If a node only requires accessibility by a few specialized nodes (such
as a water meter) then making it *visible* to more is just creating
a security hole that has to be plugged.
Yes, the hole can be plugged easily.
If there's a security hole in the meter, putting a firewall in front of it
won't help. Remember that the person most likely to be interested in
hacking the meter is the customer (reduce their costs); the water
company's engineers should consider the LAN the *most* likely point of
attack, not the least likely.
Meanwhile, if the meter is insecure, the customer should not allow it on
their LAN, because it might get used as a way to attack the LAN. (This
applies even if the meter uses only outbound connections, as through a
NAT; if the attacker can spoof the water company's DNS, then they can feed
the meter false instructions.)
So, firewalls (and NATs) don't meet either party's needs. Only true
security on the device itself will do. You might also want a firewall to
protect the rest of the LAN in case the device's security fails; but
protecting the device from the outside world is irrelevant. Once again,
security and visibility are orthogonal.
/================================================================\
|John Stracke |Principal Engineer |
|jstracke(_at_)incentivesystems(_dot_)com |Incentive Systems, Inc. |
|http://www.incentivesystems.com|My opinions are my own. |
|================================================================|
|Never underestimate the power of human stupidity. --I forget who|
\================================================================/