Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Honeynet Project Researchers Build Publicly Available ICS Honeynet

Unknown Lamer posted about a year and a half ago | from the simulated-centrifuge dept.

Security 18

msm1267 writes "Conpot, short for Control Honeypot, is one of the first publicly available honeypots for industrial control systems (ICS) and SCADA gear. Built by two researchers from the Honeynet Project, the hope is that others will take what they started, deploy it on their own critical infrastructure networks and share the findings. 'The main goal is to make this kind of technology available for a general audience,' said Lukas Rist, one of the developers. 'Not just for security researchers, but also for people who are sysadmins setting up ICS systems who have no clue what could happen and want to see malware attacks against their systems and not put them in any danger.'" Unlike previous ICS Honeypots, this one simulates the control systems rather than requiring that you happen to own an actual industrial control system.

cancel ×

18 comments

Sorry! There are no comments related to the filter you selected.

Good (1)

For a Free Internet (1594621) | about a year and a half ago | (#43740197)

Where can I get some of this honey, all my bees are dead!

Mmmmmmmmmmmmm Laura.

catch22 (2)

Pedestrianwolf (1591767) | about a year and a half ago | (#43740371)

Seems like a bit of a catch 22... on one hand the people that own these systems need a reliable and safe way to understand and hopefully mitigate threats... on the other hand, it wasn't too long ago people were bemoaning flight simulators as "terrorism trainers".

Re:catch22 (1)

TheCarp (96830) | about a year and a half ago | (#43740575)

> on the other hand, it wasn't too long ago people were bemoaning flight simulators as "terrorism trainers".

Really? People were were they? Anyone doing that has less of a grip on reality than the people who think they are personally Napoleon. I don't see why their opinion needs much consideration. May as well just say "on the other hand, some people are crazy and stupid".

Re:catch22 (1)

L4t3r4lu5 (1216702) | about a year and a half ago | (#43740987)

I don't see why their opinion needs much consideration.

It's good for those who take our security seriously^W^W^W^Whave a vested financial interest to drum up some good ol' Fear, Uncertainty, and Doubt. Nothing fills the coffers like a scared populace.

Re:catch22 (0)

Anonymous Coward | about a year and a half ago | (#43742245)

Those people with "less of a grip on reality" are unfortunately the ones throwing everyone in prison. After all the FBI put out a notice that if you hear you neighbor talking about VPNs or encryption report them to the local authorities immediately because they are terrorists. Lucky for me our local authorities barely look into missing persons cases let alone trivial things.

Re:catch22 (-1, Flamebait)

Cenan (1892902) | about a year and a half ago | (#43740785)

[*snip*...] people were bemoaning flight simulators as "terrorism trainers".

What. The. Fuck? These people of yours, were they singular and perhaps a conservative politician? That I would believe, conservatives anywhere say some really dumb shit sometimes. Besides, what does that have to do with the article? And how is that a catch 22 in any case?

Re:catch22 (2)

Dishevel (1105119) | about a year and a half ago | (#43741009)

Your liberal roots are showing.
Politicians are for the most part "FOR" what will get them elected.
Being an idiot about wanting to restrict stuff is not a conservative only area of expertise.

Gun control ????

or ... Even better.

Anyone here remember Tipper Gore? [wikipedia.org]
 

Re:catch22 (1)

interval1066 (668936) | about a year and a half ago | (#43741709)

...conservatives anywhere say some really dumb shit sometimes.

Yeah really, they should take a queue from the golden wisdom that liberals say [cafemom.com] all the time.

honeypot (0)

Anonymous Coward | about a year and a half ago | (#43740401)

Why create honeypots if we have Honeywell?

ICS ? Ice Cream Sandwich ? (1)

lfourrier (209630) | about a year and a half ago | (#43740507)

It's so old school.

Re:ICS ? Ice Cream Sandwich ? (2)

fufufang (2603203) | about a year and a half ago | (#43740753)

It's so old school.

I think Industrial Control System came before Ice Cream Sandwich...

Re:ICS ? Ice Cream Sandwich ? (1)

lfourrier (209630) | about a year and a half ago | (#43740823)

agreed. Just a reaction to the title of the post, in those days of Google I/O

Re:ICS ? Ice Cream Sandwich ? (0)

Anonymous Coward | about a year and a half ago | (#43743359)

I don't know about that. According to Wikipedia ice cream sandwiches have been around since at least 1905, that probably pre-dates any industrial control systems.

Re:ICS ? Ice Cream Sandwich ? (1)

rossdee (243626) | about a year and a half ago | (#43741725)

You'd think a Honeypot would be for Honeycomb (which was the previous version.

Only in AMERICA (0)

Anonymous Coward | about a year and a half ago | (#43740763)

" just for security researchers, but also for people who are sysadmins setting up ICS systems who have no clue what could happen " ... only in America.

Re:Only in AMERICA (1)

Dishevel (1105119) | about a year and a half ago | (#43741059)

To be fair.

As a sysadmin for a mid sized company looking to get a proprietary ICS from a major powerhouse ...
Are they going to give you access to the source? If not, How exactly are you supposed to know the weaknesses of the system without some real hardcore testing?
Read the literature and take their word for it?

Oh. You just want to be cool and say something anti American. Go on then.

Time to invest in virtualization players (1)

atom1c (2868995) | about a year and a half ago | (#43741063)

With a software-based ICS simulation, plus the software-based infrastructure within which such simulations must reside, this becomes a GREAT time to invest into virtualization players across the board: hardware, software, security, etc.

For infrastructure security, this is absolutely great news! The tallest barrier to entry for non-professional security researchers is access to both facilities and simulated energy consumption devices... I wonder if these guys will make this available as a VM appliance...

Re:Time to invest in virtualization players (0)

Anonymous Coward | about a year and a half ago | (#43742041)

The download of the VM would take more time than installing and running the tool.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?