[rescue] OT: Network Blinkenlights
Isaac
isaac at pobox.com
Tue Mar 8 07:58:09 CST 2005
On Mon, 7 Mar 2005, Phil Stracchino wrote:
> Kevin Loch wrote:
> > You could also argue that an attacker with enough physical
> > access to observe the blinking lights already has much
> > more threatening opportunities.
>
> Could and would. If he can see the blinkenlichten, he *probably* has
> physical access to the console, and if he has physical access to the
> console, it's only a matter of time before he owns your ass.
>From http://news.com.com/2100-1001-854946.html :
"[Paper author] Loughry had the idea when, walking along Seattle's
streets more than six years ago, he looked up at the office buildings
and saw large racks of equipment with blinking LEDs pushed up against
the windows."
Yes, on the continuum of security risks, this one is way down there.
That said, the (large) core switches in my employer's colo have no
blinkenlights at all, just bicolor leds for error and link status.
I'm not contending that the steady-blink-for-traffic LEDs aren't
annoying, or that blink-once-per-frame traffic LEDs aren't useful, mind.
Just playing devil's advocate, a bit.
-Isaac
More information about the rescue
mailing list