8.2 Protecting Computer Hardware
Physically
protecting a computer presents many of the same problems that arise
when protecting typewriters, jewelry, and file cabinets. As with a
typewriter, an office computer is something that many people inside
the office need to access on an ongoing basis. As with jewelry,
computers are valuable and generally easy for a thief to sell. But
the real danger in having a computer stolen isn't
the loss of the system's hardware but the loss of
the data that was stored on the computer's disks. As
with legal files and financial records, if you don't
have a backup—or if the backup is stolen or destroyed along
with the computer—the data you lost may well be irreplaceable.
Even if you do have a backup, you will still need to spend valuable
time setting up a replacement system. Finally, there is always the
chance that the stolen information itself, or even the mere fact that
information was stolen, will be used against you.
Your computers are among the most expensive possessions in your home
or office; they are also the pieces of equipment that you can least
afford to lose. We know of some computer professionals who say,
"I don't care if the thief steals
my computer; I only wish that he would first take out the hard
drive!" Unfortunately, you can rarely reason in this
manner with would-be thieves.
To make matters worse, computers and
computer media are by far the most temperamental objects in
today's homes and offices. Few people worry that
their television sets will be damaged if they're
turned on during a lightning storm, but a computer's
power supply can be blown out simply by leaving the machine
plugged into the wall if lightning strikes
nearby. Even if the power surge doesn't destroy the
information on your hard disk, it still may make the information
inaccessible until the computer system is repaired.
Power surges don't come only during storms: one of
the authors once had a workstation ruined because a vacuum cleaner
was plugged into the same outlet as the running workstation. When the
vacuum was switched on, the power surge fatally damaged the
workstation's power supply. Because the computer was
an aging Digital Pro 350 workstation with a proprietary disk
interface and filesystem, it proved to be cheaper to throw out the
machine and lose the data than to attempt to salvage the hardware and
information stored on the machine's disk. This
proved to be an expensive form of spring cleaning!
There are several measures that you can take to protect your computer
system against physical threats. Many of them will simultaneously
protect the system from dangers posed by nature, outsiders, and
inside saboteurs.
8.2.1 Protecting Against Environmental Dangers
Computers often require exactly the
right balance of physical and environmental conditions to operate
properly. Altering this balance can cause your computer to fail in
unexpected and often undesirable ways. Even worse, your computer
might continue to operate erratically, producing incorrect results
and corrupting valuable data.
In this respect, computers are a lot like people: they
don't work well if they're too hot,
too cold, or submerged in water without special protection.
8.2.1.1 Fire
Computers are
notoriously bad at surviving fires. If the flames
don't cause your system's case and
circuit boards to ignite, the heat might melt your hard drive and all
the solder holding the electronic components in place. Your computer
might even survive the fire, only to be destroyed by the water used
to fight the flames.
You can increase the chances that your computer will survive a fire
by making sure that there is good fire-extinguishing equipment
nearby.
Gas-charged fire extinguishers are
popular for large corporate computer rooms. These work by physically
blocking oxygen from coming into contact with the burning materials.
Unfortunately, gases may also asphyxiate humans in the area. For this
reason, all automatic gas discharge systems have loud alarms that
sound before the gas is discharged. Commonly used gases include
nitrogen, argon, and, less frequently, carbon dioxide.
Here are some guidelines for fire control:
Make sure that you have a hand-held fire extinguisher near the
doorway of your computer room. Train your personnel (and yourself) in
the proper use of the fire extinguisher. This training should ideally
include the actual use of a fire extinguisher—surprisingly, few
people have ever discharged a fire extinguisher! One good way to do
this is to have your employees practice outdoors with extinguishers
that need to be recharged (usually once every year or two). Repeat
the training at least once a year.
Check the recharge state of each fire extinguisher every month.
Extinguishers with gauges will show if they need recharging. All
extinguishers should be recharged and examined by a professional on a
periodic basis (sometimes those gauges stick in the
"full" position!).
If you have a gas-discharge system, make sure
everyone who enters the computer room knows what to do when the alarm
sounds. Post warning signs in appropriate places.
If
you have an automatic fire-alarm system, make sure you can override
it in the event of a false alarm.
Ensure that there is telephone access for your operators and users
who may discover a fire. If you have a PBX, make sure that there is
at least one backup telephone that goes directly to the phone
company.
Many modern computers will not be damaged by automatic
sprinkler systems, provided that the
computer's power is turned off before the water
starts to flow (although disks, tapes, and printouts left out in the
open may suffer). Consequently, you should have your
computer's power automatically cut if the water
sprinkler triggers. If you have an uninteruptable power
supply, be sure that it automatically disconnects as well.
Getting sensitive electronics wet is never a good idea. But if your
computer has been soaked after the power was cut, you can possibly
recover the system by completely drying the system and then carefully
reapplying the power. If your water has a very high mineral content,
you may find it necessary to have the computer's
circuit boards professionally cleaned before attempting to power up.
In some cases, you may find it easier to simply remove your
computer's disk drives and put them into a new
computer. You should immediately copy the data onto new disks, rather
than attempting to run with the salvaged equipment.
Because many computers can now survive exposure to water, many
fire-protection experts now suggest that a water sprinkler system may
be as good as (or better than) a gas discharge system. In particular,
a water system will continue to run long after a gas system is
exhausted, so it's more likely to work against major
fires. Such a system is also less expensive to maintain, and less
hazardous to humans.
If you choose to have a water-based sprinkler system installed, be
sure it is a "dry-pipe" system.
These systems keep water out of the pipes until an alarm is actually
triggered, rather than keeping the sprinkler heads pressurized all
the time. Because they are not continuously pressurized, dry-pipe
systems tend to be resistant to leaks.
Be sure that your wiring is protected, in addition to your computers.
Be certain that smoke detectors and sprinkler heads are appropriately
positioned to cover wires in wiring trays (often above your suspended
ceilings) and in wiring closets.
8.2.1.2 Smoke
Smoke is very damaging to computer
equipment. Smoke is a potent abrasive and collects on the heads of
unsealed magnetic disks, optical disks, and tape drives. A single
smoke particle can cause a severe disk crash on some kinds of older
disk drives that lack a sealed drive compartment.
Sometimes
smoke is generated by computers themselves. Electrical
fires—particularly those caused by the transformers in video
monitors—can produce a pungent, acrid smoke that may damage
other equipment and may also be poisonous or a carcinogen. Several
years ago, an entire laboratory at Stanford had to be evacuated
because of the toxic smoke caused by a fire in a single video
monitor.
Another significant danger is the smoke that comes from
cigarettes and pipes. Such smoke is a
hazard to people and computers alike. Besides the known cancer risk,
tobacco smoke can cause premature failure of keyboards and require
that they be cleaned more often. Nonsmokers in a smoky environment
will not perform as well as they might otherwise, both in the short
and long term. In many locales, smoking in public or semi-public
places is now illegal.
Here are some guidelines for smoke control:
Do not permit smoking in your computer room or around the people who
use the computers.
Install
smoke detectors in every room with computer or terminal equipment.
If you have a raised floor, mount smoke detectors
underneath the floor as well.
If you have suspended ceilings, mount smoke detectors
above the ceiling tiles.
Carbon monoxide (CO)
won't harm your computer, but it might silently kill
any humans in the vicinity. One of the authors of this book became
quite sick in February 1994 when his home chimney was inadvertently
plugged and the furnace exhaust started venting into his house.
Low-cost carbon monoxide detectors are readily available. You should
install them wherever coal, oil, or gas-fired appliances are used.
If you think this warning doesn't apply to your
computer environment, think again. Closed office buildings can build
up high concentrations of CO from faulty heater venting, problems
with generator exhaust (as from a UPS), or even trucks idling outside
with their exhaust near the building's air intake.
|
8.2.1.3 Dust
Dust destroys
data. As with smoke, dust can collect on the heads of magnetic disks,
tape drives, and optical drives. Dust is abrasive and will slowly
destroy both recording heads and media.
Many kinds of dust are somewhat conductive. The designs of many
computers leads them to suck large amounts of air through the
computer's insides for cooling. Invariably, a layer
of dust will accumulate on a computer's circuit
boards, covering every surface, exposed and otherwise. Eventually,
the dust may cause circuits to short, fail, or at least behave
erratically.
Here are some guidelines for dust control:
Keep your computer room as dust-free as possible.
If your computer has air filters, clean or replace them on a regular
basis.
Get a special vacuum for your computers and use it on a regular
basis. Be sure to vacuum behind your computers. You may also wish to
vacuum your keyboards. Ideally, your vacuum cleaner should have a
microfilter (HEPA or ULPA) so that dust removed from the computers is
not simply blown back into your computer room.
In environments with dust that you can't control,
consider getting keyboard dust covers to use when the keyboards are
idle for long periods of time. However, don't simply
throw homemade covers over your computers—doing so can cause
computers to overheat, and some covers can build up significant
static charges.
8.2.1.4 Earthquakes
While
some parts of the world are subject to frequent and severe
earthquakes, nearly every part of the planet experiences the
occasional temblor. In the United States, for example, the San
Francisco Bay Area experiences several noticeable earthquakes every
year; a major earthquake that may be equal in force to the great San
Francisco earthquake of 1906 is expected within the next 20 years.
Scientists also say there is an 80% chance that the Eastern half of
the United States will experience a similar earthquake within the
next 30 years. The only unknown factor is where it will occur. One of
the most powerful U.S. earthquakes in the last 200 years
didn't occur in California, but along the New Madrid
fault—the quake actually changed the course of the Mississippi
River! Recent earthquakes have also been felt in New York City and
Chicago. As a result, several Eastern cities have enacted stringent
anti-earthquake building codes modeled on
California's. These days, many new buildings in
Boston are built with diagonal cross-braces, using the type of
construction that one might expect to see in San Francisco.
While some buildings collapse in an earthquake, most remain standing.
Careful attention to the placement of shelves and bookcases in your
office can increase the chances that you and your computers will
survive all but the worst disasters.
Here are some guidelines for earthquake remediation:
Avoid placing computers on any high
surfaces; for example, on top of file cabinets.
Do not place heavy objects on bookcases or shelves near computers in
such a way that they might fall on the computer during an earthquake.
To protect your computers from falling debris, place them underneath
strong tables when an earthquake is possible.
Do not place computers on desks next to windows—especially on
higher floors. In an earthquake, the computer could be thrown through
the window, destroying the computer and creating a hazard for people
on the ground below.
Consider physically attaching the computer to the surface on which it
is resting. You can use bolts, tie-downs, straps, or other
implements. (This practice also helps deter theft.)
8.2.1.5 Explosions
Although
computers are not prone to explosions, buildings can
be—especially if the building is equipped with natural gas or
is used to store flammable solvents.
If you need to operate a computer in an area where there is a risk of
explosion, you might consider purchasing a system with a ruggedized
case. Disk drives can be shock-mounted within a computer; if
explosions are a constant hazard, consider using a ruggedized
laptop
with an easily removed, shock-resistant hard drive.
Here are some guidelines for explosion control:
Consider the real possibility of an explosion on your premises. Make
sure that solvents, if present, are stored in appropriate containers
in clean, uncluttered areas.
Keep your backups in blast-proof vaults or off-site.
Keep computers away from windows.
8.2.1.6 Extreme temperatures
Computers, like people, operate best
within certain temperature ranges. Most computer systems should be
kept between 50 and 90 degrees Fahrenheit (10 to 32 degrees Celsius).
If the ambient temperature around your computer gets too high, the
computer cannot adequately cool itself, and internal components can
be damaged. If the temperature gets too cold, the system can undergo
thermal shock when it is turned on, causing circuit boards or
integrated circuits to crack.
Here are some basic guidelines for temperature control:
Check your computer's documentation to see what
temperature ranges it can tolerate.
Install a temperature
alarm in your computer room that is
triggered by a temperature that is too low or too high. Set the alarm
to go off when the temperature gets within 15 to 20°
Fahrenheit of the limits your system can take. Some alarms can even
be connected to a phone line and programmed to dial predefined phone
numbers and tell you, with a synthesized voice,
"Your computer room is too hot."
Pay attention to the way your systems discharge heat and the air flow
pattern within the machines and within the room. Evaluate the need
for additional cooling equipment, and if you choose to use it,
install it properly. One of this book's reviewers
told us about seeing room fans installed to direct air at the rear of
some machines. Unfortunately, these were machines that were designed
to vent hot air out the back, so the new fans were pushing the warm
air back toward the machines, instead of venting it out. When the
fans were repositioned, the room temperature dropped by 10 degrees.
Be careful about placing computers too close to walls, which can
interfere with air circulation. Most manufacturers recommend that
their systems have 6 to 12 inches of open space on every side. If you
cannot afford the necessary space, lower the
computer's upper-level temperature by 10°
Fahrenheit or more.
If you are transporting a computer (such as a
laptop) outside in very cold or hot
weather, give it a chance to reach room temperature before starting
it.
8.2.1.7 Bugs (biological)
Sometimes insects and other
kinds of bugs find their way into computers. Indeed, the very term
bug, used to describe something wrong with a
computer program, dates back to the 1950s, when Grace Murray Hopper
found a moth trapped between a pair of relay contacts on Harvard
University's Mark 1 computer.
Insects have a strange predilection for getting trapped between the
high-voltage contacts of switching power supplies. Others have
insatiable cravings for the insulation that covers wires carrying
line current, and the high-pitched whine that switching power
supplies emit. Spider webs inside computers collect dust like a
magnet. For all these reasons, you should take active measures to
limit the amount of insect life in your machine room.
8.2.1.8 Electrical noise
Motors, fans, heavy equipment, and even
other computers generate electrical noise that can cause intermittent
problems with the computer you are using. This noise can be
transmitted through space or nearby power lines.
Electrical surges
are a special kind of electrical noise that consists of one (or a
few) high-voltage spikes. As we've mentioned, an
ordinary vacuum cleaner plugged into the same electrical outlet as a
workstation can generate a spike capable of destroying the
workstation's power supply.
Here are some guidelines for electrical noise control:
Make sure that there is no heavy equipment on the electrical circuit
that powers your computer system.
If possible, have a special electrical circuit with an isolated
ground installed for each computer system.
Install a line filter on your computer's power
supply. Some UPS systems are built to act as power filters. UPSs are
affordable for even home systems, and some include integrated
signalling that can (with appropriate software) shut down your
computer gracefully after a prolonged power outage.
If you
have problems with static, you may wish to install a static
(grounding) mat around the computer's area, or apply
antistatic sprays to your carpet.
Walkie-talkies, cellular telephones,
and other kinds of radio transmitters can cause computers to
malfunction when they are transmitting. Powerful transmitters can
even cause permanent damage to systems. Transmitters have also been
known to trigger explosive charges in some sealed fire-extinguisher
systems (e.g., Halon). All radio transmitters should be kept at least
five feet from the computer, cables, and peripherals. If many people
in your organization use portable transmitters, consider posting
signs instructing them not to transmit in the
computer's vicinity.
8.2.1.9 Lightning
Lightning
generates large power surges that can damage even computers with
otherwise protected electrical supplies. If lightning strikes your
building's metal frame (or hits your
building's lightning rod), the resulting current can
generate an intense magnetic field on its way to the ground.
Here are some guidelines for lightning control:
If possible, turn off and unplug computer systems during lightning
storms.
Make sure that your backup tapes, if they are kept on magnetic media,
are stored as far as possible from the building's
structural steel members.
Surge suppressor outlet strips will not protect your system from a
direct strike, but may help if the storm is distant. Some
surge
suppressors include additional protection for sensitive telephone
equipment; however, this extra protection may be of questionable
value in most areas because by law, telephone circuits must be
equipped with lightning arresters.
In some remote areas, modems can still be damaged by lightning, even
though they are on lines equipped with lightning arresters. In these
areas, modems may benefit from additional lightning protection.
Do not run copper network cables (e.g., Ethernet or
Category 5 cables) outdoors unless the cables are in a metal conduit.
Specifically, do not run a network cable out an office window, across
the wall or roof of a building, and into another office. If you run a
cable outdoors and lightning hits within a few thousand feet of your
location, there is an excellent chance that the lightning will induce
a surge in the network cable, and this surge will then be transmitted
directly into your computer system—or worse, channel a direct
lightning strike to the system and users.
8.2.1.10 Vibration
Vibration
can put an early end to your computer system by literally shaking it
apart. Even gentle vibration, over time, can work printed circuit
boards out of their connectors and integrated circuits out of their
sockets. Vibration can cause hard disk drives to come out of
alignment and thus increase the chance for catastrophic failure and
resulting data loss. Here are some guidelines for vibration control:
Isolate your computer from vibration as much as possible.
If you are in a high-vibration environment, place your computer on a
rubber or foam mat to dampen vibration, but make sure the mat does
not block ventilation openings.
Laptop computers are frequently equipped
with hard disks that are better at resisting vibration than are
desktop machines.
Don't put your printer on top of a computer.
Printers are mechanical devices; they generate vibration. Desktop
space may be a problem, but the unexpected failure of your
computer's disk drive or system board is a bigger
problem.
8.2.1.11 Humidity
Humidity
is your computer's friend—but as with all
friends, you can get too much of a good thing. Humidity prevents the
buildup of static charge. If your computer room is too dry, static
discharge between operators and your computer (or between the
computer's moving parts) may destroy information or
damage your computer itself. If the computer room is too humid, you
may experience condensation on chilled surfaces. Collected condensate
can short out and damage the electrical circuits.
Here are some guidelines for humidity control:
For optimal performance, keep the relative humidity of your computer
room above 20%, but keep it well below the dew point (which depends
on the ambient room temperature).
In
environments
that require high reliability, you may wish to have a humidity alarm
that will ring when the humidity is out of your acceptable range.
Some equipment has special humidity restrictions. Check your manuals.
8.2.1.12 Water
Water can destroy
your computer. The primary danger is an electrical short, which can
happen if water bridges between a circuit-board trace carrying
voltage and a trace carrying ground. A short will cause too much
current to be pulled through a trace, heat up the trace, and possibly
melt it. Shorts can also destroy electronic components by pulling too
much current through them.
Water usually comes from rain or flooding. Sometimes it comes from an
errant sprinkler system. Water may also come from strange places,
such as a toilet overflowing on a higher floor, vandalism, or the
fire department.
Here are some guidelines for water control:
Mount a water sensor on the floor near the computer
system.
If you have a raised floor in your computer room, mount water
detectors underneath the floor and above it.
Do not keep your computer in the basement of your building if your
area is prone to flooding, or if your building has a sprinkler
system.
Because water rises, you may wish to have two alarms located at
different heights. The first water sensor should ring an alarm; the
second should automatically cut off power to your computer equipment.
Automatic power cutoffs can save a lot of money if the flood happens
during off hours, or if the flood occurs when the person who is
supposed to attend to the alarm is otherwise occupied. More
importantly, cutoffs can save lives. Electricity, water, and people
shouldn't mix.
8.2.1.13 Environmental monitoring
To detect spurious problems,
continuously monitor and record your computer room's
temperature and relative humidity. As a general rule of thumb, every
1,000 square feet of office space should have its own recording
equipment. Log and check recordings on a regular basis.
8.2.2 Preventing Accidents
In
addition to environmental problems, your computer system is
vulnerable to a multitude of accidents. While it is impossible to
prevent all accidents, careful planning can minimize the impact of
accidents that will inevitably occur.
8.2.2.1 Food and drink
People need food and drink to stay alive.
Computers, on the other hand, need to stay away from food and drink.
One of the fastest ways of putting a desktop keyboard out of
commission is to pour a soft drink or cup of coffee between the keys.
If this keyboard is your system console (as is the case with most
PCs), you may be unable to reboot the computer until the console is
replaced (we know this from experience).
Food—especially oily food—collects on
people's fingers and from there gets on anything
that a person touches. Often this includes dirt-sensitive surfaces
such as magnetic tapes and optical disks. Sometimes food can be
cleaned away; other times it cannot. Oils from foods also tend to get
onto screens, increasing glare and decreasing readability. Some
screens are equipped with special quarter-wavelength antiglare
coatings: when touched with oily hands, the fingerprints will glow
with an annoying iridescence. Generally, the simplest rule is the
safest: keep all food and drink away from your computer
systems.
8.2.3 Controlling Physical Access
Simple common sense will tell you to
keep your computer in a locked room. But how safe is that room?
Sometimes a room that appears to be safe is actually wide open.
8.2.3.1 Raised floors and dropped ceilings
In many modern office buildings,
internal walls do not extend above dropped ceilings or beneath raised
floors. This type of construction makes it easy for people in
adjoining rooms, and sometimes adjoining offices, to gain access.
Here are some guidelines for dealing with raised floors and dropped
ceilings:
Make sure that your building's internal walls extend
above your dropped ceilings so intruders cannot enter locked offices
simply by climbing over the walls.
Likewise, if you have raised floors, make sure that the
building's walls extend down to the real floor.
8.2.3.2 Entrance through air ducts
If the air ducts that serve your computer
room are large enough, intruders can use them to gain entrance to an
otherwise secured area.
Here are some guidelines for dealing with air ducts:
Areas that need large amounts of ventilation should be served by
several small ducts, none of which is large enough for a person to
traverse.
As an alternative, screens can be welded over air vents, or even
within air ducts, to prevent unauthorized entry. (This approach is
not as good as using small ventilation ducts because screens can be
cut; think about all the various adventure movies
you've seen.)
The truly paranoid administrator may wish to place
motion
detectors inside air ducts.
8.2.3.3 Glass walls
Although glass walls and large windows
frequently add architectural panache, they can be severe security
risks. Glass walls are easy to break; a brick and a bottle of
gasoline thrown through a window can cause an incredible amount of
damage. An attacker can also gain critical knowledge, such as
passwords or information about system operations, simply by watching
people on the other side of a glass wall or window. It may even be
possible to capture information from a screen by analyzing its
reflective glow.
Here are some guidelines for dealing with glass walls:
Avoid glass walls and large windows for security-sensitive areas.
Large windows can also increase your cooling bill by letting in more
sunlight.
If you must have some amount of natural light, consider walls made of
translucent glass blocks.
Glass walls are good for rooms that must be guarded but in which the
guard is not allowed to enter. For these situations, glass walls are
preferable to closed-circuit TV because glass walls are harder to
spoof.
8.2.4 Defending Against Vandalism
Computer
systems are good targets for vandalism. Reasons for vandalism
include:
Intentional disruption of services (e.g., a student who has homework
due)
Revenge (e.g., a fired employee)
Riots
Strike-related violence
Political or ideological statement
Entertainment for the feebleminded
Computer vandalism is often fast, easy, and tremendously damaging.
Sometimes vandalism is actually sabotage presented as random
mischief.
In principle, any part of a computer system—or the building
that houses it—may be a target of vandalism. In practice, some
targets are more vulnerable than others.
8.2.4.1 Ventilation holes
Several years ago, 60 workstations
at the Massachusetts Institute of Technology were destroyed in a
single evening by a student who poured Coca-Cola into each
computer's ventilation holes. Authorities surmised
that the vandal was a student who had not completed a problem set due
the next day.
Computers that have ventilation holes need them.
Don't seal up the holes to prevent this sort of
vandalism. However, a rigidly enforced policy against food and drink
in the computer room—or a 24-hour guard, in person or via
closed-circuit TV—can help prevent this kind of incident from
happening at your site.
8.2.4.2 Network cables
Local and
wide area networks are exceedingly vulnerable to vandalism. In many
cases, a vandal can disable an entire subnet of workstations by
cutting a single wire with a pair of wire cutters. Compared with
Ethernet, fiber optic cables are at the same time more vulnerable
(they can be more easily damaged), more difficult to repair (they are
difficult to splice), and more attractive targets (they often carry
more information).
One simple method for protecting a network
cable is to run it through physically secure locations. For example,
Ethernet cable is often placed in cable trays or suspended from
ceilings with plastic loops. But Ethernet can also be run through
steel conduits. Besides protecting against vandalism, this practice
protects against some forms of network eavesdropping, and may help
protect your cables in the event of a small fire.
Some high-security installations use double-walled, shielded conduits
with a pressurized gas between the layers. Pressure sensors on the
conduit break off all traffic or sound a warning bell if the pressure
ever drops, as might occur if someone breached the walls of the pipe.
Many universities have networks that rely on Ethernet or fiber optic
cables strung through the basements. A single frustrated student with
a pair of scissors or a pocketknife can stop thousands of students
and professors from working.
Some organizations believe that an alternative to physically
protecting their network cables is to have redundant connections
between various locations on their campus. While it is true that
redundant connections will protect an organization from a single
failure, if redundancy is the only protection against cable cuts, all
an aggressive attacker needs to do is cut the cable in several
locations.
We also have heard stories about a fiber optic cable suffering small
fractures because someone stepped on it. A fracture of this type is
difficult to locate because there is no break in the coating. Once
again, it pays to be careful where you place your cables.
|
"Temporary" cable runs often turn
into permanent or semipermanent installations, so take the extra time
and effort to install cable correctly the first time.
|
|
In the late 1990s, an off-campus
research institute at the University of California at Berkeley faced
an unusual vandalism problem. The building was connected to the
university's campus network via a microwave
transmitter on the building's roof. Over the course
of several weeks, this transmitter was repeatedly smashed,
painstakingly replaced and aligned, then smashed again. After one of
the incidents, police found a note by the transmitter proclaiming
that a blow had been struck against invasion of privacy. Apparently,
the transmitters were similar in appearance to video cameras, and the
idea of video monitoring didn't sit well with
someone in the local area. A new transmitter was installed, along
with a small sign explaining its function ("THIS IS
NOT A CAMERA..."). This one stayed intact.
|
8.2.4.3 Network connectors
In addition to cutting a cable, a vandal
who has access to a network's endpoint—a
network connector—can electronically disable or damage the
network. All networks based on wire are vulnerable to attacks with
high voltage. At one university in the late 1980s, a student
destroyed a cluster of workstations by plugging a thin-wire Ethernet
cable into a 110VAC wall outlet. (The student wanted to simulate a
lightning strike because he realized that he wasn't
going to complete his assignment by the time it was due the next
morning.)
8.2.4.4 Utility connections
In many buildings, electrical, gas, or water cutoffs may be
accessible—sometimes even from the outside of the building.
Because computers require electrical power, and because temperature
control systems may rely on gas heating or water cooling, these
utility connections represent points of attack for a
vandal.
8.2.5 Defending Against Acts of War and Terrorism
The successful
attack on New York's World Trade Center demonstrated
that even computers that are not used by the military and are not
operated in a war zone may be the object of terrorist attacks.
Because computers are attractive targets, you may wish to consider
additional structural protection for your computer room. If your
computers are in any way involved in support of something that might
inspire violent protest—e.g., university research with animal
subjects, oil exploration, fashion design using furs, lumber
production—you should definitely consider extra protection for
them.
Although protection is important, it is
simply impossible to defend against many attacks. In many cases, you
should devise a system of hot backups and mirrored disks and servers.
With a reasonably fast network link, you can arrange for files stored
on one computer to be simultaneously copied to another system on the
other side of town—or the other side of the world. Sites that
cannot afford simultaneous backup can make hourly or nightly
incremental dumps across the network link. Although a tank or suicide
bomber may destroy your computer center, your data can be safely
protected someplace else.
|