1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 <2018> 2019 2020 2021 2022 2023 2024 | Index | 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 <2018> 2019 2020 2021 2022 2023 2024 |
<== Date ==> | <== Thread ==> |
---|
Subject: | Re: Port scan with nmap causes infinite loop in casDGClient::processDG() [Re: CA gatway runs away when zero length PV name in UDP search request] |
From: | "Hartman, Steven M." <[email protected]> |
To: | Benjamin Franksen <[email protected]> |
Cc: | EPICS Tech Talk <[email protected]> |
Date: | Tue, 23 Jan 2018 18:54:49 +0000 |
> On Jan 23, 2018, at 12:56 PM, Benjamin Franksen <[email protected]> wrote: > >>>> Channel Access is not intended for use in a hostile environment. >>> >>> I wouldn't call a port scan hostile. >>> >> >> True. Let me rephrase: >> Channel Access is not intended for use in an environment where clients >> intentionally send malformed packages. > > What about pvAccess in this regard? Without using strong encryption and robust authentication/authorization, a control system server is going to be vulnerable to hostile clients. In this regard, pvAccess is vulnerable. Network segmentation is still a necessity for pvAccess as it has been for channel access. pvAccess does have hooks to allow extension to include authentication/authorization. When this happens will depend upon a project or facility having the need and providing the resources or funds to implement. Nonetheless, a malformed packet crashing a server would be considered in bug in the server implementation and should be fixed. -- Steven Hartman [email protected]