Full Disclosure mailing list archives
Re: SCADA refresher
From: "Joey Mengele" <joey.mengele () hushmail com>
Date: Tue, 04 Dec 2007 01:34:55 -0500
Dear I period D period and mailing list, I also am not qualified to comment on this, so here it goes. I don't know shit either, blabla hello electronic mail internets 2007! I AM FAMOUS ON THE FULL DISCLOSURE LOLOLOL! J On Mon, 03 Dec 2007 19:01:40 -0500 "I. D." <soufre () gmail com> wrote:
Datapac? In my experience, there aren't many things left there... of course, I don't work in that industry. I thought most transactions/work took places on other Canadian packet-switched networks. As for south of the border, I know even less. On Dec 3, 2007 2:51 PM, Dude VanWinkle <dudevanwinkle () gmail com> wrote:Also Johnson Controls in 2005 they were busy converting the proprietary BACnetspeakingSCADA devices to embedded windows XP, considering NASA andfriends runJCI, and there is no good way to update embedded XP (AFAIK)remotely,these systems should be prime targets... Whats an MLP? -JP On Dec 2, 2007 7:52 PM, gmaggro <gmaggro () rogers com> wrote:Been giving myself a little refresher on SCADA, hope no-oneminds theMLP.Stock presentation on SCADA security issues:http://www.blackhat.com/presentations/bh-federal-06/BH-Fed-06-Maynor-Graham-up.pdfGanesh Devarajan's Defcon presentation was interesting:http://video.google.com/videoplay?docid=2434649448102709100&hl=enMakes of SCADA and related products I have seen in actual use: Allen Bradley (hardware) Siemens (hardware) RAND (hardware) ABB (hardware) Wonderware (software, assuming this was what Ganesh wasassaulting)Well, assuming it was Wonderware (http://us.wonderware.com)since inmultiple networks of hundreds of thousands of nodes, and thecompaniesthat own them... Wonderware was the only SCADA related packagethatcreeped up. On a different and amusing note, X.25 was still in use in anumber ofthese locations. Take that for what you will, but I don'tthink that's agood sign. Hello, Datapac! However I have little idea what theX.25landscape is like anymore. Would be interesting if both credit/financial and infrastructure data regularly travelledover thesame paths. Get access to a lottery/debit terminal, or justitsconnectivity, and leverage that. 24th Chaos Communication Congress "Hacking SCADA", it surewould be niceto make it over:http://events.ccc.de/congress/2007/Fahrplan/events/2227.en.htmlMore amusement, though it's a subscription site:http://www.digitalbond.com/wiki/index.php/SCADA_IDS_SignaturesAnyone have any resources they'd care to share? _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
-- Want fast fitness results? Click for free info, revolutionary products. http://tagline.hushmail.com/fc/Ioyw6h4eJVhyeSyiXbrS2j5aRw5p6bXp3dQSoK8qxVxZr7t5JIYx8s/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- SCADA refresher gmaggro (Dec 02)
- Re: SCADA refresher Dude VanWinkle (Dec 03)
- Re: SCADA refresher I. D. (Dec 03)
- Re: SCADA refresher gmaggro (Dec 04)
- Re: SCADA refresher I. D. (Dec 03)
- <Possible follow-ups>
- Re: SCADA refresher Elazar Broad (Dec 03)
- Re: SCADA refresher Joey Mengele (Dec 04)
- Re: SCADA refresher Dude VanWinkle (Dec 03)