From: hplabs!pyramid!utzoo!henry@ucbvax.Berkeley.EDU
Date: Tue, 6 Jan 87 16:53:46 pst
To: pyramid!CSL.SRI.COM!RISKS
Subject: Risks Involved in Campus Network-building
It can get worse. Consider someone who is angry at the administration,
perhaps having just flunked out, been expelled, or whatever. There is
some sophistication involved in doing things like watching the network
for passwords etc. There is little or no sophistication needed to just
run some copper between the network cable and a 110V wall socket. Not
only does this disrupt the network, it probably destroys a great deal of
equipment, and creates a serious safety hazard. Good luck identifying
the culprit, too! In most networking setups this would probably be
utterly untraceable once the connection was broken.
So. Asshole splices an Ethernet cable to a power plug and does the obvious thing. Is there anything at all in place in the average corporate or university LAN to prevent a lot of expensive damage?
Well, the nearest router or switch would act as a gigantic fuse and blow up. So most of the damage would probably be confined to the one circuit that was plugged into the wall and the network equipment attached to it. Note that the post in question was written when hubs and token-ring circuits were far more common, which could obviously spread the damage further.
Right. Also, now that WiFi is becoming the default way to get online, this threat once again begins to fade into irrelevance.
Finally, if you read the rest of the message, he mentions how all that wiring makes a wonderful lightning rod. How often do you hear about LANs getting struck by lightning?
Ah, the BOFH Etherkiller, only for the BOFH, it was 240V (the BOFH being a kiwi). That refers to 3kV isolation in the specs, but this pdf on Industrial Ethernet refers to 2kV and many devices only being rated to 1.5kV
I have seen the impact of lightning ground potential waves on thinnet segments - we lost plenty of adapters but no PCs, and maybe a hub port once.
I read through odd stuff during my down-time sometimes. I’m a big computer geek and I love the history of computing, so I have full archives of the RISKS Digest and I browse through these Usenet archives as well.
I doubt there’s much specifically in place to prevent this ( though, as pointed out, the damage probably won’t go past the nearest router or two). But there’s also nothing specifically in place to keep the asshole from shorting out the wall plug and bringing down power to a section of campus, or pouring superglue into the server room lock or covering the air conditioner intake for the server room, any one of thousands of other ways to f*ck shit up. If the asshole is dedicated, they’re going to be able to break something expensive, and maybe even in a way that’s not easily traced to them. There’s no point in trying to completely bulletproof everything in the world, since there’s always another way to break things.
That would just trip a breaker for the circuit that plug is on. The only people who would even notice would probably be in the same room as the saboteur.