[Discuss] Security
Gregory Boyce
gboyce at badbelly.com
Wed Nov 2 20:41:55 EDT 2011
On Wed, Nov 2, 2011 at 2:19 PM, Matt Shields <matt at mattshields.org> wrote:
> I think his point was more that these "smart" vending machines are becoming
> more commonplace. Even these days companies put ethernet jacks in the
> kitchen, so what *if* someone who was malicious put something inside a
> vending machine and plugged it into your network. Or what if it had
> camera/microphone, most people talk shop even in the kitchen.
> Speaking of that, I remember a few years ago a company I was at talking
> about checking ethernet jacks periodically to make sure no devices were
> plugged in that shouldn't be.
If rogue devices on your network is a concern, then there are ways to
combat that problem. Implement 802.1X for network authentication, or
NAC. Look at anomaly based IDS devices to detect unusual behavior, or
signature based IDS to detect known threats. Monitor your switches so
you know when new devices are plugged into the network.
"Rogue Vending machine" strikes me as a movie theater threat. Rogue
devices can be a very real problem, but you're much more likely to be
hit by a users virus infected home laptop or potentially a malicious
device other than a vending machine. Bring up a specific threat like
this one, and you'll find management talking about implementing some
sort of hardware review for on site equipment, rather than something
that would also find the more common threats.
More information about the Discuss
mailing list