Testing the SCADA honeypot
nmap –n 192.168.1.11 reveals only three open ports: 21, 23 and 80. By default, nmap scans for does not include port 502 used by the MODBUS protocol.
To scan all TCP ports, use the following command:
sudo nmap -p1-65535 -n 192.168.1.11
After detecting FTP, Telnet and HTTP ports open; try to use the respective clients to access content from these ports.
Open the honeypot IP on any Web browser to see the PLC Web page with Diagnostics, Statistics and Protocols Supported menus.
Telnet to the honeypot IP and establish a connection.