Re: [foxboro] Ethernet FBM security

"One of the main causes of the fall of the roman empire was that, lacking
zero, they had no way to indicate successful termination of their C
programs."
 
Hey, I was taught that the fall of Roman Empire was due to the Germans learning 
how to ice skate across the frozen Rhine.


John Peter Rooney
Life Senior Member IEEE

--- On Tue, 9/23/08, stan <stanb@xxxxxxxxx> wrote:

From: stan <stanb@xxxxxxxxx>
Subject: Re: [foxboro] Ethernet FBM security
To: "Lowell, Timothy" <TLowell@xxxxxxxxxxx>
Cc: foxboro@xxxxxxxxxxxxx
Date: Tuesday, September 23, 2008, 12:13 PM

On Tue, Sep 23, 2008 at 10:50:25AM -0500, Lowell, Timothy wrote:
> Stupid Crackberry...
> 
> We're doing a security assessment at one of our refineries that has
FBM232/FBM233's, and the question is coming up of what ability is there of
Ethernet packets to traverse from the PLC network through the FBM to the MESH
network.  Obviously, the Modbus TCP and ControlLogix, etc, packets make it
through if you install the correct device driver or it wouldn't work, but
what about other packets that could constitute malware, DoS, etc?  Is the FBM a
filter that definitively stops all other packets, or should we be putting a
firewall between the PLC and the FBM?  I'd be interested to hear what
everybody is doing or what Invensys considers is best practice.
> 

Those packets don't "make it through". They get processed by the 
on board
microprocessor of the FBM, which runs a program (under WinCE BTW). This
program then communicates with the CP using standard Foxboro protocols. So,
other than a denial of service attack on the FBM itself, I can't see
anything to worry about here.

-- 
One of the main causes of the fall of the roman empire was that, lacking
zero, they had no way to indicate successful termination of their C
programs.
 
 
_______________________________________________________________________
This mailing list is neither sponsored nor endorsed by Invensys Process
Systems (formerly The Foxboro Company). Use the info you obtain here at
your own risks. Read http://www.thecassandraproject.org/disclaimer.html
 
foxboro mailing list:             http://www.freelists.org/list/foxboro
to subscribe:         mailto:foxboro-request@xxxxxxxxxxxxx?subject=join
to unsubscribe:      mailto:foxboro-request@xxxxxxxxxxxxx?subject=leave
 



      
 
 
_______________________________________________________________________
This mailing list is neither sponsored nor endorsed by Invensys Process
Systems (formerly The Foxboro Company). Use the info you obtain here at
your own risks. Read http://www.thecassandraproject.org/disclaimer.html
 
foxboro mailing list:             http://www.freelists.org/list/foxboro
to subscribe:         mailto:foxboro-request@xxxxxxxxxxxxx?subject=join
to unsubscribe:      mailto:foxboro-request@xxxxxxxxxxxxx?subject=leave

Other related posts: