On Fri, 4 Aug 2000, Andre-John Mas wrote:
>
>
> Dennis Glatting wrote:
> >
> > On Thu, 3 Aug 2000, Keith Moore wrote:
> >
> > [snip]
> >
> > > burning IP addresses into devices is a good way to give vendors the
> > > ability to control those devices, monitor their usage, and to lock
> > > their customers in to particular services. not my idea of a desirable
> > > state.
> > >
> >
> > It might also be a good way for script kiddies to efficiently scan the
> > Internet looking for a particular manufacturer's device to exploit a
> > discovered security flaw, such as turning off a stove's gas pilot and
> > turning on all burners. If that doesn't sound realistic, how about a
> > cracker inside a manufacturer's systems doing the same; or how about a
> > terrorist?
>
> Though if the devices already use ethernet, then each device would
> already have its own MAC address, and the IP address would be DHCP
> assignable. As stated earlier once firewall/routers/DHCP server combos
> come down in price, preferbly below $200, you will probably see these
> devices as becoming standard. These devices would provide a level of
> intrusion security and would be able to assign address to the devices
> in the home, as is already done in most LANs.
>
Firewalls do indeed provide a level of security but they are also
vulnerable to attack and code and configuration entropy -- there are many
examples of this. Also, if you have a trusted party managing your HVAC
system and that trusted part is cracked, a firewall will probably provide
no defense.
