Re: SCADA Auditing Tools

From: dave brown (d__four_aamat_private)
Date: Thu Jul 17 2003 - 01:17:47 PDT

Next message: MARTIN M. Bénoni: "Know such a web's server tool?"

Previous message: MARTIN M. Bénoni: "RE: Vuln scan tool for web"
Maybe in reply to: Alfred Huger: "SCADA Auditing Tools"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I haven't heard of any automated tools for pen-testing exotic communication 
protocols, however as this document:
www.courts.qld.gov.au/qjudgment/ QCA%202002/QCA02-164.pdf
demonstrates, development tools and client software can be used to cause 
mischief (assuming you've got yourself a wireless modem).

If your really up for an all expenses paid trip to cuba:
http://www.applsyseng.com/hfiles/rtu.asp
would probably come in handy.

Testing IP based systems could probably be achieved using normal pen-testing 
techniques (assuming the softwares robust enough to handle the scan).  I see 
the major problem here is if a script kiddy compromised control software 
sitting on a win2k box or similar

On a quick side rant - increased deployment on IP topologies may be a good 
thing as we have lots of experience in protecting systems that use these 
technologies (though the bad guys have more experience attacking them too) 
than exotic protocols running over wireless (broadcast) networks.

I'm not convinced of the value of pen-testing SCADA networks (how do you 
pen-test without causing damage? + most of the vulnerabilities are 
blindingly obvious), but if you had access to a system prior to deployment, 
a pen test might come in handy in convincing the boss that a bit of 
encryption/firewalling wouldn't go astray.

Cheers,
dave

(all comments/insults appreciated).

_________________________________________________________________
Hot chart ringtones and polyphonics. Go to  
http://ninemsn.com.au/share/redir/adTrack.asp?mode=click&clientID=174&referral=Hotmail_taglines_plain&URL=http://ninemsn.com.au/mobilemania/default.asp


---------------------------------------------------------------------------
Your network Firewall and IDS products do not prevent Web application
exploits - the most common form of online attack - resulting in Web
defacement, data theft, sabotage and fraud.

KaVaDo is the first and only company that provides a complete and an
integrated suite of Web application security products, allowing you to
assess your entire environment, automatically set positive security
policies and maintain it without compromising business performance.

For more information on KaVaDo and to download a FREE white paper on Web
applications - security policy automation, please visit:
http://www.kavado.com/ad.htm
----------------------------------------------------------------------------

Next message: MARTIN M. Bénoni: "Know such a web's server tool?"
Previous message: MARTIN M. Bénoni: "RE: Vuln scan tool for web"
Maybe in reply to: Alfred Huger: "SCADA Auditing Tools"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jul 17 2003 - 08:47:27 PDT