SCADA is my favorite line of Subject. I worked on MODBUS ...... very interesting protocol...
Hope I will make my hands dirty here as well.... Cheers, Naik On Tue, Mar 22, 2011 at 6:35 PM, Sandeep Thakur <[email protected]>wrote: > The security of software used to control hardware at nuclear plants, > gas refineries and other industrial settings is coming under renewed > scrutiny as researchers released attack code exploiting dozens of > serious vulnerabilities in widely used programs. > > The flaws, which reside in programs sold by Siemens, Iconics, > 7-Technologies, Datac, and Control Microsystems, in many cases make it > possible for attackers to remotely execute code when the so-called > supervisory control and data acquisition software is installed on > machines connected to the internet. Attack code was released by > researchers from two separate security camps over the past week. > > “SCADA is a critical field but nobody really cares about it,” Luigi > Auriemma, one of the researchers, wrote in an email sent to The > Register. “That's also the reason why I have preferred to release > these vulnerabilities under the full-disclosure philosophy.” > > The vulnerability dump includes proof-of-concept code for at least 34 > vulnerabilities in widely used SCADA programs sold by four different > vendors. Auriemma said the majority of the bugs allow code execution, > while others allow attackers to access sensitive data stored in > configuration files and one makes it possible to disrupt equipment > that uses the software. He included a complete rundown of the > vulnerabilities and their corresponding PoC code in a post published > on Monday to the Bugtraq mail list. > > For full information: > http://www.theregister.co.uk/2011/03/22/scada_exploits_released/ > > > Regards > Sandeep Thakur > > -- > You received this message because you are subscribed to the Google Groups > "nforceit" group. > To post to this group, send an email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/nforceit?hl=en-GB. > > -- You received this message because you are subscribed to the Google Groups "nforceit" group. To post to this group, send an email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/nforceit?hl=en-GB.
