Nasir, I understand your worries about pen-testing a PLC-environment, but pen-testing means testing worst-case scenarios in a controlled environment. I want to be sure that at my customers it is not possible to perform attacks against the PLC's. BTW, I also found out that in many cases people use serial-in-tcp/ip tunneling devices such as from Lantronix for their PLC connectivity. These devices can be reset to factory default by sending a "R" to port 9999 of the device. Patrick ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Mon Oct 01 2001 - 23:37:14 PDT