Revolutionary Security - Keep Your Plants On -
It’s hard to believe it’s already been a week since I presented at S4x19 on assessment tools for ICS environments. After a brief introduction weighing the risks posed by traditional online tools versus the risk of doing nothing, I walked through four online scanning techniques that offer low impact, high value results. I know these can work because I’ve used them across hundreds of assessments over the last 10 years. This post will focus more on the techniques than the actual tools themselves—the tools can be traditional IT security tools like vulnerability scanners, DIY scripts using native commands, or any of the ICS-focused security tools in that burgeoning product space. The important thing is that you use these techniques to get to the ground truth so you can understand the risk in your ICS.Medium - How to Use SSH Certificates for Scalable, Secure, and More Transparent Server Access -
SSH is the standard tool used by pretty much anyone accessing the server. Yet very few people know about SSH certificates. We are still stuck with copying and pasting our public key to the server, which isn’t the most efficient, scalable, or transparent method.
...
Now how does an SSH certificate solve this? Let’s set up certificate-based authentication and find out.The Verge - Coursera to give unemployed workers free access to 3,800 online courses -
Online learning platform Coursera will make 3,800 of its courses available for free to people unemployed due to the coronavirus pandemic, Gizmodo reported. The Coursera Workforce Recovery Initiative is part of its Coursera for Government training program for government employees.
The goal of the initiative is to help workers develop skills to become re-employed, according to a Coursera blog post. You can’t apply as an individual for the free courses; government agencies that serve unemployed workers have to apply for access
Slashdot - Supreme Court To Consider Limiting America's 'Anti-Hacking' Law -
America's Supreme Court "is finally considering whether to rein in the nation's sweeping anti-hacking law, which cybersecurity pros say is decades out of date and ill-suited to the modern Internet," according to the Washington Post's cybersecurity writer:
endgaget - Tesla may call Fremont factory staff back to work this week -The justices agreed to hear a case this fall that argues law enforcement and prosecutors have routinely applied the law too broadly and used it to criminalize not just hacking into websites but also far more innocuous behavior — such as lying about your name or location while signing up on a website or otherwise violating the site's terms of service..
Tesla might be as eager to get back to manufacturing EVs as it was reluctant to stop. Bloomberg reports seeing internal Tesla messages calling back some Fremont factory workers for April 29th, or days before the San Francisco Bay Area’s COVID-19 stay-at-home orders tentatively lift on May 3rd.
Other -
gmiru.com - The Siemens S7 Communication - Part 1 General Structure -
Before going into more technical details first I’d like to briefly introduce the basic Siemens communication theater. When I talk about the “S7 protocol” I refer to the Ethernet S7 communication that is mainly used to connect the PLCs to the (I)PC stations (PG/PC - PLC communication). This is not to be confused with the different fieldbus protocols that the Siemens equipment use, such as MPI, Profibus, IE and Profinet (which is an Ethernet based protocol used to connect PLCs to IO modules, not the management protocol of the devices).
Most of the time the Siemens communication follows the traditional master-slave or client-server model, where the PC (master/client) sends S7 requests to the field device (slave/server). These requests are used to query from or send data to the device or issue certain commands. There are a few exceptions when a PLC can be the communication master, with FB14/FB15 the device can initiate GET and PUT requests to other devices.
In the S400 series a so called Cyclic Data I/O function is implemented, this resembles to the traditional publisher-subscriber model. The PC can subscribe to certain events, than the PLC periodically pushes the requested data to the network. There is also a Partner or peer-to-peer model, when an Active Partner requests a connection and calls Block Send while at the same time the Passive Partner calls the Block Receive method.
Also - The Siemens S7 Communication - Part 2 Job Requests and Ack Data -
This video is part of a playlist covering the S7comm protocol. The full playlist is here.
I am going to keep posting these little summaries until I have covered the following protocols:
Modbus (covered)
DNP3 (covered)
HART (covered)
Fieldbus (covered)
Ethernet/IP / Common Industrial Protocol (covered)
IEC 61850 (covered)
Siemens S7Comms
BACNet
ProfibusProfinet
and today's cheesy movie...
No comments:
Post a Comment