nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: First real-world SCADA attack in US

From: Ryan Pavely <paradox () nac net>
Date: Mon, 21 Nov 2011 15:22:01 -0500
Might I suggest using 127.0.0.2 if you want less spam :P

Pretty scary that folks have
 1. Their scada gear on public networks, not behind vpns and firewalls.
 2. Allow their hardware vendor to keep a list of usernames / passwords.
2b. Obviously don't change these so often. Whens the last time they really "called support" and refreshed the password with the hw vendor.... Probably when they installed the gear... Sheesh..
Perhaps the laws people suggest we need to protect ourselves should be added to. If you are the operator of a network and due to complete insanity leave yourself wide open to attack, you are just as guilty as the bad guys... But then again I don't want to goto jail for leaving my car door open and having someone steal my car, so nix that idea. 


  Ryan Pavely
   Director Research And Development
   Net Access Corporation
   http://www.nac.net/


On 11/21/2011 2:48 PM, Leigh Porter wrote:

I checked the SCADA boxes used in our "smart" building. They are all using 127.0.0.1

Is that a security risk?
Previous By Date Next
Previous By Thread Next

Current thread: