Re: Vulnerabilities in trading and SCADA softwares
On Wed, Sep 14, 2011 at 5:13 AM, fergal.cass...@measuresoft.com wrote: Please take this constructively... The so called vulnerability in ScadaPro does not apply when the Windows firewall is enabled and under normal circumstances the TCP-IP port is not used to communicate with the ScadaPro service. Measuresoft should not stake its security on the hopes that a firewall is running. There will be plenty of folks who will do dumb things with it. In the next release of ScadaPro the TCP/IP port will not be available and instead a secure web service will be available. Also please note these tests were performed independently of Measuresoft on a demo version and without seeking or obtaining any advice from Measuresoft on how to securely deploy ScadaPro. Measuresoft should be deploying securely out of the box. Require the user make manual changes to punch holes in the firewall (or do it for them after they answer a yes/no with no as the default). Secure out of the box is a good thing, even if it causes a few immediate hardships. Jeff
Re: Vulnerabilities in trading and SCADA softwares
The so called vulnerability in ScadaPro does not apply when the Windows firewall is enabled and under normal circumstances the TCP-IP port is not used to communicate with the ScadaPro service. In the next release of ScadaPro the TCP/IP port will not be available and instead a secure web service will be available. Also please note these tests were performed independently of Measuresoft on a demo version and without seeking or obtaining any advice from Measuresoft on how to securely deploy ScadaPro.
Vulnerabilities in trading and SCADA softwares
Considering the current financial and global crysis in which we are fallen I thought that was enough funny to give a quick look at two particular types of softwares: technical analysis (trading) and SCADA. The tests have been performed as fast as possible without going deep in the softwares and spending just some minutes for the majority of the bugs... a quick disinterested test and nothing else. The technical analysis softwares are used in the financial and trading sectors for studying the trend of the market and catching the right moment to buy and sell for having a profit: MetaStock http://aluigi.org/adv/metastock_1-adv.txt eSignal http://aluigi.org/adv/esignal_1-adv.txt While for the HMI/SCADA, automation and industrial sectors I opted for some medium/small products: Cogent DataHub http://aluigi.org/adv/cogent_1-adv.txt http://aluigi.org/adv/cogent_2-adv.txt http://aluigi.org/adv/cogent_3-adv.txt http://aluigi.org/adv/cogent_4-adv.txt DAQFactory http://aluigi.org/adv/daqfactory_1-adv.txt Progea Movicon / PowerHMI http://aluigi.org/adv/movicon_1-adv.txt http://aluigi.org/adv/movicon_2-adv.txt http://aluigi.org/adv/movicon_3-adv.txt Carel PlantVisor http://aluigi.org/adv/plantvisor_1-adv.txt Rockwell RSLogix (DoS only) http://aluigi.org/adv/rslogix_1-adv.txt Measuresoft ScadaPro (multiple vulnerabilities) http://aluigi.org/adv/scadapro_1-adv.txt Beckhoff TwinCAT (DoS only) http://aluigi.org/adv/twincat_1-adv.txt BroadWin WebAccess Client (released over one week ago) http://aluigi.org/adv/bwocxrun_1-adv.txt As already said I performed only a superficial test without wasting time configuring the softwares or reading manuals and without doing other checks or analysis so I hope everything is correct although not much detailed. If there will be enough interest in these sectors I will release new vulnerabilities in the next weeks. --- Luigi Auriemma http://aluigi.org