atrc_website:control_networks_assessment
Differences
This shows you the differences between two versions of the page.
| atrc_website:control_networks_assessment [2022/07/20 16:47] – created wikiadmin | atrc_website:control_networks_assessment [2022/07/20 16:49] (current) – wikiadmin | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| + | ====== Assessing and Exploiting Production Control Networks ====== | ||
| + | |||
| + | Examples when to use | ||
| + | |||
| + | Overview of methodology | ||
| + | |||
| + | DNS interrogation | ||
| + | |||
| + | * When DNS is and when it is not available | ||
| + | * Using but not abusing DNS | ||
| + | |||
| + | Port Scanning | ||
| + | |||
| + | * How and why control systems break on port scans | ||
| + | * Nmap options to avoid | ||
| + | * General Nmap recommendations | ||
| + | * Recommended Nmap scans from low to high risk | ||
| + | |||
| + | Technology Fingerprinting | ||
| + | |||
| + | * Safe and unsafe fingerprinting technologies | ||
| + | * Alternatives to traditional fingerprinting | ||
| + | |||
| + | Protocol Enumeration | ||
| + | |||
| + | * Common IT protocols that are generally safe to enumerate on control systems | ||
| + | * Avoiding automatic enumerating of web interfaces on control systems | ||
| + | * Dangers of enumeration control protocols in production | ||
| + | |||
| + | Vulnerability Scanning | ||
| + | |||
| + | * Plugins and configuration that break control systems | ||
| + | * Recommended settings for Nessus | ||
| + | * Using audits | ||
| + | * Again, the dangers of automated tools on web apps and services | ||
| + | |||
| + | Vulnerability validation | ||
| + | |||
| + | * Exploitation | ||
| + | * Post Exploitation / Cleanup | ||
| + | |||
| + | Software | ||
| + | |||
| + | ControlThings Platform Virtual Machine | ||
| + | | ||
| + | | ||