Jim at DCS has this post on scanning SCADA networks.
Here’s the thing. If you’re so scared you’ll break your stuff by running a simple Nessus scan with safe settings, you have a serious problem. Just imagine how screwed you’ll be the first time an attacker decides to scan your systems for you.
Unless you’re totally sure that network and those systems are totally isolated, you better have a darn good recovery plan. Including a job recovery plan, if you know what I mean.
Yes- you can mess up and perform more intrusive scans that break things, but I’d be seriously worried if even this is the case. If stuff dies with typical safe scan settings it falls in the whole “bad” category.
Reader interactions
One Reply to “If a Safe Vulnerability Scan Breaks Stuff, Better Have Good Backups and a Resume”
talked about SCADA before in a few posts, including this, this, and this. In general, it seems obvious that running these things on standard IT technology, then