ModScan: A SCADA MODBUS Network Scanner

Presented at DEF CON 16 (2008), Aug. 8, 2008, noon (50 minutes).

ModScan is a new tool designed to map a SCADA MODBUS TCP based network. The tool is written in python for portability and can be used on virtually any system with few required libraries. The presentation includes a demonstration of the ModScan scanner as well as a rundown of the various features and modes available. I will also be covering the MODBUS and MODBUS TCP protocols including packet construction and communication flows. A brief SCADA primer is also included for the education of the audience.


Presenters:

  • Mark Bristow - Security Researcher
    Mark is a Certified SCADA Security Architect with three years experience in the information assurance business. He has done research and analysis of the SCADA MODBUS and MODBUS TCP protocol leading to the development of his ModScan tool. In addition to his SCADA work, Mark is a Web Application Security penetration tester and consultant. He regularly speaks at local events in DC and VA and frequently conducts training on the subject. Mark received his bachelors degree in Computer Engineering from The Pennsylvania State University.

Links:

Similar Presentations: