Last Day to Save $400 on InfoSec Courses at SANS Chicago 2017! Register Now.

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

Designing and Implementing a Honeypot on a SCADA Network

  • Wednesday, July 2nd, 2014 at 8:00 PM EDT (00:00:00 UTC)
  • Charlie Scott, Master's Degree Candidate - Masters Presentation
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

You can now attend the webcast using your mobile device!

Overview

SCADA networks typically contain business-critical and mission-critical devices. Consequently, anything that might cause support or downtime issues, such as an anti-virus, IDS, or firewall, is often avoided. A low-interaction honeypot can be an effective means of detecting hostile scanning and other activity on a SCADA network without modifying the existing network and system configurations. Sending the honeypot logs to a Syslog server and indexing them with Splunk can allow the security operator to easily search honeypot activity, and be alerted when it appears that an attack is in progress. This allows a security operator to respond quickly to an event that might not have even been detectable before.

Speaker Bio

Charlie Scott, Master's Degree Candidate - Masters Presentation

Charlie Scott works in the Information Security Office at the University of Texas at Austin, where he performs vulnerability assessments, penetration tests, and supervises the risk management team. Prior to his current position, he held information security roles in local government and at an Internet data center company. He has 20 years of experience in IT and security. Charlie is a candidate for the Masters of Science degree from the SANS Technology Institute and holds several GIAC certifications, including the GSE.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.