Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 SCADA:DNP3:NON-DNP3

Severity

 Info

Recommended

 No

Category

 SCADA

Keywords

 DNP 3

Release Date

 2005/07/27

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

DNP3: Non-DNP3 Traffic


This signature detects non-DNP3 traffic on the default port.

Extended Description

The existence of non DNP3 traffic on DNP3 ports is abnormal, and could indicate that a remote attacker is attempting to bypass firewall rules that allow DNP3 communication, cause denial of service conditions on devices that mishandle malformed packets, or tunnel traffic over DNP3 protocol and conduct further attacks. Non-DNP3 traffic arriving at DNP3 ports may also be the result of configuration or implementation errors.

References

  • URL: http://www.juniper.net/security/auto/vulnerabilities/vuln2496.html

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out