Devices and Security
PhreaK
Posts: 966
Just a heads up to all of you out there that work on systems which are exposed to the outside world. It looks as though the indexing engine of Shodan has improved significantly over the second half of last year.
Deploying any network attached device with limited, poor or, in the case of the 1687 NI's that just popped up in a rather trivial search at the time of writing, no security is not doing this industry any justice and is something that I have ranted about before. I know that I'm preaching to the choir with many of you here however if anyone works with or knows techs who are continuing to do this I have a fine selection of fish from which you may borrow to slap them with.
Seriously though, we do really need to improve this as an industry as a whole. If you have the see anyone rolling out systems like this do us all a favour point them in the right direction.
Deploying any network attached device with limited, poor or, in the case of the 1687 NI's that just popped up in a rather trivial search at the time of writing, no security is not doing this industry any justice and is something that I have ranted about before. I know that I'm preaching to the choir with many of you here however if anyone works with or knows techs who are continuing to do this I have a fine selection of fish from which you may borrow to slap them with.
Seriously though, we do really need to improve this as an industry as a whole. If you have the see anyone rolling out systems like this do us all a favour point them in the right direction.
0
Comments
I don't know how many times I've been called in to work on another integrator's system only to find the router wide open, SNMP turned on with poor security settings and vulnerable and the Netlinx madter's port 1319 wide open to the interwebs...