Posted by: Anonymous Coward
on September 05, 2003 02:01 PM
Sadly, you are mistaken. I used to think as you do. After all, a power plant is large and complicated. They cost millions of dollars. I protect my home network better than that.
But I recently read a story about a nuclear power plant in the US going down because the monitoring system was overwhelmed by a MS worm.
The control system had absolute no protection and it was on the same network as the corporate servers, office desktops, and had a direct connection to the Internet.
The topology of the company's network did include an external firewall, but there were other Internet connections which basically made it useless.
Of course nobody running such a critical application should rely on the perimeter firewall. There just has to be some security in depth.
The control system should probably be on their own network with only a single controlled connection to the corporate network. That connection could be through something like a proxy rather than a filtering firewall to better control traffic.
It seems likely this article was a reaction to the same event.
Learn about Linux
Download Linux
Get Linux help
Re:paranoia
Posted by: Anonymous Coward on September 05, 2003 02:01 PMBut I recently read a story about a nuclear power plant in the US going down because the monitoring system was overwhelmed by a MS worm.
The control system had absolute no protection and it was on the same network as the corporate servers, office desktops, and had a direct connection to the Internet.
The topology of the company's network did include an external firewall, but there were other Internet connections which basically made it useless.
Of course nobody running such a critical application should rely on the perimeter firewall. There just has to be some security in depth.
The control system should probably be on their own network with only a single controlled connection to the corporate network. That connection could be through something like a proxy rather than a filtering firewall to better control traffic.
It seems likely this article was a reaction to the same event.
#