Intrusion Prevention

DNP3.NonDNP3.Communication.DNP3Port

Description

Distributed Network Protocol (DNP3) is an industry standard for inter-operations between devices and is commonly found in SCADA systems. DNP3 enables data and command exchange between a sever and a client device. The server sends commands and controls the operation of a client device. Non-DNP3 Traffic was detected on the DNP3 Port (20000), this could indicate malicious activity.

Affected Products

DNP3 servers.

Impact

Denial of service, reduced system integrity.

Recommended Actions

Restrict access on the relevant ports.
Investigate the source of the traffic to prevent further attacks.