First real-world SCADA attack in US
Ryan Pavely
paradox at nac.net
Mon Nov 21 20:22:01 UTC 2011
Might I suggest using 127.0.0.2 if you want less spam :P
Pretty scary that folks have
1. Their scada gear on public networks, not behind vpns and firewalls.
2. Allow their hardware vendor to keep a list of usernames / passwords.
2b. Obviously don't change these so often. Whens the last time they
really "called support" and refreshed the password with the hw
vendor.... Probably when they installed the gear... Sheesh..
Perhaps the laws people suggest we need to protect ourselves should be
added to. If you are the operator of a network and due to complete
insanity leave yourself wide open to attack, you are just as guilty as
the bad guys... But then again I don't want to goto jail for leaving my
car door open and having someone steal my car, so nix that idea.
Ryan Pavely
Director Research And Development
Net Access Corporation
http://www.nac.net/
On 11/21/2011 2:48 PM, Leigh Porter wrote:
> I checked the SCADA boxes used in our "smart" building. They are all using 127.0.0.1
>
> Is that a security risk?
>
More information about the NANOG
mailing list