IoT Honeypot, new types of attacks

Loading Click here to add:
Add to notification list

This presentation will share to the audience the status of IOT attacks from a worldwide distributed honeypot point of view. What are the different protocols, their exposure to the internet and how they are being actively exploited (Modbus, IPMI, S7, Bacnet, Telnet, SNMP etc.)? We have created a Gas Station simulation, no later than 3 hours after having the server on the internet, we started to monitor communications towards a fake S7 service (our Siemens PLC: Siemens SIMATIC S7-200). We are using free software only and this talk wants to boost the audience with the understanding of those technologies and share experience on how to write such a type of honeypot, and hopefully have more ideas to improve the security of a domain that is at least 15 years late! 

Sébastien Tricaud 
Sébastien likes open source and security, from being a former maintainer of Linux PAM to various contributions to tools such as Prelude IDS etc. Sébastien works at Splunk.