Free Republic
Browse · Search 		News/Activism
Topics · Post Article

To: frogjerk

So they were advertising bad routes via bgp to the rest of the world.. but bgp is an external routing protocol..

that should not impact there internal routing protocol (ospf likely) that should be handled the local keycards access.... even if they were running ibgp

Got to be some dumb ass network design they have there


7 posted on 10/05/2021 8:51:20 PM PDT by tophat9000 (Tophat9000)
[ Post Reply | Private Reply | To 3 | View Replies ]

To: tophat9000
Management traffic should not ride the same network routing as those providing services internal or external.

Keycard access, terminal server access, and other management protocols should be independent of that type of traffic as it can affect or be affected by bandwidth and blackhole route issues.

11 posted on 10/05/2021 9:01:22 PM PDT by frogjerk (I will not do business with fascists)
[ Post Reply | Private Reply | To 7 | View Replies ]
To: tophat9000

I ran a theoretical hack scenario back in 2000 and my attack plan was to Sever all the external management connections 1st and then collapse the internal network

Something makes me think something else went on as a network collapses that bad shouldn’t happen

Interesting in my scenario the motivation was to make money by shorting a company stock before the attack so went the company went dark for a day the stock would be driven down any you could clean up on the short postion

Considering Facebook was getting hammered on capital hill and then this crash the same day

I’d be curious if there was any major shorts of their stock in the days leading up to this. Because they did take a stock hit yesterday


12 posted on 10/05/2021 9:04:59 PM PDT by tophat9000 (Tophat9000)
[ Post Reply | Private Reply | To 7 | View Replies ]
To: tophat9000

It’s been a while since I worked on them, but the keycard access systems I dealt with stored a local copy of the access card database, so a network outage wouldn’t disable them.


13 posted on 10/05/2021 9:05:34 PM PDT by brianl703
[ Post Reply | Private Reply | To 7 | View Replies ]
To: tophat9000

I worked at a university that used BGP internally (iBGP) as well as externally (eBGP). We used it to do virtual segmentation on our LAN - we had different VRF’s (virtual routing & forwarding) subsystems for different ‘groups’ of items. We had “students” in one group, and that way they had the same firewall policies across the entire campus - regardless of if they were on wired, wireless or even connected via VPN. Same for staff, faculty, and then other systems (like phones, infrastructure - wireless APs, door controllers, etc.). Each one had specific firewall policies and access rules to either talk inside, or outside. Infrastructure devices NEVER talked outside - period.


29 posted on 10/06/2021 10:26:01 AM PDT by ro_dreaming ("We seem to have gone from 'We the people' to 'Me, the president' in a scant 8 months." - Me)
[ Post Reply | Private Reply | To 7 | View Replies ]

Free Republic
Browse · Search 		News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson