Re: [foxboro] FRSExec

• From: Corey R Clingo <corey.clingo@xxxxxxxx>
• To: foxboro@xxxxxxxxxxxxx
• Date: Thu, 14 Jun 2012 11:29:19 -0500

I agree, though I've been using those "kludge" solutions for years on 
Solaris and they work pretty well :)

But I have mixed feelings about this on other fronts. On the one hand, 
it's good that Invensys is paying more attention to security. On the 
other, there's an implication that they want you to believe that they have 
become experts in security-related programming over the last year or two, 
that it will work the first time, and that they had good reason to 
partially reinvent the wheel here. Since the code is not open, and the 
system will likely break if you disable this service, you are forced to 
approach system security externally, because otherwise the only way you 
find out if their approach wasn't in fact secure is when the first 0-day 
hits (or you do some reverse engineering or fuzz testing yourself).


Invensys is not alone here, to be sure. There are probably many automation 
vendors use proprietary, network-listening services. But that situation 
doesn't do anything for my comfort level.


Corey Clingo



From:   "William C Ricker" <wcricker@xxxxxxxxxxxxxxx>
To:     <foxboro@xxxxxxxxxxxxx>
Date:   06/14/2012 10:53 AM
Subject:        Re: [foxboro] FRSExec
Sent by:        foxboro-bounce@xxxxxxxxxxxxx



That must mean "no". 

That's disappointing, because as this sort of functionality didn't make
the jump from UNIX to Windows, there are a lot of kludges out there to 
make it happen.  A standard product be so much better.

William C Ricker
FeedForward, Inc.



 



 
 
_______________________________________________________________________
This mailing list is neither sponsored nor endorsed by Invensys Process
Systems (formerly The Foxboro Company). Use the info you obtain here at
your own risks. Read http://www.thecassandraproject.org/disclaimer.html
 
foxboro mailing list:             //www.freelists.org/list/foxboro
to subscribe:         mailto:foxboro-request@xxxxxxxxxxxxx?subject=join
to unsubscribe:      mailto:foxboro-request@xxxxxxxxxxxxx?subject=leave
 

• References:
  • [foxboro] FRSExec
    • From: Ricardo Abech
  • Re: [foxboro] FRSExec
    • From: Johnson, Alex P (IOM)
  • Re: [foxboro] FRSExec
    • From: Johnson, Alex P (IOM)
  • Re: [foxboro] FRSExec
    • From: Ricardo Abech
  • Re: [foxboro] FRSExec
    • From: Johnson, Alex P (IOM)
  • Re: [foxboro] FRSExec
    • From: William C Ricker

Other related posts:

• » Re: [foxboro] FRSExec- Omori, Suzi
• » Re: [foxboro] FRSExec- Johnson, Alex P (IOM)
• » Re: [foxboro] FRSExec- Corey R Clingo
• » Re: [foxboro] FRSExec- Johnson, Alex P (IOM)
• » Re: [foxboro] FRSExec- Ricardo Abech
• » Re: [foxboro] FRSExec- Johnson, Alex P (IOM)
• » Re: [foxboro] FRSExec- Johnson, Alex P (IOM)
• » Re: [foxboro] FRSExec- Ricardo Abech
• » Re: [foxboro] FRSExec- William C Ricker
• » Re: [foxboro] FRSExec- Johnson, Alex P (IOM)
• » Re: [foxboro] FRSExec - Corey R Clingo

1. Home
2. foxboro
3. Archive
4. 06-2012

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---