MODBUS Client 'Force Listen Only Mode' Request (SCADA) (deprecated)

info Nessus Network Monitor Plugin ID 6257

Synopsis

PVS has just observed a Modbus TCP 'force listen only mode' request.

Description

The remote client is running the MODBUS protocol. This protocol is common on SCADA or process control networks. NNM has just observed a Modbus TCP 'force listen only mode' request. An attacker can use this functionality to repeatedly disable the remote server from responding.

Solution

You should ensure that this sort of network traffic is restricted to protected networks only. Further, you should ensure that only valid clients are allowed to send commands to the server.

Plugin Details

Severity: Info

ID: 6257

Family: SCADA

Published: 1/6/2012

Updated: 1/16/2019