AtariJaguar Posted February 26, 2016 Share Posted February 26, 2016 Hi! I was at a convention last year (and just thought of this again now), and one of the presentations was on an open-source product that you could download (or even buy a piece of hardware) that allowed you to add a host to your network that gave off indicators that it was a SCADA device, or... any number of other systems. It's some kind of <insert name> Project... I can't remember what it's called. The point of the project was that people would be tempted to hack it, or at least run exploits against it. These metrics could then be used to help defend or protect the real SCADA networks (or whatever device it was) against the most common threats. Can ANYONE tell me what the name of this is? It's driving me nuts. Thanks! Second question, if I do put one of these hosts on my network (to help the project), am I not totally putting my entire network at risk? Quote Link to comment Share on other sites More sharing options...
digininja Posted February 26, 2016 Share Posted February 26, 2016 I don't know the tool but if you search for SteelCon videos and look at the one from Campbell Murray (there are two, you can work out which is which) then in that he talks about setting up a SCADA lab. As for putting it in your network, it depends if you make it available to the world. If you do then you are at risk, if you keep it on your private network then you are no more at risk than normal. Quote Link to comment Share on other sites More sharing options...
JumboPackets Posted February 26, 2016 Share Posted February 26, 2016 Conpot, maybe? https://github.com/mushorg/conpot There are several out there. I think the <insert name> part yuo were missing is "honeypot" (as in search for "SCADA honeypot"). Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.