Re: scada/plc gear

[gmaggro <gmaggro () rogers com>]

> An organized SCADA pen testing web presence would be extremely cool.  
> ...
> What do you think? Do you think some sort of a forum/wiki would be a 
> good medium to start with?

To some extent, yes, but considering that I do not respect intellectual 
property laws of any kind, I just don't see how that would be workable.

For example: a compatriot of mine has a collection of SCADA related 
Snort signatures. Someone else might have the Nessus SCADA plugins, 
which are supposed to require you to sign up for a pricey feed.

Let's say they want to trade, or far more preferably, make the 
information freely available. All at minimal risks to themselves, of 
course. Not to help people protect themselves, but so people can 
bootstrap their knowledge and perhaps generate attacks from them. Or 
simply to shave time off due to laziness. I do not care, I just want to 
see it out there and accessible to everyone.

Another example of particular interest to me is the PLCC flash on the 
ADAM-4572 which I'm hoping contains all the code (i.e. nothing masked 
onto the ARM mcu).  It would be instructive to see how the network stack 
was written, how modbus is implemented, etc. If this is the case I would 
want to post the code for analysis. My assembly and reversing skills, 
which are terrible in general, are even worse for anything non-x86. Much 
help would be needed.

On a different note, I'd like to renew my call again for people to 
donate to the software authors or projects that they use. Corporations 
and businesses can take care of themselves, let's do what we can to 
support the little guys - especially those that make the more 'evil' 
tools :)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/