Sunday, September 26, 2010

My Heart Bleeds

No really, I feel a lot of schadenfreude for the peaceful government run industries of Iran which have been hit hard by Stuxnet.

Say it with me children:

1.  Keep your OS, software, and firmware up to date.
2.  Pick vendors who view security as a basic tenet of their work
3.  Minimize the number of devices on your network to the bare minimum you need to do the work.
4.  Minimize the services and open TCP/UDP ports on each device to the absolute rock bottom bare minimum you need for the device to do its job, and secure those ports you need to only allow the users and devices that require access.
5.  Encrypt, Encrypt, Encrypt!
6.  Harden every device on your network.  There is no such thing as a secure network.

But if stuxnet had to hit someone, Iran is better than some I can think of to take a pounding.

1 comment:

Creative Commons License
DaddyBear's Den by DaddyBear is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 United States License.
Based on a work at