search

cisagov / ICSNPP

Industrial Control Systems Network Protocol Parsers
BSD 3-Clause "New" or "Revised" License
157 stars 26 forks source link

Omron FINS Parser #17

Open athomsen115 opened 1 year ago

athomsen115 commented 1 year ago

💡 Summary

What is the work, as a high-level summary? Can you add a new parser for Omron FINS

Motivation and context

Why does this work belong in this project? Based on the PIPEDREAM malware and if malware is starting to target Omron, I would like to be able to parse that in Security Onion. I am able to review the traffic in Wireshark, but that can only process so much data at a time and is hard to target down to long tail analysis. This would be useful because...

Implementation notes

Please provide details for implementation, such as:

Acceptance criteria

How do we know when this work is done?

piercema commented 8 months ago

Thank you for submitting this suggestion. We are currently looking into the level of effort this parser would require and will proceed once we have additional information.