Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

*Vanity* Can I really bring down the entire network if I plug in a LAN switch? *Vanity*
4/16/13 | Me

Posted on 04/16/2013 1:42:32 PM PDT by dangerdoc

Question for network guys.

I needed another LAN connection, and there are no more installed at my site. I called the lan guy, they told me I needed to call out of state to the corporate headquarter to get an order and I can expect it in 6 weeks. I mentioned getting buying a switch and using it while we are waiting and he about had a cow. He said I could bring down the entire corporate network.

Is this even posible? If it is, what is to keep somebody from wandering around with a LAN switch and randomly bringing down networks at any unsecure LAN plug?


TOPICS: Computers/Internet
KEYWORDS:
Navigation: use the links below to view more comments.
first 1-5051-92 next last
Or do we just have a really bad network?
1 posted on 04/16/2013 1:42:32 PM PDT by dangerdoc
[ Post Reply | Private Reply | View Replies]

To: dangerdoc
Certainly.
2 posted on 04/16/2013 1:43:39 PM PDT by The KG9 Kid (Demand Common Sense Nut Control.)
[ Post Reply | Private Reply | To 1 | View Replies]

Comment #3 Removed by Moderator

To: dangerdoc

Unsecured access points are dangerous.


4 posted on 04/16/2013 1:44:49 PM PDT by SargeK
[ Post Reply | Private Reply | To 1 | View Replies]

To: dangerdoc
If you were a cook, you could bring down the entire network, and most of the internet by simply plugging in a cheap Wal-mart switching router.

But I've seen your posts, and I don't think you are quite smart enough or cook enough for that kind of world ending havoc. :)

5 posted on 04/16/2013 1:46:41 PM PDT by JRandomFreeper (Gone Galt)
[ Post Reply | Private Reply | To 1 | View Replies]

To: dangerdoc

Oh hell yes man! Don’t do it,


6 posted on 04/16/2013 1:47:27 PM PDT by saganite (What happens to taglines? Is there a termination date?)
[ Post Reply | Private Reply | To 1 | View Replies]

To: dangerdoc
I wouldn't add hardware to any corporate network without approval. In some places that is a firing offense.

And yes, a bad piece of network hardware can bring down a network.

7 posted on 04/16/2013 1:47:36 PM PDT by dirtboy
[ Post Reply | Private Reply | To 1 | View Replies]

To: dangerdoc

You probably mean a hub, not a switch, but one never knows. The problem your network admin is probably worried about is creating a loop, which you could do by plugging a cable from one port into another. Its a concern with large switches. He’s just not happy about losing control of his topology. I don’t blame him. Once hubs are added, they rarely go away.


8 posted on 04/16/2013 1:47:42 PM PDT by andyk (I have sworn...eternal hostility against every form of tyranny over the mind of man.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: dangerdoc

Not a network guy, but I’ve plugged in switches to two different corporate networks without any problems.

On the other hand, it sounds like you’ve been warned by your network guys not to do so. Is waiting 6 weeks worth your job? Or can you have management expedite it so you don’t have to wait 6 weeks.


9 posted on 04/16/2013 1:48:04 PM PDT by DannyTN
[ Post Reply | Private Reply | To 1 | View Replies]

To: dangerdoc

If your branch office switch is configured with VLANs (used for network segment isolation and/or QoS) and/or does port aggregation, then introducing a plain vanilla el-cheapo switch or even an unconfigured managed switch could gank your local network.

Find out what the deal is first.


10 posted on 04/16/2013 1:53:36 PM PDT by Noumenon (What would Michael Collins do?)
[ Post Reply | Private Reply | To 1 | View Replies]

To: dangerdoc

“Enterprise class” switches really can’t be mixed with “consumer class” switches (at least not without some configuration changes.)

Depending on how your network is designed, you may need to set up a switch with “trunking,” “Quality of Service,” and “virtual LANs.” It can be extremely complex.

While it’s unlikely to take down the entire network, it is possible, and quite possible to knock a branch of the network off. I have seen it happen on more than one occassion, but they were all with specific configurations.

Mark


11 posted on 04/16/2013 1:53:40 PM PDT by MarkL (Do I really look like a guy with a plan?)
[ Post Reply | Private Reply | To 1 | View Replies]

To: andyk
I don't think anyone makes a hub anymore. Everything recent seems to be switching/routers with linux software imbedded to do some fancy routing if required.

And everything is at least 100MB/sec now. It's a brave new world.

/johnny

12 posted on 04/16/2013 1:54:28 PM PDT by JRandomFreeper (Gone Galt)
[ Post Reply | Private Reply | To 8 | View Replies]

To: andyk

Who sells hubs these days?


