Arguing against using public IP space

• Previous message (by thread): Arguing against using public IP space
• Next message (by thread): Arguing against using public IP space
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Google for "NAT is not a security feature" and review all the discussions and unnecessary panic over a lack of NAT support in IPv6. If your SCADA network can reach the public internet then your security is only as good as your firewall, whether you NAT or not. If your SCADA network is completely isolated then it doesn't make a bit of difference what addresses you use.

-----Original message-----
From: Jason Lewis <jlewis at packetnexus.com>
To: "nanog at nanog.org" <nanog at nanog.org>
Sent: Sun, Nov 13, 2011 15:36:43 GMT+00:00
Subject: Arguing against using public IP space

I don't want to start a flame war, but this article seems flawed to
me. It seems an IP is an IP.

http://www.redtigersecurity.com/security-briefings/2011/9/16/scada-vendors-use-public-routable-ip-addresses-by-default.html

I think I could announce private IP space, so doesn't that make this
argument invalid? I've always looked at private IP space as more of a
resource and management choice and not a security feature.

• Previous message (by thread): Arguing against using public IP space
• Next message (by thread): Arguing against using public IP space
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]