Former IT director gets jail time for selling government's Cisco gear on eBay

erek

erek

[H]F Junkie
Joined
Dec 19, 2005
Messages
10,875
"FBI agents who investigated the case said they tracked nine of the 41 missing Cisco switches to ads on eBay, while the location of the rest remains unknown.

Nonetheless, this was enough to file charges against Petrill, which authorities arrested and indicted in November 2019.


Officials said Petrill "confessed his activity in a manner to attempt to assist authorities" and "fully accepted responsibility for his actions."

Besides prison time, Petrill was also ordered to pay restitution in the amount of $345,265.57 to the Horry County Government.

This marks the second legal case over the past week where Cisco was involved. Last week, a former Cisco engineer also pleaded guilty to accessing his former employer's network and wiping 456 virtual machines, which eventually led to disruption to over 16,000 Webex Teams accounts."

https://www.zdnet.com/article/forme...e-for-selling-governments-cisco-gear-on-ebay/
 
Odd to phrase the headline that way. It wasn't the Cisco hardware that specifically caused the jailtime - Cisco equipment can be resold just fine. Even old Cisco equipment that was once government owned. Assuming, of course, you legally take ownership of that equipment.

The issue is specifically that this guy ordered 41 very expensive network switches with government money and then promptly took that equipment and sold it to others. That is straight-up theft. It could have been anything though - servers, hard drives, whatever.

IT departments from government agencies and businesses frequently unload old equipment, sometimes for free ("dumpster diving" without the literal dumpster) and sometimes at a massively reduced cost. But if you're going to take any of that equipment home to do whatever you want with, to include selling it, make sure you get something in writing from the agency granting you ownership of it first.

Also don't be a Director who says "well I am the Director and I say I can take this home" - get an OK from someone else first.

And maybe don't order stuff with government money just to resell it for a quick buck. That won't go well for you.
 
pendragon1 said:
^^^ there was a dude doing that in my school district a couple years ago.
$38K switches? is that right?!
Click to expand...

Cisco makes switches that can cost insane amounts. Particularly since at the large scale often things get called a "switch" that are also highly capable routers, firewalls, and so on. Things like their Nexus 9000 series are massive beasts that have multiple slots for line cards that do all kinds of various things. When loaded with high end line cards they can go well in to the hundreds of thousands of dollars.

You can easy spend 5 figures on a high end non-modular single rack unit switch. Getting something with lots of 100gig or 400gig ports costs quite a bit, and Cisco can charge more than most.
 
Sycraft said:
Cisco makes switches that can cost insane amounts. Particularly since at the large scale often things get called a "switch" that are also highly capable routers, firewalls, and so on. Things like their Nexus 9000 series are massive beasts that have multiple slots for line cards that do all kinds of various things. When loaded with high end line cards they can go well in to the hundreds of thousands of dollars.

You can easy spend 5 figures on a high end non-modular single rack unit switch. Getting something with lots of 100gig or 400gig ports costs quite a bit, and Cisco can charge more than most.
Click to expand...
honestly never looked at high end like that. i just was 9 switches and he owes $345K and went "wtf!?". unless thats for all 41...
 
Yeah. An "entry level" L3 routing capable 24 port switch like a Catalyst 9200 could easily run over $5000. Those 3850s are excellent router/switches, I used them in HA pairs as core switches for big offices at my last job and they were well worth the cost. Multiple VRF and much easier to update using a Prime VA than some of the earlier 3750 types and lower end 2960s. We put 10 gig modules in the expansion bays and had them handle routing for internal-only high speed networks for our R&D team.