13 posted on 04/16/2013 1:54:33 PM PDT by Noumenon (What would Michael Collins do?)
[ Post Reply | Private Reply | To 8 | View Replies]

April Is Keep FR Alive Month!


Click The Pic

Support FR, Donate Monthly If You Can

14 posted on 04/16/2013 1:59:42 PM PDT by DJ MacWoW (My faith and politics cannot be separated)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Noumenon

Probably Linksys, belkin, Dlink, and others. AFAIK hubs just lack the IP table and have fewer broadcasts.


15 posted on 04/16/2013 2:01:02 PM PDT by andyk (I have sworn...eternal hostility against every form of tyranny over the mind of man.)
[ Post Reply | Private Reply | To 13 | View Replies]

To: andyk

Haha fewer = a lot more!


16 posted on 04/16/2013 2:01:56 PM PDT by andyk (I have sworn...eternal hostility against every form of tyranny over the mind of man.)
[ Post Reply | Private Reply | To 15 | View Replies]

To: JRandomFreeper; Noumenon

I hope you guys are right. It would be great if hubs no longer were being produced. I’ve been out of ops purchases for a few years, so it’s possible!


17 posted on 04/16/2013 2:04:12 PM PDT by andyk (I have sworn...eternal hostility against every form of tyranny over the mind of man.)
[ Post Reply | Private Reply | To 12 | View Replies]

To: All

Installing a router on the network WILL bring the whole thing down if the router is giving DHCP IP leases. I mean, instant down with a difficult restoration.

I do NOT allow anyone in my environments to do any such thing. I actually found that someone had a cell phone app that handed out DHCP leases to guest networks that it was attached too as well. That took me hours to find.


18 posted on 04/16/2013 2:05:07 PM PDT by Celerity
[ Post Reply | Private Reply | To 16 | View Replies]

To: Celerity

Thread needs pic of kid with fork and electrical outlet.


19 posted on 04/16/2013 2:09:30 PM PDT by don-o (He will not share His glory, and He will not be mocked! Blessed be the Name of the Lord forever!)
[ Post Reply | Private Reply | To 18 | View Replies]

To: dangerdoc

Yes. Friend of mine did it to his place of work just a few weeks ago.


20 posted on 04/16/2013 2:11:32 PM PDT by discostu (Not just another moon faced assassin of joy.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: dangerdoc
Oooh, yeah, depending on how it's (mis)configured. Not for the uninitiated. Please don't.
21 posted on 04/16/2013 2:13:11 PM PDT by Billthedrill
[ Post Reply | Private Reply | To 1 | View Replies]

To: dangerdoc

Why would a guy named “dangerdoc” be intimidated by a lowly IT person?


22 posted on 04/16/2013 2:14:41 PM PDT by BubbaBasher ("Liberty will not long survive the total extinction of morals" - Sam Adams)
[ Post Reply | Private Reply | To 1 | View Replies]

To: All

Don’t fear, I am going to wait for the installers. I just had no idea how fragile the networks were. Seems like a real problem if you have disgruntled workers.


23 posted on 04/16/2013 2:14:43 PM PDT by dangerdoc (see post #6)
[ Post Reply | Private Reply | To 2 | View Replies]

To: BubbaBasher

I got that name because I kept ending up in the hospital after doing “fun” stuff. I may be dangerous, but only to myself.


24 posted on 04/16/2013 2:16:52 PM PDT by dangerdoc (see post #6)
[ Post Reply | Private Reply | To 22 | View Replies]

To: JRandomFreeper

That’s what I was thinking.


25 posted on 04/16/2013 2:19:42 PM PDT by dangerdoc (see post #6)
[ Post Reply | Private Reply | To 5 | View Replies]

To: Blood of Tyrants

HA-HA....(borrowing...!)


26 posted on 04/16/2013 2:20:22 PM PDT by Yehuda
[ Post Reply | Private Reply | To 3 | View Replies]

To: dangerdoc
I can tell from your post you are not a Democrat. Their philosophy:
it's easy to do it and ask for forgiveness than to ask permission and be denied.
27 posted on 04/16/2013 2:22:36 PM PDT by aimhigh ( Guns do not kill people. Abortion kills people.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: dangerdoc
Short answer, yes.

Long answer, it introduces an unmanaged security threat vector. I've also seen those @#%$#%@ little 5-port switches start jabbering and take down an edge switch. 48 people, all looking for my head. And since the 5-port is unmanaged, they're dammed hard to find.

