[146549] in North American Network Operators' Group
Have they stopped teaching Defense in Depth?
daemon@ATHENA.MIT.EDU (Jay Ashworth)
Tue Nov 15 16:16:28 2011
Date: Tue, 15 Nov 2011 16:16:12 -0500 (EST)
From: Jay Ashworth <jra@baylink.com>
To: NANOG <nanog@nanog.org>
In-Reply-To: <CAP-guGVvaJbjBLdRWpNhv=TbQmJPPVbYOzFWwFdcMqK_AkceDA@mail.gmail.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
----- Original Message -----
> From: "William Herrin" <bill@herrin.us>
> That your computer is not globally addressable ADDS one layer of
> security in a process you hope has enough layers to prevent an attack
> from penetrating.
>
> And make no mistake: successful security is about layers, about DEPTH.
> You can seek layers from other sources but a shallow security process
> will tend to be easily breached.
This is precisely the point I've been trying to make, and it ties in to my
observations in response in the SCADA thread: not only does the number of
layers matter, so does their "thickness". Certainly, if you're trying to
"air-gap" a SCADA network to protect it from attack, then you are admitting
a certain degree of vulnerability if your circuit passes through any sort of
transport multiplexer, like a DACS, as that's a place an attacker could
reconfigure to take control of your traffic.
But mounting *that* attack requires insider knowledge of 4 or 5 layers of
extra information which will be necessary to exploit such an attack.
My estimation is that that makes that layer of your defense in depth "thicker"
than some other layers might be.
Those who think NAT provides no security seem still to be mounting the strawman
that we think it *provides* security, rather than merely contributing some bits
thereto...
Cheers,
-- jra
--
Jay R. Ashworth Baylink jra@baylink.com
Designer The Things I Think RFC 2100
Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII
St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274
