!

A few dozen other stories that I am not allowed to relate for security
reasons...

Calling the Marx brothers help desk...
Getting transferred to either Abbot and Costello or more often Curly, Larry
and Moe...

> -----Original Message-----
> From: funsec-bounces at linuxbox.org [mailto:funsec-bounces at linuxbox.org] On
> Behalf Of Drsolly
> Sent: Monday, January 16, 2006 2:18 PM
> To: funsec at linuxbox.org
> Subject: Re: [funsec] An interesting packet inspection problem
> 
> The situation is now resolved.
> 
> It turned out to be a faulty switch on the Linx network, they rebooted it,
> and the problem is cleared.
> 
> Thanks for everyone's help in resolving this. It meant that it was
> possible to clear the problem before it started to affect businesses when
> they opened up today.
> 
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.




More information about the funsec mailing list