[ale] OT, mostly - remote access w/o internet

Richard Bronosky Richard at Bronosky.com
Mon Mar 15 00:32:43 EDT 2010


What type of data are you planing to move over the wire? Terminal
session? — No problem. Log files? — Grab a beer, no problem. MSFT RDC?
— Not something I'd want to suffer through.

Also, don't forget that you can bond analog modems together too.

On Mon, Mar 15, 2010 at 12:04 AM, Neal Rhodes <neal at mnopltd.com> wrote:
> I'm pondering on this for a friend.     (really!)   He supports control
> systems for power plants.
>
> Power companies are adamant that their control systems will NEVER touch the
> internet.   I'm not sure I disagree with them; but it don't matter.
>
> So, whenever said friend gets a call from said power plant, if he can't
> resolve it over the phone, he gets in the car and drives.  Hundreds of
> miles.
>
> Ergo, accepting that the power company won't ever change, I'm thinking what
> kind of remote access could be configured that would meet their most
> rigorous requirements:
>
> A. No in-bound access.
> B. Initiate FROM the power plant TO the support vendor.   Shutdown when
> problem resolved.
> C. Allowing many power plants to access a single vendor number, although not
> all at the same time.
> D. Effectively impossible to intercept.
> E. Insignificant monthly costs.
>
> I'm coming up with the vendor hanging a 56K dialup modem on a linux box,
> supporting an inbound PPP call from the vendor with a 56K modem.   Dog slow,
> but I remember the days when we thought that was wicked fast and it's still
> waaaaay faster than driving to pensacola and back.    Essentially impossible
> to eavesdrop or intercept, and it's really easy to verify the modem is
> switched off when the vendor is done.   Of course, that requires a "real"
> phone line to work.
>
> What else?   I was thinking a bonded ISDN line.  Those support dialup to
> another ISDN, and would get them up to 128KB.  (whoohoo)  Also essentially
> not possible to intercept and the same degree of isolation, but the power
> company might not "trust" that it's truly dormant when offline.
>
> What else?   They could technically go with leased lines, but client fear of
> that might be impossible to overcome.   You could talk yourself blue about
> running a VPN over the leased line, but they'll plug their ears and run.
>
> Somehow initiating a new project with 56K modems sounds like dinosaurs
> mating in the snow, but I'm not seeing really swell alternatives.
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
>



-- 
.!# RichardBronosky #!.



More information about the Ale mailing list