As promised, Adam Crain announced this
morning on TWITTER® that AEGIS had publicly released their DNP3 Fuzzer. It
is available, along with documentation, on the AEGIS web site.
Adam and Chris Sistrunk have made something of a name for
themselves over the last year testing various DNP3 applications with this tool
and publicly disclosing the vulnerabilities they found through a strict coordinated
disclosure process (so strict that we still don’t know who 11 of the 28 vendors
are). So far, they claim that they haven’t found an application that did not
have a discoverable vulnerability.
While most people that will be downloading this Fuzzer will
be security researchers wanting to get a good look at the tool that Adam and
Chris have been using to such good effect, Adam has made it clear that he
really wants DNP3 system owners to get and use this tool to identify for
themselves the vulnerabilities in their particular systems.
To my way of thinking, it certainly would be smart to know
what your system vulnerabilities are before someone with a black hat starts
testing.
BTW: Adam and Chris already are putting to use a similar
Modbus TCP tool. I will be keeping an eye out for the ICS-CERT Advisories.
Posts
No comments:
Post a Comment