atrc_website:control_networks_assessment
Differences
This shows you the differences between two versions of the page.
atrc_website:control_networks_assessment [2022/07/20 16:47] – created wikiadmin | atrc_website:control_networks_assessment [2022/07/20 16:49] (current) – wikiadmin | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== Assessing and Exploiting Production Control Networks ====== | ||
+ | |||
+ | Examples when to use | ||
+ | |||
+ | Overview of methodology | ||
+ | |||
+ | DNS interrogation | ||
+ | |||
+ | * When DNS is and when it is not available | ||
+ | * Using but not abusing DNS | ||
+ | |||
+ | Port Scanning | ||
+ | |||
+ | * How and why control systems break on port scans | ||
+ | * Nmap options to avoid | ||
+ | * General Nmap recommendations | ||
+ | * Recommended Nmap scans from low to high risk | ||
+ | |||
+ | Technology Fingerprinting | ||
+ | |||
+ | * Safe and unsafe fingerprinting technologies | ||
+ | * Alternatives to traditional fingerprinting | ||
+ | |||
+ | Protocol Enumeration | ||
+ | |||
+ | * Common IT protocols that are generally safe to enumerate on control systems | ||
+ | * Avoiding automatic enumerating of web interfaces on control systems | ||
+ | * Dangers of enumeration control protocols in production | ||
+ | |||
+ | Vulnerability Scanning | ||
+ | |||
+ | * Plugins and configuration that break control systems | ||
+ | * Recommended settings for Nessus | ||
+ | * Using audits | ||
+ | * Again, the dangers of automated tools on web apps and services | ||
+ | |||
+ | Vulnerability validation | ||
+ | |||
+ | * Exploitation | ||
+ | * Post Exploitation / Cleanup | ||
+ | |||
+ | Software | ||
+ | |||
+ | ControlThings Platform Virtual Machine | ||
+ | | ||
+ | |