Re: SCADA Auditing Tools

From: dave brown (d__four_aam@hotmail.com)
Date: Thu Jul 17 2003 - 04:17:47 EDT

• Next message: MARTIN M. Bénoni: "Know such a web's server tool?"
• Previous message: George W. Capehart: "Re: SCADA Auditing Tools"
• Maybe in reply to: Matthew Franz: "SCADA Auditing Tools"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I haven't heard of any automated tools for pen-testing exotic communication
protocols, however as this document:
www.courts.qld.gov.au/qjudgment/ QCA%202002/QCA02-164.pdf
demonstrates, development tools and client software can be used to cause
mischief (assuming you've got yourself a wireless modem).

If your really up for an all expenses paid trip to cuba:
http://www.applsyseng.com/hfiles/rtu.asp
would probably come in handy.

Testing IP based systems could probably be achieved using normal pen-testing
techniques (assuming the softwares robust enough to handle the scan). I see
the major problem here is if a script kiddy compromised control software
sitting on a win2k box or similar

On a quick side rant - increased deployment on IP topologies may be a good
thing as we have lots of experience in protecting systems that use these
technologies (though the bad guys have more experience attacking them too)
than exotic protocols running over wireless (broadcast) networks.

I'm not convinced of the value of pen-testing SCADA networks (how do you
pen-test without causing damage? + most of the vulnerabilities are
blindingly obvious), but if you had access to a system prior to deployment,
a pen test might come in handy in convincing the boss that a bit of
encryption/firewalling wouldn't go astray.

Cheers,
dave

(all comments/insults appreciated).

_________________________________________________________________
Hot chart ringtones and polyphonics. Go to
http://ninemsn.com.au/share/redir/adTrack.asp?mode=click&clientID=174&referral=Hotmail_taglines_plain&URL=http://ninemsn.com.au/mobilemania/default.asp

---------------------------------------------------------------------------
Your network Firewall and IDS products do not prevent Web application
exploits - the most common form of online attack - resulting in Web
defacement, data theft, sabotage and fraud.

KaVaDo is the first and only company that provides a complete and an
integrated suite of Web application security products, allowing you to
assess your entire environment, automatically set positive security
policies and maintain it without compromising business performance.

For more information on KaVaDo and to download a FREE white paper on Web
applications - security policy automation, please visit:
http://www.kavado.com/ad.htm
----------------------------------------------------------------------------

• Next message: MARTIN M. Bénoni: "Know such a web's server tool?"
• Previous message: George W. Capehart: "Re: SCADA Auditing Tools"
• Maybe in reply to: Matthew Franz: "SCADA Auditing Tools"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:36 EDT