[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] researcher's linux worm infects 400 K + devices by TELNET

On 03/21/2013 10:47 PM, John Pilman wrote:
>
>
> On Thu, Mar 21, 2013 at 7:09 PM, Jay Lozier <jslozier at gmail.com 
> <mailto:jslozier at gmail.com>> wrote:
>
>     On 03/21/2013 06:30 PM, Jim Kinney wrote:
>>
>     My question is who needs to manage this off site? Most sewage and
>     water treatment plants do not need this; the control facility
>     should be on site.
>>
> Maybe in China, but here the direction is toward less manpower when 
> feasible.  It is feasible, just not implemented with enough security 
> in mind. Many, many industrial control systems are connected through 
> the internet and have been for quite a while.  Some security come from 
> the fact that older system weren't smart enough to support today's 
> exploits. (They don't have CPM, DOS, Windows, Linux, BSD, UNIX or OSX 
> OS) (PolyForth, OpenVMS, AmigaOS but I digress)
>
> I do think the answers to most of these control system connectivity 
> problems are pretty simple.  The first steps being:
> 1. turn off unused services
> 2. firewall
>
> With the cost of devices where they are now, I don't see why a 
> firewall should be more than $50.  However, any industrial facility, 
> at least in this country, should be able to install a $5000 firewall 
> if that is all they can find.
>
> ...John
>
Most cheap home routers I have seen have a firewall built in and they 
are available at Wal-mart, Amazon, Newegg for under $100. Surely, the 
cost of a firewall is not the problem.

-- 
Jay Lozier
jslozier at gmail.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20130321/975f7ae2/attachment.html>