[Nottingham] US warns nuke plants of worm threat - OS ?

[Robert Davies]

On Thursday 04 Sep 2003 21:08, James Gibbon wrote:
> Robert Davies wrote:
> > That unfortunately increases exposure to problems, if you network
> > machines your security is only as good as the weakest link.
>
> That's not necessarily so - provided the functionality is not
> dependent on the connection.  It's common to run duplicate
> machines in a symmetric failover configuration, indeed the High
> Availability concept depends on duplication and redundancy.

How does that help you in a networked situation?  The plant was infected with 
a worm, unless you had duplicated seperate networks, 100% non-shared running 
different OS's you just increase your exposure.  If your switches and routers 
can't take the traffic generated and it'll only take a few infected nodes to 
cause problems, you are SOL.

High-availability focusses on duplicating hardware and rapid recovery from 
node failures.  To mitigate the DoS effect of a worm, you would need a 
distributed strategy which introduces other complications, especially for a 
Nuke plant.

Rob