Script `iec-identify`

Script types: portrule
Categories: discovery, intrusive
Download: https://svn.nmap.org/nmap/scripts/iec-identify.nse

Script Summary

Attempts to identify IEC 60870-5-104 ICS protocol.

After probing with a TESTFR (test frame) message, a STARTDT (start data transfer) message is sent and general interrogation is used to gather the list of information object addresses stored.

Example Usage

nmap -sV --script=iec-identify <target>

Script Output

| iec-identify:
|   ASDU address: 105
|_  Information objects: 30

Requires

shortport
comm
stdnse
string
match

Authors:

Aleksandr Timorin
Daniel Miller

License: Same as Nmap--See https://nmap.org/book/man-legal.html

Script iec-identify

Script Summary

Example Usage

Script Output

Requires

Script `iec-identify`