Re: [foxboro] Ethernet FBM security

On Tue, Sep 23, 2008 at 10:50:25AM -0500, Lowell, Timothy wrote:
> Stupid Crackberry...
> 
> We're doing a security assessment at one of our refineries that has 
> FBM232/FBM233's, and the question is coming up of what ability is there of 
> Ethernet packets to traverse from the PLC network through the FBM to the MESH 
> network.  Obviously, the Modbus TCP and ControlLogix, etc, packets make it 
> through if you install the correct device driver or it wouldn't work, but 
> what about other packets that could constitute malware, DoS, etc?  Is the FBM 
> a filter that definitively stops all other packets, or should we be putting a 
> firewall between the PLC and the FBM?  I'd be interested to hear what 
> everybody is doing or what Invensys considers is best practice.
> 

Those packets don't "make it through". They get processed by the  on board
microprocessor of the FBM, which runs a program (under WinCE BTW). This
program then communicates with the CP using standard Foxboro protocols. So,
other than a denial of service attack on the FBM itself, I can't see
anything to worry about here.

-- 
One of the main causes of the fall of the roman empire was that, lacking
zero, they had no way to indicate successful termination of their C
programs.
 
 
_______________________________________________________________________
This mailing list is neither sponsored nor endorsed by Invensys Process
Systems (formerly The Foxboro Company). Use the info you obtain here at
your own risks. Read http://www.thecassandraproject.org/disclaimer.html
 
foxboro mailing list:             http://www.freelists.org/list/foxboro
to subscribe:         mailto:foxboro-request@xxxxxxxxxxxxx?subject=join
to unsubscribe:      mailto:foxboro-request@xxxxxxxxxxxxx?subject=leave

Other related posts: