runZero Hour, Ep. 3: Fingerprinting OT Protocols

Episode 3 of the runZero Hour webcast gave us a flavor of what it’s like to fingerprint OT protocols that aren’t as accessible if you aren’t part of that industry. On the IT side, protocols (e.g., SMTP, DNS, SSH) are widely adopted and industry-agnostic. With OT, you find a lot more protocols that are industry-specific. For example, Distributed Network Protocol 3 (DNP3) is a set of communications protocols used primarily by utilities such as electric and water companies. Automated Tank Gauging (ATG) is used almost exclusively with gas or petrol stations. Factory Interface Network Service, a protocol used exclusively for Omron PLCs, is most frequently found in Japanese factories.

The fit-for-purpose nature of these protocols has ramifications for fingerprinting: Since DNP3 supports unsolicited messaging, where stations initiate communications with a controller, fingerprinting is potentially easier as stations divulge information about themselves.

ATG is surprisingly easy to fingerprint despite its age. Payloads are often in well-formed human-readable formats, no decoding required for identification. FINS is difficult to fingerprint without first parsing its documentation, which is mostly written in Japanese. But with Google Translate and perseverance, fingerprinting is possible.

If you’ve read this far, you’re probably interested in OT, and if you happen to be going to the S4 conference, we would love to see you there!

runZero will have a booth at #s4x24 and be part of the ICS village along with other vendors, where our platform will be tested against a mock manufacturing environment. Come check it out!

Meet Our Speakers

HD Moore

Founder & CEO

Huxley Barbee

Contributor

Rob King

Director of Security Research

Tom Sellers

Principal Research Engineer

Subscribe Now

Get the latest news and expert insights delivered in your inbox.

Welcome to the club! Your subscription to our newsletter is successful.


Related Resources

Webcasts
runZero Hour, Ep. 13: Anniversary episode reflecting on 2024 through the lens of IT-OT/IoT convergence
In this special anniversary episode we gathered an all-star panel of cybersecurity experts to look back on 2024 through the lens of IT-OT/IoT...
Webcasts
runZero Hour, Ep. 12: A deep-dive into OT devices, protocols, and vulnerabilities
In this month’s episode of runZero Hour, we take a deep dive into new research insights on OT devices, protocols, and vulnerabilities.
Webcasts
Dangerous Dark Matter: Confronting the Creepy Unknowns in Your Network
We explore the hidden threats and “network dark matter” lurking within your environment, viewed through the lens of zero-day vulnerabilities.
Webcasts
runZero Hour, Ep. 11: A CISA insider's perspective on managing the KEV catalog
Tod Beardsley, CISA cybersecurity expert offers an insider’s look into CISA’s mission and management of the Known Exploited Vulnerabilities (KEV)...

See Results in Minutes

Get complete visibility into IT, OT, & IoT — without agents, credentials, or hardware.

© Copyright 2024 runZero, Inc. All Rights Reserved