If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!
Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.
1. Introduction
1.a. About SCADA StrangLove
1.b. We were here before
c. Why we eat what we eat
2. ICS in internet – piece of cake
2.a. Massscan, zmap, sonar, etc.
2.b. One time scan isn’t sexy today – Continuous monitoring
2.c. Pizza Owens on the internets now
3. More protocols – more fun
3.a. Profinet/DCP
3.b. IEC104 – the bad and the bad
3.c. MMS – from reflash to tag
3.d. S7 saga continued
3.e. Every self-respecting ICS vendor must have own buggy protocol
4. “Darwin” bugs in ICS
4.a. Statistic and detailed analysis of vulnerabilities discovered by SCADASL team
5. Don’t try it at home - Pentesting ICS environment
5.a. Listen to the turbines
5.b. Sit in hardened rooms
5.c. Remember the exit paths
6. What we already know. Fixes and releases in 2013
7. Things we don’t know yet
7.a. Old friends: Siemens
7.a.i. New S7-1500 PLC
7.a.ii. Cookie monster to own all PLC’s
7.b. New friends
7.b.i. Invensys vulnerabilities
7.b.ii. ABB vulnerabilities and exploit demo
7.b.iii. Emerson vulnerabilities
8. Special 30C3 releases