funsec mailing list archives
Re: Border Security System Left Open
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Fri, 14 Apr 2006 13:32:41 +1200
Fergie wrote:
A computer failure that hobbled border-screening systems at airports across the country last August occurred after Homeland Security officials deliberately held back a security patch that would have protected the sensitive computers from a virus then sweeping the internet, according to documents obtained by Wired News.
One has to question whether the folk running these systems even have the _minimal_ competence for doing their job. Why are "sensitive" systems such as these on networks where they _can_ be exposed to network-spreading malware or [D]DoS attacks? If they "must" (for god-only-knows-what reason) attach these machines to public sewer networks, then why are they running an OS that is so commonly (and trivially) exposed to such outages? If they weren't connected to the Internet (which one would expect they weren't) then why weren't such "sensitive" systems attached to a properly fortified and locked down network? One that only DHCPs for known MAC addresses or at least one that puts "unknown" MACs in their own, heavily restricted, VLAN?? [I won't name the European airport but I found free Ethernet access via its administrative network from an Ethernet jack in a public area in the last year. You half expect this for WiFi, but for Ethernet??] And, even if they "must" (for god-only-knows-what reason) run Windows, why are they not running the systems the dumbest of their dumb users (in terms of "PC smarts" and the level of OS access necessary to do their jobs) not running some extra-hardened, ultra-locked-down, least- privileges configuration to totally minimize any possibility of something like Zotob affecting them? Especially given that they clearly were NOT taking other "reasonable, best practice" precautions as suggested above? Abject incompetence. Fercrissakes... Regards, Nick FitzGerald _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Border Security System Left Open Fergie (Apr 12)
- Re: Border Security System Left Open Nick FitzGerald (Apr 13)
- Re: Border Security System Left Open Valdis . Kletnieks (Apr 14)
- Re: Border Security System Left Open Dude VanWinkle (Apr 14)
- RE: Border Security System Left Open StyleWar (Apr 14)
- RE: Border Security System Left Open James Kehl (Apr 15)
- Re: Border Security System Left Open Dude VanWinkle (Apr 15)
- Re: Border Security System Left Open Dude VanWinkle (Apr 15)
- RE: Border Security System Left Open StyleWar (Apr 15)
- Re: Border Security System Left Open Valdis . Kletnieks (Apr 15)
- RE: Border Security System Left Open StyleWar (Apr 16)
- Re: Border Security System Left Open Valdis . Kletnieks (Apr 16)
- Re: Border Security System Left Open Valdis . Kletnieks (Apr 14)
- Re: Border Security System Left Open Nick FitzGerald (Apr 13)