nanog mailing list archives
Re: Arguing against using public IP space
From: Leigh Porter <leigh.porter () ukbroadband com>
Date: Sun, 13 Nov 2011 18:50:55 +0000
I was involved in a security review of a SCADA system a couple of years ago. Their guy was very impressed with himself and his "Internet air-gap" but managed to leave all their ops consoles on both the SCADA network and their internal corp LAN. Their corp LAN was a mess with holes through their NAT gateway all over the place to let external support people rdesktop to the SCADA network machines. Of course it was all on private address space internally. So you see, when you put idiots in charge, your screwed whatever you do and private address space and NAT and whatever else will be no more then security by nice stickers and marketing. -- Leigh On 13 Nov 2011, at 15:38, "Jason Lewis" <jlewis () packetnexus com> wrote:
I don't want to start a flame war, but this article seems flawed to me. It seems an IP is an IP. http://www.redtigersecurity.com/security-briefings/2011/9/16/scada-vendors-use-public-routable-ip-addresses-by-default.html I think I could announce private IP space, so doesn't that make this argument invalid? I've always looked at private IP space as more of a resource and management choice and not a security feature. ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________
______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________
Current thread:
- Re: Arguing against using public IP space, (continued)
- Re: Arguing against using public IP space Dobbins, Roland (Nov 13)
- Re: Arguing against using public IP space Brett Frankenberger (Nov 13)
- Re: Arguing against using public IP space Jay Ashworth (Nov 13)
- Re: Arguing against using public IP space Joe Greco (Nov 13)
- Re: Arguing against using public IP space Joel jaeggli (Nov 13)
- Re: Arguing against using public IP space Joe Greco (Nov 14)
- Re: Arguing against using public IP space Dobbins, Roland (Nov 13)
- Re: Arguing against using public IP space Joe Greco (Nov 14)
- Re: Arguing against using public IP space Valdis . Kletnieks (Nov 13)
- Re: Arguing against using public IP space Jason Lewis (Nov 13)