IT really, really doesn't want to be a PITA (well, there's always one power-tripping idiot in every crowd, but setting that one aside....). We just want to keep the infrastructure up and working, and keep people from yelling at us, as much as possible.

Trouble is, when there's a problem, the overall user base doesn't want to hear "Well, dangerdoc plugged in a spare switch six months ago, and it just failed and took your network down, and it took us a couple of hours to find it because the guy dangerdoc talked to quit 4 weeks ago, so that's why you missed your bid on EBay...." They just know there's a problem and it's IT's responsibility to fix it. Right Now, Or Else. So, even though your request may be eminently reasonable, it's better to say "No", follow procedure, and head off potential long-term problems, than to adapt an "Anything goes" posture.

I won't even get into the discussion..."Well, DANGERDOC has one of these, so I want one, too!!!! Now! Or I'm telling your boss's boss's boss!! (who, in all likelihood, will say "yes" to the current PITA standing in front of him, just to make it go away so he can get back to thinking about important things, like golf. Besides, he doesn't need to fix stuff, that's what he pays people to do for him...)". I've dealt with toddlers that are more rational than some users.

/rant off. Hope that answered your question.

28 posted on 04/16/2013 2:22:54 PM PDT by wbill
[ Post Reply | Private Reply | To 1 | View Replies]

To: dangerdoc

http://superuser.com/questions/344058/increasing-number-of-lan-ports-of-a-router

The second answer (greatwolf) is probably what you need.


29 posted on 04/16/2013 2:25:53 PM PDT by cynwoody
[ Post Reply | Private Reply | To 1 | View Replies]

To: dangerdoc

See post 8, 18, and 20 for most probable cause but a defective hub will also do it. So short answer is “yes” it can take down a network.


30 posted on 04/16/2013 2:26:29 PM PDT by techcor
[ Post Reply | Private Reply | To 1 | View Replies]

To: dangerdoc

What’s a LAN? I’m assuming from the conversation that the N stands for network, but...


31 posted on 04/16/2013 2:30:09 PM PDT by JimRed (Excise the cancer before it kills us; feed &water the Tree of Liberty! TERM LIMITS, NOW & FOREVER!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: wbill

I can offer one anecdote. I set up a network at work using Netgear 5 port hubs to connect about 6 pcs over 4 buildings to a cetral host with a work order database. The database kept dropping packets and having to be reclaimed from the previous day’s backup.
I finally replaced the Netgear switches with Cisco Small Buisness models and have not had an issue since.


32 posted on 04/16/2013 2:31:34 PM PDT by ez (Laws are for little people. Criminals, politicians, police, and David Gregory are exempt.)
[ Post Reply | Private Reply | To 28 | View Replies]

To: techcor

But if you REALLY want fun, try defective wiring.


33 posted on 04/16/2013 2:32:28 PM PDT by OneWingedShark (Q: Why am I here? A: To do Justly, to love mercy, and to walk humbly with my God.)
[ Post Reply | Private Reply | To 30 | View Replies]

Comment #34 Removed by Moderator

To: ez

Didn’t Cisco buy Netgear? I dunno, I try to keep the “consumer” stuff out of my workplace as much as possible.


35 posted on 04/16/2013 2:37:34 PM PDT by wbill
[ Post Reply | Private Reply | To 32 | View Replies]

To: don-o; All

36 posted on 04/16/2013 2:42:17 PM PDT by gura (If Allah is so great, why does he need fat sexually confused fanboys to do his dirty work? -iowahawk)
[ Post Reply | Private Reply | To 19 | View Replies]

To: Yehuda

Go ahead. It is an old one I borrowed from a friend when I was in grade school. (A long time ago)


37 posted on 04/16/2013 2:43:15 PM PDT by Blood of Tyrants (Inside every liberal is a totalitarian screaming to get out.)
[ Post Reply | Private Reply | To 26 | View Replies]

To: JimRed
What’s a LAN?

Local Area Network

38 posted on 04/16/2013 2:45:29 PM PDT by NoCmpromiz (John 14:6 is a non-pluralistic comment.)
[ Post Reply | Private Reply | To 31 | View Replies]

To: wbill
Didn’t Cisco buy Netgear?

Cisco bought Linksys...

39 posted on 04/16/2013 2:46:44 PM PDT by NoCmpromiz (John 14:6 is a non-pluralistic comment.)
[ Post Reply | Private Reply | To 35 | View Replies]

To: wbill

They bought Linksys.


40 posted on 04/16/2013 2:49:46 PM PDT by Alas Babylon!
[ Post Reply | Private Reply | To 35 | View Replies]

To: dangerdoc

Then use a hub (/s)

What ya got to lose?


