Search This Blog

Wednesday, April 15, 2009

firewall-wizards Digest, Vol 36, Issue 21

Send firewall-wizards mailing list submissions to
firewall-wizards@listserv.icsalabs.com

To subscribe or unsubscribe via the World Wide Web, visit
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
or, via email, send a message with subject or body 'help' to
firewall-wizards-request@listserv.icsalabs.com

You can reach the person managing the list at
firewall-wizards-owner@listserv.icsalabs.com

When replying, please edit your Subject line so it is more specific
than "Re: Contents of firewall-wizards digest..."


Today's Topics:

1. Re: SCADA (AMuse)
2. Re: SCADA (Daniel E. Hassler)
3. Re: Who stay focused? (was: [Fwd: Question]) (Behm, Jeff)
4. Re: SCADA (Brian Loe)
5. Re: SCADA (Paul D. Robertson)
6. Re: SCADA (Brian Loe)
7. Re: SCADA (Chris Blask)
8. Re: SCADA (Bill McGee (bam))


----------------------------------------------------------------------

Message: 1
Date: Wed, 15 Apr 2009 10:24:36 -0700
From: AMuse <amuse@foofus.com>
Subject: Re: [fw-wiz] SCADA
To: mjr@ranum.com, Firewall Wizards Security Mailing List
<firewall-wizards@listserv.icsalabs.com>
Message-ID: <49E61854.2070905@foofus.com>
Content-Type: text/plain; charset="us-ascii"

An HTML attachment was scrubbed...
URL: <https://listserv.icsalabs.com/pipermail/firewall-wizards/attachments/20090415/ed84682f/attachment-0001.html>

------------------------------

Message: 2
Date: Wed, 15 Apr 2009 09:23:34 -0700
From: "Daniel E. Hassler" <hassler@speakeasy.net>
Subject: Re: [fw-wiz] SCADA
To: Firewall Wizards Security Mailing List
<firewall-wizards@listserv.icsalabs.com>
Message-ID: <49E60A06.4090008@speakeasy.net>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed

I agree with your observations but how can an insecure system be
considered reliable?

Chris Blask wrote:
> Daniel E. Hassler <hassler@speakeasy.net> wrote:
>
>
>> Forgive my ignorance but why is SCADA even allowed to run on a Windows host? IMHO - when industry insists (i.e. $$$ on the table) on secure alternatives can and will become available.
>>
>
>
> Many manufacturers have used Windows as an embedded component of SCADA devices such as Human Machine Interfaces (HMIs - the gadgets that produce the touchscreen management interface for operators). Moreover, industry has not insisted on secure alternatives in control systems, period. In fact, industry continues to be overwhelmingly resistant to any changes to their existing systems - reliability is many times more important to them as a group than security.
>
> -chris
>
>
>
>
>
>


------------------------------

Message: 3
Date: Wed, 15 Apr 2009 10:58:30 -0500
From: "Behm, Jeff" <jbehm@burnsmcd.com>
Subject: Re: [fw-wiz] Who stay focused? (was: [Fwd: Question])
To: "Firewall Wizards Security Mailing List"
<firewall-wizards@listserv.icsalabs.com>
Message-ID:
<1217D5F18AEF15499BF1047D8F407D56097B8D@kcm-exch-001.burnsmcd.com>
Content-Type: text/plain; charset="us-ascii"

On Tuesday, April 14, 2009 5:10 PM, ArkanoiD said:
> I'd quit immediately.

It wasn't immediately, but I am now in a different place than I was
then. Thankfully!


------------------------------

Message: 4
Date: Wed, 15 Apr 2009 10:51:27 -0500
From: Brian Loe <knobdy@gmail.com>
Subject: Re: [fw-wiz] SCADA
To: Firewall Wizards Security Mailing List
<firewall-wizards@listserv.icsalabs.com>
Cc: Firewall Wizards Security Mailing List
<firewall-wizards@listserv.cybertrust.com>
Message-ID:
<3c4611bc0904150851l40896e40u54241740215622f@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1

On Wed, Apr 15, 2009 at 10:33 AM, ArkanoiD <ark@eltex.net> wrote:
> Well, i guess you have premium support from MS then, they should advise something
> to be done to prevent systems from being vulnerable without breaking it..
>

Huh? MS doesn't care about a system I have running NT 4 - and the
system that breaks because of an update isn't made by them, so why
should they?

SCADA device/software Vendors control what you put on the network.
None of the vendors that I've seen give one iota about security. As
stated by someone else, for them and those who purchase their
products, its about reliability.

Can you even buy extended support for Windows 98??


------------------------------

Message: 5
Date: Wed, 15 Apr 2009 14:20:57 -0400 (EDT)
From: "Paul D. Robertson" <paul@compuwar.net>
Subject: Re: [fw-wiz] SCADA
To: Firewall Wizards Security Mailing List
<firewall-wizards@listserv.icsalabs.com>
Message-ID: <Pine.LNX.4.44.0904151419310.21272-100000@bat.clueby4.org>
Content-Type: TEXT/PLAIN; charset=US-ASCII

On Wed, 15 Apr 2009, Daniel E. Hassler wrote:

> I agree with your observations but how can an insecure system be
> considered reliable?

It's the tree in the forrest problem- If nobody attacks it, then an
insecure system can be perfectly reliable. Hence the original "Why would
you connect that to the Internet?" thrust of the original thread.

Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
paul@compuwar.net which may have no basis whatsoever in fact."
Moderator: Firewall-Wizards mailing list
Art: http://PaulDRobertson.imagekind.com/

------------------------------

Message: 6
Date: Wed, 15 Apr 2009 14:02:48 -0500
From: Brian Loe <knobdy@gmail.com>
Subject: Re: [fw-wiz] SCADA
To: Firewall Wizards Security Mailing List
<firewall-wizards@listserv.icsalabs.com>
Message-ID:
<3c4611bc0904151202v6da6c013l5481c724344fcd4f@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1

On Wed, Apr 15, 2009 at 1:20 PM, Paul D. Robertson <paul@compuwar.net> wrote:
> On Wed, 15 Apr 2009, Daniel E. Hassler wrote:
>
>> I agree with your observations but how can an insecure system be
>> considered reliable?
>
> It's the tree in the forrest problem- ?If nobody attacks it, then an
> insecure system can be perfectly reliable. ?Hence the original "Why would
> you connect that to the Internet?" thrust of the original thread.
>
> Paul

Or you use Marcus' firewall.


------------------------------

Message: 7
Date: Wed, 15 Apr 2009 12:58:37 -0700 (PDT)
From: Chris Blask <wobblingmoon@yahoo.com>
Subject: Re: [fw-wiz] SCADA
To: hassler@speakeasy.net, Firewall Wizards Security Mailing List
<firewall-wizards@listserv.icsalabs.com>
Message-ID: <97046.46982.qm@web33804.mail.mud.yahoo.com>
Content-Type: text/plain; charset=us-ascii


Daniel E. Hassler <hassler@speakeasy.net>


> I agree with your observations but how can an insecure system be
considered reliable?


That there is a damn fine question, but when you ask it of the folks running these systems the answer is: "It has been reliable so far."

...

:~)



------------------------------

Message: 8
Date: Wed, 15 Apr 2009 14:11:58 -0700
From: "Bill McGee (bam)" <bam@cisco.com>
Subject: Re: [fw-wiz] SCADA
To: "Chris Blask" <chris@blask.org>, "Firewall Wizards Security
Mailing List" <firewall-wizards@listserv.icsalabs.com>,
<hassler@speakeasy.net>, "Firewall Wizards Security Mailing List"
<firewall-wizards@listserv.icsalabs.com>
Message-ID:
<A0A653F4CB702442BFBF2FAF02C031E906FBC9AF@xmb-sjc-21e.amer.cisco.com>
Content-Type: text/plain; charset="us-ascii"

And what, exactly, is 'reliable'? The only reasonable definition I can think of is one that hasn't been broken into 'YET'. Like has been said before, unless you disassemble your machine, embed it into a cement and glass matrix, and dump it in the ocean, there is no such thing as 'secure' - and even then... Everything else involves degrees of risk balanced with the need to actually conduct business.

In spite of what some of the purists on this list might imply, security is a trade-off, and every naive administrator believes his/her network to be 'secure' until it isn't. The rest of us manage risk and try our best to reduce the cost of risk to a level below the value of the business being conducted. Our job as security professionals is to help organizations reduce that risk as much as possible. Anyone selling anything else is hawking snake oil.

Bill McGee
Security Solutions Manager
Cisco Systems, Inc.

-----Original Message-----
From: Chris Blask [mailto:wobblingmoon@yahoo.com]
Sent: Wednesday, April 15, 2009 01:38 PM Pacific Standard Time
To: hassler@speakeasy.net; Firewall Wizards Security Mailing List
Subject: Re: [fw-wiz] SCADA


Daniel E. Hassler <hassler@speakeasy.net>


> I agree with your observations but how can an insecure system be
considered reliable?


That there is a damn fine question, but when you ask it of the folks running these systems the answer is: "It has been reliable so far."

...

:~)



_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://listserv.icsalabs.com/pipermail/firewall-wizards/attachments/20090415/1b7e5407/attachment.html>

------------------------------

_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards


End of firewall-wizards Digest, Vol 36, Issue 21
************************************************

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)