Arguing against using public IP space
Ray Soucy
rps at maine.edu
Mon Nov 14 15:00:36 UTC 2011
As far as I can see Red Tiger Security is Jonathan Pollet; and even
though they list Houston, Dubai, Milan, and Sydney as offices it looks
like Houston is the only one. Is that right? Seems a little
misleading.
It actually reminds me of a 16 year old kid I know who runs a web
hosting "company" that you'd think was a Fortune 500 by the way the
website reads, and he's more than happy to take your credit card
information and store it without being PCI compliant.
Credibility of the company aside,
At first I wanted to cut Jonathan some slack. If he was going to
point to the use of public IPs as evidence that a firewall may not be
in use and then went on to discuss the potential risks of not having
any security, then that would have been appropriate. But instead he
goes on about explaining what a public vs. private address is (poorly)
and proceeds to associate the security of the system with the use of
private IPs.
I just don't see him as credible in the security field after reading it.
Then again, he does have that interview on Fox News posted on his
website where he talks about terrorist plots to compromise the
integrity of nuclear power plants...
Honestly, people post stuff like this time and time again. It's been
debunked so many times that a quick Google will probably give you what
you need to figure it out on your own.
On Sun, Nov 13, 2011 at 10:36 AM, Jason Lewis <jlewis at packetnexus.com> wrote:
> I don't want to start a flame war, but this article seems flawed to
> me. It seems an IP is an IP.
>
> http://www.redtigersecurity.com/security-briefings/2011/9/16/scada-vendors-use-public-routable-ip-addresses-by-default.html
>
> I think I could announce private IP space, so doesn't that make this
> argument invalid? I've always looked at private IP space as more of a
> resource and management choice and not a security feature.
>
>
--
Ray Soucy
Epic Communications Specialist
Phone: +1 (207) 561-3526
Networkmaine, a Unit of the University of Maine System
http://www.networkmaine.net/
More information about the NANOG
mailing list