1

With the recent vpn filter attacks, and talks about the hackers wanting to attack our SCADA systems in the U.S. I want to setup a honeypot to monitor the attackers and learn more about how they operate. I found this link but think it may be outdated since it talks about ubuntu 12. Does anyone know of any modbus scada honeypot guides out there?

https://www.hackers-arise.com/single-post/2016/09/22/SCADA-Hacking-Building-a-SCADA-Honeypot

Nerf D
  • 41
  • 2

1 Answers1

1

One of the main problems about ICS Honeypots has always been the variety of deployments that are out there. Anyway, you have some opensource ICS Honeypots that are under continuous development: One of them is Conpot (which is the one used in your post). It is python based, so you shouldn't have problems deploying it in a newer Linux distribution (or you may deploy it in a container fashion, which works great).

You should find that Conpot simulates most of the industrial technologies you'll need.

schroeder
  • 123,438
  • 55
  • 284
  • 319
bulw4rk
  • 61
  • 4