nanog mailing list archives
Re: Arguing against using public IP space
From: Joel jaeggli <joelja () bogus com>
Date: Mon, 14 Nov 2011 10:59:45 +0800
On 11/14/11 10:24 , Joe Greco wrote:
Sure, anytime there's an attack or failure on a SCADA network that wouldn't have occurred had it been air-gapped, it's easy for people to knee-jerk a "SCADA networks should be airgapped" response. But that's not really intelligent commentary unless you carefully consider what risks are associated with air-gapping the network.Not to mention that it's not the only way for these things to get infected. Getting fixated on air-gapping is unrealistically ignoring the other threats out there. There needs to be a whole lot more security work done on SCADA nets.
Stuxnet should provide a fairly illustrative example. It doesn't really matter how well isolated from direct access it is if it has a soft gooey center and a willing attacker.
... JG
Current thread:
- Re: Have they stopped teaching Defense in Depth?, (continued)
- Re: Have they stopped teaching Defense in Depth? Jay Ashworth (Nov 16)
- RE: Have they stopped teaching Defense in Depth? Leigh Porter (Nov 16)
- Re: Have they stopped teaching Defense in Depth? Valdis . Kletnieks (Nov 16)
- RE: Have they stopped teaching Defense in Depth? Jamie Bowden (Nov 16)
- Re: Arguing against using public IP space Jay Ashworth (Nov 13)
- Re: Arguing against using public IP space Dobbins, Roland (Nov 13)
- Re: Arguing against using public IP space Brett Frankenberger (Nov 13)
- Re: Arguing against using public IP space Jay Ashworth (Nov 13)
- Re: Arguing against using public IP space Joe Greco (Nov 13)
- Re: Arguing against using public IP space Joel jaeggli (Nov 13)
- Re: Arguing against using public IP space Joe Greco (Nov 14)
- Re: Arguing against using public IP space Dobbins, Roland (Nov 13)
- Re: Arguing against using public IP space Joe Greco (Nov 14)
- Re: Arguing against using public IP space Jason Lewis (Nov 13)