[Oisf-users] Suricata Support for ICS (SCADA) protocols
Craig Dillabaugh
cdillabaugh at solananetworks.com
Tue Nov 25 17:27:29 UTC 2014
Hello,
I am doing some research on open source IDS support for ICS (SCADA)
protocols.
Based on what I've learned so far it seems that Suricata supports Modbus
and DNP3 protocols (at least), but I am curious to know about the level
of support. I saw that very recently additional support for Modbus was
added to Suricata
(https://redmine.openinfosecfoundation.org/issues/1310), which surprised
me a bit as my understanding was that Suricata already supported Modbus
(and DNP3) protocols.
Was the former support simply due to support of Snort rules? If so, how
does the new support improve the situation.
Also, what is the state of DNP3 support, and are any other SCADA
protocols supported, or under development.
Thanks in advance to anyone who can provide information.
Craig Dillabaugh
More information about the Oisf-users
mailing list