Modbus Enumeration | SANS ICS Concepts

Name: Modbus Enumeration | SANS ICS Concepts
Uploaded: Feb 17, 2021
Duration: 1532 s

SANS ICS Security16.8K subscribers

6.2K views

Feb 17, 2021

25:32

This SANS ICS concept overview covers interacting with process endpoints using the Modbus protocol. The simulator ModbusPal is configured as a voltage regulator with multiple Modbus coils and registers. The demonstration includes interacting with the simulator using the mbtget and rodbus-client tools to read and modify the device's settings. Script by Don C. Weber (@cutaway), Certified SANS Instructor and Cutaway Security, LLC Don C. Weber is the Principal Consultant and Founder at Cutaway Security, LLC, an information security consulting company based in Texas. Don's previous experiences include large-scale incident response efforts for organizations with international assets and interests, the certification and accreditation of classified federal and military systems, assessment and penetration testing of worldwide commercial assets, and, as a Navy contractor, the management of a team of distributed security professionals responsible for the security of mission-critical Navy assets. Don has achieved his master's degree in network security, the Certified Information Systems Security Professional (CISSP) certification, and many GIAC certifications. Don was a founding member of the GIAC Ethics Council of which he was the GIAC EC Chair in 2009. Don regularly contributes to a wide variety of open source projects involving information security and incident response. Learn more about Don at https://www.sans.org/profiles/don-c-weber/ References: Modbus - https://en.wikipedia.org/wiki/Modbus ModbusPal - http://modbuspal.sourceforge.net/ mbtget - https://github.com/sourceperl/mbtget rodbus-client - https://github.com/stepfunc/rodbus SANS ICS Training: ICS410: ICS/SCADA Security Essentials - https://www.sans.org/cyber-security-courses/ics-scada-cyber-security-essentials/ ICS456: Essentials for NERC Critical Infrastructure Protection - https://www.sans.org/cyber-security-courses/essentials-for-nerc-critical-infrastructure-protection/ ICS515: ICS Active Defense and Incident Response - https://www.sans.org/cyber-security-courses/industrial-control-system-active-defense-and-incident-response/ ICS612: ICS Cybersecurity In-Depth - https://www.sans.org/cyber-security-courses/ics-cyber-security-in-depth/

Download

0 formats

No download links available.