For those wondering, here's a Catalyst 3850 with 36x 1gbe ports and 12x mgig (1, 2.5, 5, 10gbe) for about $17,000 (with support):

https://www.cdw.com/product/cisco-c...witch-48-ports-managed-rack-mountable/4163062

And a 48-port all 1gbe model for $12,000 (with support):

https://www.cdw.com/product/cisco-catalyst-3850-48p-s-switch-48-ports-managed-rack-mountable/2942860

Those are just posted prices, of course. Sometimes you can configure them to cost much more, sometimes you get a quantity discount and the cost comes down a little, but I expect 41 switches for $350k is about right.

(I am really curious as to why 41 though. I'm a big fan of doing HA for switches that are also going to be handling routing, and you wouldn't buy 3850s if you weren't going to be routing traffic with them... so was it 41 switches for 41 sites, or was it 20 sites with HA and one they didn't really care about?)
 
Sycraft said:
Cisco makes switches that can cost insane amounts. Particularly since at the large scale often things get called a "switch" that are also highly capable routers, firewalls, and so on. Things like their Nexus 9000 series are massive beasts that have multiple slots for line cards that do all kinds of various things. When loaded with high end line cards they can go well in to the hundreds of thousands of dollars.

You can easy spend 5 figures on a high end non-modular single rack unit switch. Getting something with lots of 100gig or 400gig ports costs quite a bit, and Cisco can charge more than most.
Click to expand...

Yup, un-configured , so still need license/contracts

And who the hell buys cisco stuff at list price unless you are a very small business buying a few, gov gets pretty good contract rates usually.
1599184800724.png
 
Last edited:
pendragon1 said:
honestly never looked at high end like that. i just was 9 switches and he owes $345K and went "wtf!?". unless thats for all 41...
Click to expand...

There's seriously high end networking gear out there. While you might think that it is more "routers" at the core of a network, these days it is often "switches". They do routing, don't get me wrong, but they are more like switches at their core. Layer-3 switch is the term that gets thrown around, though these days I don't see that as much. Network gear has become a lot more blurry than it used to be and sometimes different vendors can call something a different term. Net result is that the term "switch" can apply to anything from a little 5-port unmanaged $20 thing you put on your desk up to a 16-rack unit, multi-hundred thousand (or even million) dollar thing that is at the center of a university or company network of a hundred thousand devices and everything in between.

And then for even more confusion there are now software switches. You can literally buy a Cisco "switch" to run inside VMware. :D
 
Sycraft said:
but they are more like switches at their core
Click to expand...
Mostly when I look at a 'switch', I'm looking at something that can do line-speed across all ports, and there are a usually a lot of ports compared to an enterprise 'router'. And yeah, seeing routers used less and less these days. Mostly just stick them at organizational boundaries or in places where lots of traffic needs to flow but also needs to be highly segregated.
 
sunruh said:
i have a couple of switches i wish only cost 38k!
heck i have 2 dozen fiber cables with tansponders that cost that much 200gb+ is spendy
Click to expand...
Well, 200+ gig optics in general aren't too bad, you can get QSFPDD-SR8-400G for around $1000 for example.

Now when you get into coherent optics, that's when you start getting expensive :p
1599236678612.png
 
LazyGamer said:
Mostly when I look at a 'switch', I'm looking at something that can do line-speed across all ports, and there are a usually a lot of ports compared to an enterprise 'router'. And yeah, seeing routers used less and less these days. Mostly just stick them at organizational boundaries or in places where lots of traffic needs to flow but also needs to be highly segregated.
Click to expand...

It really seems to depend on the company what they call what. Cisco still calls their biggest stuff routers. They are like their switches where they have a ton of ports, do line rate, all that shit. Their 8800 is like that. Some others is does seem to differ a little. Juniper seems to mean "less ports, more CPU" for routers. They have them all sizes but in general they seem to have less port density than one of their equivalent switches but much larger CPUs/NPUs so you can have more complex routing tables and such. I guess in theory the higher processing to port ratio makes sense as to what would make a router different... but since it is so arbitrary and varied between companies it really doesn't matter much. Just get the magic network box with the right ports and call it good :D.

