On 3/2/2014 9:47 AM, Mark Wendt wrote: > On Sun, Mar 2, 2014 at 9:33 AM, Dave Cole <linuxcncro...@gmail.com> wrote: > >> For most purposes I can immediately for see, I would keep this LinuxCNC >> to remote web server / monitor network off the WWW anyway. Other than >> perhaps a wireless link via an AP which can use standard security >> protocols. >> These devices are so cheap now, if I want web access near my >> mill/machine tool, get another Android tablet and link that to the web. >> Or am I missing something? >> Most networks in the plants I work in have Web access blocked. So I need >> to seek out a Web enabled Ethernet port or wireless connection when I >> want to get outside the plant. >> Sometimes I have to use my phone as a hotspot so I can download a manual >> or get an email. >> >> Dave >> > Dave, > > Depends on the network. If your ethernet is all copper, and there's no > access to the world, it's probably okay. But, if you can get out, somebody > can get in. If the reason for adding something like this is to enable > remote viewing of what's going on, you are going to have some kind of > network, no way around it. If that network even touches the outside world, > you open yourself to the risk of somebody getting in your pants and causing > problems. > > If, however, it's a completely closed network, copper cable only, that > would be okay. But, the minute you introduce wireless into the equation, > you open a can of worms. That web server was designed to be run on an > Android system, which more or less requires the application to be light > weight. You can't cram in a whole bunch of security features into a light > weight program, without the "light" part going away - both size of the > program and machine overhead. > > I'm just very wary of exposing a machine controller to software that opens > up a lot of security concerns. Remember, this software is installed on the > controller. Low security software that opens ports on a machine are a > glaring invitation to those who are interested in causing mischief. And > wireless is really not very secure at all. > > Mark > //lists.sourceforge.net/lists/listinfo/emc-users
I think it is a matter of risk management. I have a credit card that I use when buying stuff on the web and it can get grabbed, and it has been grabbed, but I still use it. I have a cell phone that apparently has some big security problems likely with some built in backdoors courtesy of the NSA, but I still carry it and use it and there is no tape over the camera. I have a couple of computers that I use that are deliberately off the web and have zero antivirus on them to maintain decent performance. Sure I could transfer a virus with a stick drive transfer, but so far so good. When I am done with a LinuxCNC installation I image the hard drive and store the image. If something gets corrupted it takes me minutes to restore the image to the drive. >>And wireless is really not very secure at all. True but many people's credit card numbers are only a wireless hack away. The problem is that you know too much to sleep well. In that way, ignorance is bliss. ;-) Years ago I did some work for a Chrysler plant and in this particular plant they had over 500 CNC and PLC controllers which were all networked together. Bugs would creep into their systems after a while. Sometimes due to changes being made on the fly by engineers and operators. What they ended up doing was to maintain copies of the programs on a central server in the plant. At midnight every night, between shift changes, or upon request, they would reload the controller programs from the server to insure that the programs did not have unauthorized changes in them. Apparently that solved a number of issues and I think they still do that to this day. Dave ------------------------------------------------------------------------------ Flow-based real-time traffic analytics software. Cisco certified tool. Monitor traffic, SLAs, QoS, Medianet, WAAS etc. with NetFlow Analyzer Customize your own dashboards, set traffic alerts and generate reports. Network behavioral analysis & security monitoring. All-in-one tool. http://pubads.g.doubleclick.net/gampad/clk?id=126839071&iu=/4140/ostg.clktrk _______________________________________________ Emc-users mailing list Emc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/emc-users
