[SCADASEC] IBM is offering 'SCADA security best practices'...
Clint Bodungen
clint at cidgcorp.com
Sat Feb 9 13:34:16 CST 2008
I agree with Matt. This as been the premise of, dare I say, "Layered
Defense" and "Defense In Depth" (*as I shudder and look around for drooling
lawyers) for years.
Clint
-----Original Message-----
From: scadasec-bounces at news.infracritical.com
[mailto:scadasec-bounces at news.infracritical.com] On Behalf Of Matthew Franz
Sent: Saturday, February 09, 2008 11:33 AM
To: scadasec at news.infracritical.com
Subject: Re: [SCADASEC] IBM is offering 'SCADA security best practices'...
>
> That's fine for automated attacks / scans, but doesn't help you a bit for
> somebody who targets you. And even automated tools can be scanning every
> port to see if the required service is available on any port.
>
> Doing port changes to your services is one thing to do, but do not think
you
> are then secure. IMHO, this is still security through obscurity.
>
Obviously.
Sure it would be foolish to *just* do these sorts of obfuscatory
actions (another one many folks would consider "security through
obscurity" would be removing banner/version info from applications,
right? doesn't make an app less vulnerable) but to intentionally avoid
adding additional hurdles that eliminate some % of the attacker
population just to just avoid a security cliche, seems even more
foolish.
But if this position is "security through obscurity" call me its #1
proponent.
- mdf
_______________________________________________
To unsubscribe from this mailing list, please visit:
http://news.infracritical.com/mailman/listinfo/scadasec
To review our privacy statement, please visit:
http://www.infracritical.com/privacy.html
scadasec at news.infracritical.com
http://news.infracritical.com/mailman/listinfo/scadasec
More information about the scadasec
mailing list