We basically use all switches here. While we call the main units in the building "routers" and they do all the routing... they are just pizza box switches.
 
I Own a cisco 4948-10ge, just gathering dust, but I paid about 1200 on ebay for it 6 years ago. Now theyre worth about 250 max. It was a $37,000 switch brand new.

Point being that if your gonna commit criminal resale you gotta use the equipment that is mid life, because giving a good deal wont be a red flag. He apparently sold the latest and greatest probably for a too good to be true price. Which is what really probably got him nabbed.
 
LazyGamer said:
Mostly when I look at a 'switch', I'm looking at something that can do line-speed across all ports, and there are a usually a lot of ports compared to an enterprise 'router'. And yeah, seeing routers used less and less these days. Mostly just stick them at organizational boundaries or in places where lots of traffic needs to flow but also needs to be highly segregated.
Click to expand...
The Mikrotik $350 16 port 10Gig switch I think only has 160Gbit/s throughput not 320 IIRC....so...1/2 of linespeed :)
 
It does seem a bit difficult to segment stuff out when all the switches can route, and all the routers can switch, at least when you get beyond the most basic versions of devices labeled as switches and routers.

If it can do line-speed across all ports/interfaces, it can be a switch; if it has firmware to do layer three and processing to do that at line rate, then it can be a router, and if it has both, then it depends on the performance needs in question I guess.
tangoseal said:
I Own a cisco 4948-10ge, just gathering dust, but I paid about 1200 on ebay for it 6 years ago. Now theyre worth about 250 max. It was a $37,000 switch brand new.
Click to expand...
Have an Aruba that I got for... around $150, 48GbE and 4 SFP+, and I'm sure it was sold in at least the four-digit range initially. Swapped the Deltas inside for Noctuas, now I have enough ports to play around with.
/dev/null said:
The Mikrotik $350 16 port 10Gig switch I think only has 160Gbit/s throughput not 320 IIRC....so...1/2 of linespeed :)
Click to expand...
That's definitely a point to consider below enterprise-class stuff, and Mikrotik has quite a bit of a stigma when it comes to their configuration setup. They can apparently do quite a lot of things, if you can figure out how to do them (relative to Cisco/Juniper or even Ubiquiti), and it may be worth it for the price, but only in lower-intensity or non-critical environments.

I've definitely considered their stuff for homelabbing, I just haven't had the right application yet.
 
LazyGamer said:
It does seem a bit difficult to segment stuff out when all the switches can route, and all the routers can switch, at least when you get beyond the most basic versions of devices labeled as switches and routers.

If it can do line-speed across all ports/interfaces, it can be a switch; if it has firmware to do layer three and processing to do that at line rate, then it can be a router, and if it has both, then it depends on the performance needs in question I guess.

Have an Aruba that I got for... around $150, 48GbE and 4 SFP+, and I'm sure it was sold in at least the four-digit range initially. Swapped the Deltas inside for Noctuas, now I have enough ports to play around with.

That's definitely a point to consider below enterprise-class stuff, and Mikrotik has quite a bit of a stigma when it comes to their configuration setup. They can apparently do quite a lot of things, if you can figure out how to do them (relative to Cisco/Juniper or even Ubiquiti), and it may be worth it for the price, but only in lower-intensity or non-critical environments.

I've definitely considered their stuff for homelabbing, I just haven't had the right application yet.
Click to expand...

Their Layer3 configuration is a NIGHTMARE compared to anything enterprise. I use their layer2 only...which STILL has some problems. I think in release 12 of switchos they finally have port-channels that work correctly with spanning tree when only 1 physical link is available...
 
Enterprise hardware has a hefty enterprise tax. Want some fun numbers... Wait until you order a 24 port fiber switch only to discover to use those ports you have to buy the corresponding SFP's.. oh and those cost an additional 1500 dollars a piece. Oh and you wanted redundant power... that's another $$$ it adds up fast.

A fully enabled switch WITH support can easily cost 15k for a basic model. When you get into 10 gb or more you're pushing 60k very fast.
 
Grimlakin said:
Enterprise hardware has a hefty enterprise tax. Want some fun numbers... Wait until you order a 24 port fiber switch only to discover to use those ports you have to buy the corresponding SFP's.. oh and those cost an additional 1500 dollars a piece. Oh and you wanted redundant power... that's another $$$ it adds up fast.

A fully enabled switch WITH support can easily cost 15k for a basic model. When you get into 10 gb or more you're pushing 60k very fast.
Click to expand...

I was looking at a switch the other day with (IIRC) QSFPs that ran $48k a piece. I kid you not...

1599253240435.png
 
So I don’t know much about enterprise switches. What makes them so special that they cost a ton?
 
Balkroth said:
Well, Don't buy Cisco optics ;)
https://www.fs.com/products/70236.html

As I said, most people won't get them at list price anyway, so they're usually in the 50-95% off depending on customer size.
Click to expand...

Ya Cisco are such utter bastards with their optics pricing. I mean all major vendors overcharge, but Cisco takes it to a whole new level. They act like the optics are more complex than the switch itself.

5150Joker said:
So I don’t know much about enterprise switches. What makes them so special that they cost a ton?
Click to expand...

Some of it is name, Cisco in particular just overcharges the fuck out of things. Some of it is support, they often have high end contracts available for high speed replacement. In terms of useful differences it is the processors, ASICs, and software. A basic consumer switch will do nothing but switch ethernet frames, and have no ability to control anything, it'll be entirely unmanaged. That is cheap and easy to build. As you start to move up the chain they get more control and features. They'll have a processor and run an OS of some sort, that'll let you interface and control various things about the switch like bonding ports together, or doing separate VLANs. Then you keep moving up and they get even more features like the ability to route traffic (Layer-3 switching is also gets called), the ability to do various security functions like MACSec encryption, firewall abilities, etc. Likewise it'll be getting ASICs to do all that fast, it doesn't do it in software as that would be slow especially with the small processors you usually see, so it has dedicated hardware that does that. Still further up the chain you start to get things like a modular chassis where you can choose what kind of ports you want on your switch, and upgrade them later, add special processors to accelerate various more complex network tasks and so on. They also get faster. A consumer switch is usually 1gbit per port these days. You sometimes see faster but not often. Enterprise switches can have 10gig, 25gig, 100gig and even 400gig ports on them. So they can pass a whole lot more traffic, which takes a whole lot more hardware.

Basically it just comes down to a lot of increased capabilities. The more you add, the more it costs because it takes increased amounts of hardware to process, and takes development of good software to control.

They aren't all monkey-fuck-retarded pricing though. The 48 port Juniper switches that we make use of for our access switches are only like $2300. A lot more than a cheap consumer/small business Trendnet 48 port switch ($330), but not the $38k switches of the article. What the extra $2k we spend gets us in this specific case is 4 10 gig ports (the trendnet is all 1gig), 2 40 gig ports, redundant power, and a much more robust and flexible management OS. It also gets (quite a few) other features that aren't being used for our specific application, but they are part of the price, of course. Then as an example of moving up the scale there's a juniper switch that is again 48 ports and in the same line as the one we have, but does up to 25gbit per port instead of the 1gbit ours does, plus has 8 100gbit ports. That is then about $17k. Roughly the same features as what our $2300 one has, just much higher end hardware to process literally over 25x the data per second.
 
Sycraft said:
Ya Cisco are such utter bastards with their optics pricing. I mean all major vendors overcharge, but Cisco takes it to a whole new level. They act like the optics are more complex than the switch itself.



Some of it is name, Cisco in particular just overcharges the fuck out of things. Some of it is support, they often have high end contracts available for high speed replacement. In terms of useful differences it is the processors, ASICs, and software. A basic consumer switch will do nothing but switch ethernet frames, and have no ability to control anything, it'll be entirely unmanaged. That is cheap and easy to build. As you start to move up the chain they get more control and features. They'll have a processor and run an OS of some sort, that'll let you interface and control various things about the switch like bonding ports together, or doing separate VLANs. Then you keep moving up and they get even more features like the ability to route traffic (Layer-3 switching is also gets called), the ability to do various security functions like MACSec encryption, firewall abilities, etc. Likewise it'll be getting ASICs to do all that fast, it doesn't do it in software as that would be slow especially with the small processors you usually see, so it has dedicated hardware that does that. Still further up the chain you start to get things like a modular chassis where you can choose what kind of ports you want on your switch, and upgrade them later, add special processors to accelerate various more complex network tasks and so on. They also get faster. A consumer switch is usually 1gbit per port these days. You sometimes see faster but not often. Enterprise switches can have 10gig, 25gig, 100gig and even 400gig ports on them. So they can pass a whole lot more traffic, which takes a whole lot more hardware.

Basically it just comes down to a lot of increased capabilities. The more you add, the more it costs because it takes increased amounts of hardware to process, and takes development of good software to control.

They aren't all monkey-fuck-retarded pricing though. The 48 port Juniper switches that we make use of for our access switches are only like $2300. A lot more than a cheap consumer/small business Trendnet 48 port switch ($330), but not the $38k switches of the article. What the extra $2k we spend gets us in this specific case is 4 10 gig ports (the trendnet is all 1gig), 2 40 gig ports, redundant power, and a much more robust and flexible management OS. It also gets (quite a few) other features that aren't being used for our specific application, but they are part of the price, of course. Then as an example of moving up the scale there's a juniper switch that is again 48 ports and in the same line as the one we have, but does up to 25gbit per port instead of the 1gbit ours does, plus has 8 100gbit ports. That is then about $17k. Roughly the same features as what our $2300 one has, just much higher end hardware to process literally over 25x the data per second.
Click to expand...

It almost sounds like you are describing an advanced custom router rather than what people typically think of as a switch.
 
5150Joker said:
It almost sounds like you are describing an advanced custom router rather than what people typically think of as a switch.
Click to expand...

Like I said, routers are switches and switches are routers now. When it first started you heard the term "layer-3 switch" used, and you still hear it sometimes. What happened is basically companies figured out now to make the switching ASIC more flexible so instead of making decisions just based on its learned MAC table, it could be programmed by a CPU. That CPU could then run routing software. So a packet came through, it got sent to the router side of things which decided what the route should be, a "flow" was then established and subsequent packets of a similar type were switched. In reality it is more complex, but that's the basic idea. So you have a device with the latency and performance of a switch, but that could make routing decisions. So long as your routing tables weren't too complex to where they bogged down the CPU you got switch-like performance.

As time has gone on, things have developed to more complex and integrated systems, with more flexible ASICs and network processors that are kinda like GPUs: Specialized processors that are really fast at a very specific task, network processing in this case. As things developed and became commoditized, you just saw more and more of this and the lines started to blur. Whereas the first gen layer-3 switches might only be capable of very simple, limited, amounts of routing current ones are powerful.

So ya, an enterprise grade switch IS an advanced, customizable router, if you want it to be. Networking got all advanced and complex to support the data rates we nerds demand :D.
 
Cisco stuff is super expensive. That being said, used Cisco switches can be a great deal for small offices.

Dell even sells switches now. I recently picked up a 48-port Gb switch with 4x 10Gb fiber ports for a whopping $75.
 
tangoseal said:
Point being that if your gonna commit criminal resale you gotta use the equipment that is mid life, because giving a good deal wont be a red flag. He apparently sold the latest and greatest probably for a too good to be true price. Which is what really probably got him nabbed.
Click to expand...

He did it for a few years. Probably got caught in an asset audit. And good thing; guy cost the tax payers a bundle.
 
5150Joker said:
So I don’t know much about enterprise switches. What makes them so special that they cost a ton?
Click to expand...

Cisco has sold their products not on quality but on "Exclusivity". It is the Ferrarri of switching, but not in performance, more in "Oh its Cisco therefor its the best" but in reality a Corvette can smoke a Ferrari on the track. And as far as quality, I have had Cisco shit break left and right just as much as some of it is running a decade later flawlessly. Its all hit and miss.

Cisco is overpriced bull and I will never recommend them to customers again, if I were still in business for myself. And I can use the hell out of IOS. Honestly I would just recommend UBNT for the smaller companies and Juniper/HP for the larger.
 
tangoseal said:
Cisco has sold their products not on quality but on "Exclusivity". It is the Ferrarri of switching, but not in performance, more in "Oh its Cisco therefor its the best" but in reality a Corvette can smoke a Ferrari on the track. And as far as quality, I have had Cisco shit break left and right just as much as some of it is running a decade later flawlessly. Its all hit and miss.

Cisco is overpriced bull and I will never recommend them to customers again, if I were still in business for myself. And I can use the hell out of IOS. Honestly I would just recommend UBNT for the smaller companies and Juniper/HP for the larger.
Click to expand...
I have been fairly disappointed with UBNT. I would NEVER recommend them in a commercial setting except for non-mission critical stuff.

"Enterprise" routers with no vrf support
out of ordering packet issue with the edgerouter series when using more than 1 core on UDP packets
No multicast support
no pim

waaaay too many missing features and basically 0 ways to open technical cases with support & get a timely resolution. Just...no

Even their Gen2 wifi APs are susceptible to management frame attacks.
 
sunruh said:
yeah a few of these in your shopping cart and you can hit 48k very easily

https://www.pcnation.com/web/detail...ic-network-cable-mfs1s00-h100e-07290108482171

https://www.pcnation.com/web/detail...ve-Optical-Cable-MFS1S00-H010E-07290108482126

its the ones that are not yet for sale that are very spendy!!! ;)
Click to expand...

LMAO the maketing jizz on this crap is hilarious
  • Supports IBTA IB HDR
  • Compliant with SFF-8665
  • Up to 200Gb/s data rate ---> thats it? for this price?
  • Ultra low crosstalk for improved performance ----> umm light doesnt crosstalk, maybe in the transcievers but even then its almost a 0% chance of crosstalk since were dealing with lasers.
  • Low insertion loss ---> yeah ok well decent optics that are pennies to make in China have low insertion loss already. No need to upcharge for this featureless feature
  • BER Better than 10-15 ---> I dont know if this is good or bad but TCP/IP is self correcting anyways and can you tell a difference between 199.997 Gb/s vs 200Gb/s due to a few TCP resend requests? I cant.
  • Serial numbers printed on each end ---- > we could save $500 on your overpriced junk and use a cable label printer thingy for $29.00
  • RoHS 6 Compliant
  • Using Laser Class 4 ----> Class 3 or even class 2 (cheap lasers would work fine) no need to put a damn 2 watt laser blow torch in a 100meter cable that cost $2500 already as is? Really what engineer thought this would be a bright idea. A damn LED can send light 100m through single mode fiber as if it wasnt even an issue.
  • Halogen free --> oh this is nice like it matters really Anyone worried about a little Bromine in their cable because I sure as hell am not.
But, non IT minded corporate check writes are like mmmmkay its expensive so it must be good shit! BUY IT

Same with Chisco shit.
 
Last edited:
NovaCloud said:
Damn.. this thread actually was pretty informative for me.. Thanks for the info fellas..
Click to expand...
besides clearing up the price thing for me they also cleared up some terms and stuff ive heard tossed around the office. im sandwiched between the network guys and usually have no idea what they are talking about.
 
You must log in or register to reply here.
Back
Top