In Part 1 of this series I explained what “state” means in network communications and the hazards of stateless security. Part 2 detailed the behavior of a stateless firewall and included a demonstration of me attacking one. In this closing article, I describe stateful inspection and its importance in securing ICS and SCADA systems.
Practical SCADA Security
Control System Security Threats, Security / Reliability Incidents, Useful Industrial Cyber Security Tips
- 4 comments
- Add new comment
Last week both Tofino Security and Belden participated in the Control Systems Integrators Conference in Scottsdale Arizona. The conference is organized by the Control Systems Integrators Association (CSIA) and this year the event boasted 500 System Integrator companies in attendance.
In Part 1 of this series, I explained what a stateless firewall is and the hazards of stateless security. In this article I will show you just how dangerously insecure these devices are.
Note from Eric Byres: As cyber threats directed at industry become more common, it is important for top executives to become involved with their organization’s cyber security policies. The following article by Ernie Hayden comments on the situation from an IT perspective. My point of view is that today’s threats to operational systems merit the same degree of management attention. Enjoy Ernie’s article and make use of the data in Verizon’s excellent report.
Following on from Eric Byres’ discussion of Deep Packet Inspection (DPI), this article discusses a second and equally important aspect of effective firewall security referred to as “stateful inspection”.
- ‹ newer posts
- 15 of 33
- older posts ›