packetfu.org

• Home
• Bookshelf
• Images
• About

SCADA Snort signatures

Posted by creining | Filed under Security

I’ve been using the SCADA Snort signatures developed by Digital Bond under a DHS contract for about a year now. I have them deployed on the IDS sensors that have visibility into SCADA traffic. The signatures work on the Modbus TCP and DNP3 protocols and I find them useful to augment the other security measures in place within the control networks.

I visit Digital Bond’s SCADA security blogevery month or so to keep up on the latest news and issues related to SCADA security. Two items I found cool are that Lurhq is sponsoring development of Snort signatures for ICCP and Matt Franz joined Digital Bond. He was previously with Cisco’s Critical Infrastructure Assurance Group (CIAG).

Permalink | October 24th, 2005

Comments are closed.

Topics

• Financial Independence (4)
• Flying (6)
• Food (18)
• Linux/BSD (27)
• Personal (11)
• Photography (5)
• Security (131)
• Travel (17)
• Uncategorized (33)

Histories Forgotten

• January 2012
• December 2011
• November 2011
• July 2011
• June 2011
• May 2011
• March 2011
• February 2011
• January 2011
• December 2010
• November 2010
• October 2010
• May 2010
• April 2010
• January 2010
• November 2009
• July 2009
• February 2009
• January 2009
• November 2008
• October 2008
• September 2008
• April 2008
• March 2008
• February 2008
• December 2007
• November 2007
• October 2007
• September 2007
• July 2007
• June 2007
• May 2007
• April 2007
• October 2006
• May 2006
• April 2006
• March 2006
• February 2006
• January 2006
• December 2005
• November 2005
• October 2005
• September 2005
• August 2005
• July 2005
• May 2005
• March 2005
• February 2005
• January 2005
• December 2004
• November 2004
• October 2004
• September 2004
• August 2004
• July 2004
• June 2004
• May 2004
• April 2004
• March 2004
• February 2004
• January 2004
• December 2003
• November 2003
• October 2003
• September 2003
• August 2003
• July 2003
• June 2003
• May 2003
• April 2003