Network scan tool/appliance horror stories
BEJones at semprautilities.com
Tue Oct 30 15:18:18 UTC 2012
I can share with you several stories personnel (both IT or vendors), who have scanned Electric Utility environments with or without permission; and hence caused multiple failures - including electro-mechanical systems and related applications. Utilities typically utilize many industrial controllers - some of which many IT personnel have no knowledge, and some are not robust enough to weather the storm.
1. Know your environment.
2. Know your tools.
From: Dan White [mailto:dwhite at olp.net]
Sent: Monday, October 29, 2012 12:47 PM
To: Pedersen, Sean
Cc: nanog at nanog.org
Subject: Re: Network scan tool/appliance horror stories
On 10/29/12 12:10 -0700, Pedersen, Sean wrote:
>We're evaluating several tools at the moment, and one vendor wants to
>dynamically scan our network to pick up hosts - SNMP, port-scans, WMI,
>the works. I was curious if anyone had any particularly gruesome horror
>stories of scanning tools run amok.
A > layer 7 failure. Make sure all members of your organization are aware of your plans.
More information about the NANOG