.jpg){kind=link}
SCADA HoneyNet project II
Posted by creining | Filed under Security
I got in touch with one of the leaders of the SCADA HoneyNet Project, Venkat Pothamsetty, to let him know of the problems I encountered running the PLC scripts. He sent me an email saying he made some fixes and put out a new release – 0.2. According to the project page the News & Updates section mentions “6/01/04/(released version 0.2) – Fixed the bug regarding the absense of modbusHdrs.py, included sample nmap OS fingerprints of some PLCs, included a test file to generate custom Modbus packets to test the modbusSrvr.py implementation”. Venkat also stated that they are thinking about having a PHP scipt simulate the webserver because java applets will not allow the users who downloaded it to connect back to the server. And mistakenly, I was trying to use ‘java’ to run the java applet when I really need to be using ‘appletviewer’ and including the applet in a webpage to be downloaded. I will test out the Modbus server (modbusSrvr.py script) with the Modbus packet generator (modbusScanner.py script) soon and report the results. The stack.txt file included in 0.2 contains the TCP/IP NMAP fingerprint of two PLC’s: an ADAM 6500 and Modicon. As an aside, both of the project leaders of the SCADA HoneyNet Project are employees of Cisco and part of their Critical Infrastructure Assurance Group (CIAG) research team. There are some interesting projects and tools released from CIAG.
Comments are closed.