41 posted on 04/16/2013 2:51:02 PM PDT by Calamari (Pass enough laws and everyone is guilty of something.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Noumenon

Thrift shops!


42 posted on 04/16/2013 2:52:40 PM PDT by Calamari (Pass enough laws and everyone is guilty of something.)
[ Post Reply | Private Reply | To 13 | View Replies]

To: dangerdoc

In my former job, this is the point where the sysadmins apply the LART[1].

We had some weasel hang a linux box off an open CAT5 connection and then started assigining random IP addresses to the thing.

First users’ prints spewed into oblivion. An hour later the helpdesk got dozens of calls because people couldn’t log in. Half an hour after that, thousands of web pages vanished. Sysadmins really hate finding random equipment attached to the network.

Lucky for you, your sysadmin was never a BOFH.

Hope this helps,

P.

[1] If you have to ask...


43 posted on 04/16/2013 2:53:42 PM PDT by Peet (Come back with a warrant.)
[ Post Reply | Private Reply | To 1 | View Replies]

You shouldn’t have access to the LAN infrastructure in the first place. If you plugged a lan switch into your local desktop port, it would either work or it wouldn’t, depending on if it’s MAC address/IP restricted.


44 posted on 04/16/2013 2:54:21 PM PDT by JFoobar
[ Post Reply | Private Reply | To 1 | View Replies]

To: Cyber Liberty
:-)

Recently, I dealt with a user whose IT nickname was "Veruca" (if you've seen Willy Wonka, you know the character. If not, google is your friend....). I was removing an old server from the data center when I ran into her in the hall.

She asked, "What's that?". Inwardly wincing, I said "An old server, we're removing it and putting it in storage."

She said, "Well, is it more powerful than the desktop that I have? It's certainly BIGGER!" "I suppose so."

She said, "Well, I want it. If it's faster, I want it. And don't give me an argument like last time, or I'm going to Alan!" Alan is the CIO, he knows that we refer to her as "Veruca", and why. She's gone over my head so many times that I need a lifejacket to go into her office....

Fair enough. I set up the server in her office that evening after she left (she doesn't like us working on her stuff during the day because she does IMPORTANT things, and my time after 5:00 isn't important...), and emailed her asking to schedule a time to move all of her data over to the new equipment. I also turned the server on, and set the BIOS so that it couldn't be powered off, unless it was unplugged.

At this point, it should be noted that the server in question is about the size of a small file cabinet, and runs loud enough to make normal conversation difficult, if not impossible.

Strangely enough, she decided not to keep it. Took me a couple of days to get around to picking it up, though. :-)

Users like "Veruca" are the exception, not the norm. Thankfully. But they keep us from working with the people that we'd really like to see and help, like yourself. ;-)

Good luck with your IT guys!

45 posted on 04/16/2013 2:54:56 PM PDT by wbill
[ Post Reply | Private Reply | To 34 | View Replies]

To: Noumenon

Thrift shops!
Right next to the pressure cookers.


46 posted on 04/16/2013 2:55:32 PM PDT by Calamari (Pass enough laws and everyone is guilty of something.)
[ Post Reply | Private Reply | To 13 | View Replies]

To: Blood of Tyrants

Thx!


47 posted on 04/16/2013 2:56:15 PM PDT by Yehuda
[ Post Reply | Private Reply | To 37 | View Replies]

To: dangerdoc

What you need is your own 4G wireless internet hotspot... that way you can run your own pirate WIFI network and bypass all that corporate network baloney. No reason to let your eBay’in be dependent on those IT jackboots. </big-grin>


48 posted on 04/16/2013 2:59:35 PM PDT by Sparticus (Tar and feathers for the next dumb@ss Republican that uses the word bipartisanship.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: dangerdoc

The better the network the more likely it will cause a shutdown. The most likely result would be your port being turned off. It would be poor topological design to interconnect managed switches with unmanned switches. Depending on the level of security on your network it could trigger an attack alert that could cause a forced shutdown of your network. Just in case while most smoke from electronic failures tends to white in nature. This is not a good sign. Networks devices run on smoke and tiny mirrors and once the smoke is let out you can’t get it back in and the device fails.


49 posted on 04/16/2013 3:00:22 PM PDT by ThomasThomas (Normal isn't normal anymore.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Peet
sysadmin was never a BOFH.
50 posted on 04/16/2013 3:00:46 PM PDT by NoCmpromiz (John 14:6 is a non-pluralistic comment.)
[ Post Reply | Private Reply | To 43 | View Replies]


Navigation: use the links below to view more comments.
first 1-5051-92 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson