In my previous post I explain how I have run a scan against Internet-exposed Modbus-enabled devices, and share the results obtained.
I have been asked several times why had I chosen to run a Zmap + Nmap scan instead of a Zmap + Zgrab, which would have been a lot faster.
Here is my answer: I wanted to scan the other services running on the Modbus-enabled devices, because:
They tells a lot about the device behind the IP address (the screenshots is a feature I really like, but anonymous FTP file listing is also great, for example)
They often show intersting weaknesses.
more here.........http://pierre.droids-corp.org/blog/html/2015/03/06/mining_public_keys_with_ivre.html
I have been asked several times why had I chosen to run a Zmap + Nmap scan instead of a Zmap + Zgrab, which would have been a lot faster.
Here is my answer: I wanted to scan the other services running on the Modbus-enabled devices, because:
They tells a lot about the device behind the IP address (the screenshots is a feature I really like, but anonymous FTP file listing is also great, for example)
They often show intersting weaknesses.
more here.........http://pierre.droids-corp.org/blog/html/2015/03/06/mining_public_keys_with_ivre.html