Search This Blog

Wednesday, April 15, 2009

firewall-wizards Digest, Vol 36, Issue 20

Send firewall-wizards mailing list submissions to
firewall-wizards@listserv.icsalabs.com

To subscribe or unsubscribe via the World Wide Web, visit
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
or, via email, send a message with subject or body 'help' to
firewall-wizards-request@listserv.icsalabs.com

You can reach the person managing the list at
firewall-wizards-owner@listserv.icsalabs.com

When replying, please edit your Subject line so it is more specific
than "Re: Contents of firewall-wizards digest..."


Today's Topics:

1. Re: SCADA (Chris Blask)
2. Re: Who stay focused? (was: [Fwd: Question]) (Brian Loe)
3. Re: SCADA (Brian Loe)
4. Re: SCADA (Brian Loe)
5. Re: SCADA (ArkanoiD)


----------------------------------------------------------------------

Message: 1
Date: Wed, 15 Apr 2009 07:35:41 -0700 (PDT)
From: Chris Blask <chris@blask.org>
Subject: Re: [fw-wiz] SCADA
To: hassler@speakeasy.net, Firewall Wizards Security Mailing List
<firewall-wizards@listserv.icsalabs.com>
Message-ID: <567984.13576.qm@web33803.mail.mud.yahoo.com>
Content-Type: text/plain; charset=us-ascii


Daniel E. Hassler <hassler@speakeasy.net> wrote:

> Forgive my ignorance but why is SCADA even allowed to run on a Windows host? IMHO - when industry insists (i.e. $$$ on the table) on secure alternatives can and will become available.


Many manufacturers have used Windows as an embedded component of SCADA devices such as Human Machine Interfaces (HMIs - the gadgets that produce the touchscreen management interface for operators). Moreover, industry has not insisted on secure alternatives in control systems, period. In fact, industry continues to be overwhelmingly resistant to any changes to their existing systems - reliability is many times more important to them as a group than security.

-chris



------------------------------

Message: 2
Date: Wed, 15 Apr 2009 09:44:17 -0500
From: Brian Loe <knobdy@gmail.com>
Subject: Re: [fw-wiz] Who stay focused? (was: [Fwd: Question])
To: Firewall Wizards Security Mailing List
<firewall-wizards@listserv.icsalabs.com>
Message-ID:
<3c4611bc0904150744o64e5081bue9affc5c93199663@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1

On Tue, Apr 14, 2009 at 5:10 PM, ArkanoiD <ark@eltex.net> wrote:
>
> If the final technical decision is being made by non-technical and
> obviously clueless person, you seem to just work in a wrong place.
> I'd quit immediately.
>


NO!!!!!!!!!!!!!

DO NOT QUIT!!!!!!!!!!! Have you not been paying attention to the economy?!!!!

Instead use your change management policy to request the changes you
want to make or the access a user wants. Then if bad decisions are
made by other people they are documented as to who is responsible for
the resulting evil!

I could care less what my employer wants to do, so long as I have
informed them of my opinion and accountability for their stupidity has
been assigned to someone else.


------------------------------

Message: 3
Date: Wed, 15 Apr 2009 09:31:03 -0500
From: Brian Loe <knobdy@gmail.com>
Subject: Re: [fw-wiz] SCADA
To: Firewall Wizards Security Mailing List
<firewall-wizards@listserv.icsalabs.com>
Cc: Firewall Wizards Security Mailing List
<firewall-wizards@listserv.cybertrust.com>
Message-ID:
<3c4611bc0904150731i405c72f6w6aa90a05987c0ec1@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1

On Tue, Apr 14, 2009 at 5:13 PM, ArkanoiD <ark@eltex.net> wrote:
> They are not worthless: you need it to fix critical security vulnerabilities!
> You cannot build defense in depth if you do not patch your systems.
> It should not be done via automatic windows update, but it should be done somehow.


You do not work with control systems much. They are worthless because
the updates that aren't provided with the system (from your control
system OEM) will likely BREAK the control system. The power plant I
worked at was running Windows 98 and NT 4. How many updates has MS
release for those lately??


------------------------------

Message: 4
Date: Wed, 15 Apr 2009 09:38:00 -0500
From: Brian Loe <knobdy@gmail.com>
Subject: Re: [fw-wiz] SCADA
To: mjr@ranum.com, Firewall Wizards Security Mailing List
<firewall-wizards@listserv.icsalabs.com>
Message-ID:
<3c4611bc0904150738r1ffee076uf25a598a47c7987b@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1

On Tue, Apr 14, 2009 at 5:49 PM, Marcus J. Ranum <mjr@ranum.com> wrote:
> Paul D. Robertson wrote:
>>
>> The other side of the coin is that adding layers adds complexity and code-
>> and adding code adds bugs- so you don't *always* get a net security gain by
>> adding "protecion."
>
> You raise a problem that I've spent too much time pondering. In effect,
> it refutes the "conventional wisdom" of computer security. Which goes
> as follows:
> Item #1 - Defense in depth is good
> Item #2 - Complexity is the enemy of security
>
> If #2 is true, #1 can't be, because defense in depth adds complexity.
>
> Puzzled,
> mjr.


Completely agree - but is it a ying/yang thing, where the two
compliment each other and you need only find the balance? I tend to
believe it is, with an emphasis on keeping things as simple as
possible. Human nature is a risk - complexity is...an attack vector?
:)


------------------------------

Message: 5
Date: Wed, 15 Apr 2009 19:33:04 +0400
From: ArkanoiD <ark@eltex.net>
Subject: Re: [fw-wiz] SCADA
To: Firewall Wizards Security Mailing List
<firewall-wizards@listserv.cybertrust.com>
Message-ID: <20090415153304.GA9915@eltex.net>
Content-Type: text/plain; charset=koi8-r

Well, i guess you have premium support from MS then, they should advise something
to be done to prevent systems from being vulnerable without breaking it..

On Wed, Apr 15, 2009 at 09:31:03AM -0500, Brian Loe wrote:
> On Tue, Apr 14, 2009 at 5:13 PM, ArkanoiD <ark@eltex.net> wrote:
> > They are not worthless: you need it to fix critical security vulnerabilities!
> > You cannot build defense in depth if you do not patch your systems.
> > It should not be done via automatic windows update, but it should be done somehow.
>
>
> You do not work with control systems much. They are worthless because
> the updates that aren't provided with the system (from your control
> system OEM) will likely BREAK the control system. The power plant I
> worked at was running Windows 98 and NT 4. How many updates has MS
> release for those lately??
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@listserv.icsalabs.com
> https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
>
> email protected and scanned by AdvascanTM - keeping email useful - www.advascan.com
>
>

------------------------------

_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards


End of firewall-wizards Digest, Vol 36, Issue 20
************************************************

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)