[146460] in North American Network Operators' Group
Re: Arguing against using public IP space
daemon@ATHENA.MIT.EDU (Joel jaeggli)
Sun Nov 13 21:59:57 2011
Date: Mon, 14 Nov 2011 10:59:45 +0800
From: Joel jaeggli <joelja@bogus.com>
To: Joe Greco <jgreco@ns.sol.net>
In-Reply-To: <201111140224.pAE2OTjX061150@aurora.sol.net>
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 11/14/11 10:24 , Joe Greco wrote:
>> Sure, anytime there's an attack or failure on a SCADA network that
>> wouldn't have occurred had it been air-gapped, it's easy for people to
>> knee-jerk a "SCADA networks should be airgapped" response. But that's
>> not really intelligent commentary unless you carefully consider what
>> risks are associated with air-gapping the network.
>
> Not to mention that it's not the only way for these things to get
> infected. Getting fixated on air-gapping is unrealistically ignoring
> the other threats out there.
>
> There needs to be a whole lot more security work done on SCADA nets.
Stuxnet should provide a fairly illustrative example.
It doesn't really matter how well isolated from direct access it is if
it has a soft gooey center and a willing attacker.
> ... JG
