| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20071204063456.4890D22846@mailserver5.hushmail.com> Date: Tue, 04 Dec 2007 01:34:55 -0500 From: "Joey Mengele" <joey.mengele@...hmail.com> To: <full-disclosure@...ts.grok.org.uk>,<soufre@...il.com> Subject: Re: SCADA refresher Dear I period D period and mailing list, I also am not qualified to comment on this, so here it goes. I don't know shit either, blabla hello electronic mail internets 2007! I AM FAMOUS ON THE FULL DISCLOSURE LOLOLOL! J On Mon, 03 Dec 2007 19:01:40 -0500 "I. D." <soufre@...il.com> wrote: >Datapac? In my experience, there aren't many things left there... >of course, >I don't work in that industry. I thought most transactions/work >took places >on other Canadian packet-switched networks. As for south of the >border, I >know even less. > >On Dec 3, 2007 2:51 PM, Dude VanWinkle <dudevanwinkle@...il.com> >wrote: > >> Also Johnson Controls >> >> in 2005 they were busy converting the proprietary BACnet >speaking >> SCADA devices to embedded windows XP, considering NASA and >friends run >> JCI, and there is no good way to update embedded XP (AFAIK) >remotely, >> these systems should be prime targets... >> >> Whats an MLP? >> >> -JP >> >> On Dec 2, 2007 7:52 PM, gmaggro <gmaggro@...ers.com> wrote: >> > Been giving myself a little refresher on SCADA, hope no-one >minds the >> MLP. >> > >> > Stock presentation on SCADA security issues: >> > >> > >> http://www.blackhat.com/presentations/bh-federal-06/BH-Fed-06- >Maynor-Graham-up.pdf >> > >> > Ganesh Devarajan's Defcon presentation was interesting: >> > >http://video.google.com/videoplay?docid=2434649448102709100&hl=en >> > >> > Makes of SCADA and related products I have seen in actual use: >> > Allen Bradley (hardware) >> > Siemens (hardware) >> > RAND (hardware) >> > ABB (hardware) >> > Wonderware (software, assuming this was what Ganesh was >assaulting) >> > >> > Well, assuming it was Wonderware (http://us.wonderware.com) >since in >> > multiple networks of hundreds of thousands of nodes, and the >companies >> > that own them... Wonderware was the only SCADA related package >that >> > creeped up. >> > >> > On a different and amusing note, X.25 was still in use in a >number of >> > these locations. Take that for what you will, but I don't >think that's a >> > good sign. Hello, Datapac! However I have little idea what the >X.25 >> > landscape is like anymore. Would be interesting if both >> > credit/financial and infrastructure data regularly travelled >over the >> > same paths. Get access to a lottery/debit terminal, or just >its >> > connectivity, and leverage that. >> > >> > 24th Chaos Communication Congress "Hacking SCADA", it sure >would be nice >> > to make it over: >> > >http://events.ccc.de/congress/2007/Fahrplan/events/2227.en.html >> > >> > More amusement, though it's a subscription site: >> > >http://www.digitalbond.com/wiki/index.php/SCADA_IDS_Signatures >> > >> > Anyone have any resources they'd care to share? >> > >> > _______________________________________________ >> > Full-Disclosure - We believe in it. >> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> > Hosted and sponsored by Secunia - http://secunia.com/ >> > >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> -- Want fast fitness results? Click for free info, revolutionary products. http://tagline.hushmail.com/fc/Ioyw6h4eJVhyeSyiXbrS2j5aRw5p6bXp3dQSoK8qxVxZr7t5JIYx8s/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists