In association with heise online

16 May 2013, 16:59

Catching hackers with virtual industrial plants

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Industrial icon The Conpot honeypot simulates the kind of industrial control system that tends to be used in power plants (SCADA) and it does this in order to bait cyber criminals scanning IP addresses for SCADA systems and then watch over their shoulders.

The Python script simulates a Siemens SIMATIC S7-200 programmable logic controller that has supposedly been carelessly connected to the internet via a CP 443-1 I/O module. Conpot supports Modbus and SNMP, two network protocols that are typically used for SCADA.

According to the developers, Conpot is even compatible with HMI (human-machine interface) solutions, graphical user interfaces used to manage the control systems. An HMI should lead to a larger data volume, in part because the virtual power plant can then potentially even be found from search engines.

The man behind Conpot is Lukas Rist, who is also responsible for Glastopf, a honeypot for web applications.

(djwm)

 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit