[clug] Secure your Internet facing stuff (was Re: googlebot doing funny things in logs)

Craig Small csmall at enc.com.au
Fri Jun 17 17:14:26 MDT 2011

On Fri, Jun 17, 2011 at 06:21:34PM +1000, Sam Couter wrote:
> Jason <j.lee.nielsen at gmail.com> wrote:
> > Banking and stock markets are vulnerable I can see that because they need interaction with humans all over the world but really why is anything to do with water or electricity supply on the internet?
> I imagine for the same reason anything else is hooked up to the
> internet: Easy and convenient remote access. Some water and electricity
> infrastructure is remote enough and in tough enough terrain that it's
> difficult (expensive) to physically get to on a regular basis.

I would argue that in the case of an essential service that the people
responsible are not doing their job properly.  Almost anywhere you can
get internet, you can get a non-internet private IP service.  It may run
over the same wires, but it is (to some extent) isolated.

There would be some places for unsual reasons this doesn't apply, but
they would be extremely rare.  We're now talking about a place where you
can get internet, but not get a private network. It's probably more likely 
they person involved didn't think of all the threats through or they were 
overruled by the bean-counters.

Whenever I see this threat being mentioned on the tellie it always
frustrates me. I read it as shoddy network engineering. Getting a little
back on track, the equipment still should be secured because you've only
removed one attack vector out of many.

 - Craig
Craig Small VK2XLZ    http://www.enc.com.au/       csmall at : enc.com.au
Debian GNU/Linux      http://www.debian.org/       csmall at : debian.org
GPG fingerprint:       1C1B D893 1418 2AF4 45EE  95CB C76C E5AC 12CA DFA5

More information about the linux mailing list