Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[LooneyTuna]

Charlie, you are our resident expert on these things.  How long would it take for a company as big as Sony to rebuild their
computer infrastructure from what looks like the ground up?  How many servers... How much data with over 77 million users (yes I know some are redundant) but still they have to deal with every acct.   I know next to nothing concerning these things, but to me a week doesn't seem like sufficient time to get it all back.  Add in the fact that the security should be redoubled and what I'm sure is a police investigation, meaning they have to have collect all the relevant data and make sure nothing is missed  before taking it all down to rebuild... Really, does a week seem like a long time to accomplish all this.  
I ask seriously, no sarcasm intended or implied as  I have no real idea what goes into it all or the scope of what Sony needs to do..

 Has no one at Sony heard about DR (disaster recovery) and how you have stuff ready in case a "disaster" occurs...

But, yes!!!  

A week is a helluva LOOOOOOOOONG FUCK ing time for a production system to be down...   The data should all be readily available -- if not that's what backups are for...   And trust me, if they are doing this user-by-user - they are doing it wrong...  

It's not like they have to reformat/rebuild each and every device - they "re-image" which takes significantly less time.   If they've planned properly the re-imaging could load all software and patches to address all known vulnerabilities.  Then you scan to verify.  Hardware could be a different story- but nothing I've seen indicates they had hardware issues.   (purchasing can consume time cycles)

I'd almost bet that when they were "recovering" from the Anon DDOS that they provisioned some new servers and brought them into the mix but forgot to fully patch them.  I wonder if they even did a vulnerability scan to look for known holes.  That was probably the "door" that the second wave of attacks used to compromise the entire network.  Once you have "root", you own the system.

I.E. Don't FUCK with Charlie.     

[DudeTuna]

I gathered from what I have read, it is not just re-imaging the servers. They are redesigning the network from the ground up.

At least that is what I thought I read Charlie.

[InfiniTuna]

I gathered from what I have read, it is not just re-imaging the servers. They are redesigning the network from the ground up.

At least that is what I thought I read Charlie.

I would never FUCK with Charlie... I honestly didn't know... I know he knows what he is talking about, it's why I asked him directly.    Nothing but respect for him.  
I read the same as you Dude... it seems to be more of a total system rebuild than a fix.
Sony just doesn't give us too much to go on.

BTW... thanks Charlie for a quick response... too bad Sony isn't as quick and responsive.  <<-- still done lovingly by hand-->>

[CharlieTuna]

I gathered from what I have read, it is not just re-imaging the servers. They are redesigning the network from the ground up.

At least that is what I thought I read Charlie.

Even so...  It shouldn't take that long.   They must have a real crappy IT department.   Redesigning the network may sound like an arduous task but it's not rocket science.  I've taken down and "re-designed" my network "from the ground up" on several occasions.  Doesn't take that :fuck ing long, especially is you have a plan. I think the last time it took me two hours -- and most of that was modeling the design in Visio.  Granted it's a much smaller scale than Sony, but then it was just me doing it and not an army of crack IT professionals *cough*  (maybe more like IT professionals on crack)

Actually I think Sony used that vernacular as more of a "buzz" phrase.  making it sound like they are doing some grandiose feat -- or like they know what they are doing.  When, in reality, they should have already had procedures in-place for just such an event.

I know if my client's network was down for a weekend - let alone a week - I'd be looking for a new job...

:loser

[DesertSniper72]

Sony has pissed off the world. 

http://ingame.msnbc.msn.com/_news/2011/04/27/6544610-sony-sued-could-bleed-billions-following-playstation-network-hack?GT1=43001

[InfiniTuna]

Sony has pissed off the world. 

http://ingame.msnbc.msn.com/_news/2011/04/27/6544610-sony-sued-could-bleed-billions-following-playstation-network-hack?GT1=43001

Right now it's not the whole world, just one guy... of course the flood (Bill) gates will open and more will pile on... they smell the $$$.
Still can't figure out how you sue when we can't even ascertain the amount of damage.  :palm

[DesertSniper72]

Sony has pissed off the world. 

http://ingame.msnbc.msn.com/_news/2011/04/27/6544610-sony-sued-could-bleed-billions-following-playstation-network-hack?GT1=43001

Right now it's not the whole world, just one guy... of course the flood (Bill) gates will open and more will pile on... they smell the $$$.
Still can't figure out how you sue when we can't even ascertain the amount of damage. 

One guy with the intent to sue, but you have officials in the U.S, U.K. and Australia that want answers from Sony. Even if just names and addresses were all that was lost to the crackers, it's still Sony's responsibility to protect our info and they blew it. I would be on board for free credit monitoring on their dime since it was their fuck up.

[nosoks]

I will vote for Charlie to IT Exec at the network so long as it doesn't compromise his epic efforts here for us

[DudeTuna]

Yes and now I need to change my password on PSM and my luggage.

[TheHotstepper]

Yes and now I need to change my password on PSM and my luggage.

Lemme guess... 12345 ??

[TunaRag]

I gathered from what I have read, it is not just re-imaging the servers. They are redesigning the network from the ground up.

At least that is what I thought I read Charlie.

Even so...  It shouldn't take that long.   They must have a real crappy IT department.   Redesigning the network may sound like an arduous task but it's not rocket science.  I've taken down and "re-designed" my network "from the ground up" on several occasions.  Doesn't take that FUCK ing long, especially is you have a plan. I think the last time it took me two hours -- and most of that was modeling the design in Visio.  Granted it's a much smaller scale than Sony, but then it was just me doing it and not an army of crack IT professionals *cough*  (maybe more like IT professionals on crack)

Actually I think Sony used that vernacular as more of a "buzz" phrase.  making it sound like they are doing some grandiose feat -- or like they know what they are doing.  When, in reality, they should have already had procedures in-place for just such an event.

I know if my client's network was down for a weekend - let alone a week - I'd be looking for a new job...

Do you mind if I ask what kind of networks you and your client have?

[TunahCroonah]

I Liked the New Sony ad:




Sony Bored of Directors:  :stooges2


:tunafy

[LooneyTuna]

Sony Bored of Directors: 

I think that also looks like another bored. 

[TunahCroonah]

Why,....Looney,.....WHATEVER are you talking about? 

[CharlieTuna]

Do you mind if I ask what kind of networks you and your client have?

"room-temperature superconducting artificial neural network with the ability to learn"   :rofl3
:popcorn



Actually the networks I work with are quite homogeneous; like the Internet and the world.   The client is an IT outsourcer so they basically have a little bit of everything, kinda "your mess for less" - some of it is very-archaic by today's standards (e.g. VAX).

Desktops mostly Windoze.  Servers are a mix of Windoze/Linux/Unix.  Lot's of VMware virtualization thrown in.    

The company I work for makes management/monitoring software for IT -- including for security.  My background is security, though these days I work as an escalation point for Support to insure we meet our SLAs (service level agreements) with our clients and do not have outages such as the one being experienced with PSM.  

Before that I was a security conslutant (typo intended for clarification of meaning; i.e. have laptop/will travel).  Prior to that, I was the chief security officer for a couple of state agencies within TX.  


:rant
When I ran information security at the Comptroller's Office, we never had any security breaches - especially like they recently had where they exposed taxpayer records in the open for several years.  But then we were certified IT professionals and not the political must-hires that Susan Combs brought in when she was elected.  The folks she hired might have known alot of managerial buzzwords but they couldn't spell PC or LAN...  They also had no concept of GASP - other than gasping for air when something unexpected by them happened, i.e. jaw drop.