cisagov/Malcolm v2.6.0

Malcolm v2.6.0

on GitHub

Malcolm v2.6.0 contains the following changes:

v2.5.0...v2.6.0

• Replace some of the Amazon ICS parsers for Zeek with parsers developed at the Idaho National Lab supporting DHS CISA

  • BACnet
  • Ethernet/IP

• Incorporated updates to some default Zeek ICS protocols

  • DNP3
  • Modbus

• Added new parsers for BSAP ICS protocol

  • BSAP IP
  • BSAP Serial

Component version bumps:

• Supercronic 0.1.12 (used in some Malcolm Docker images)
• alpine:3.12 (base layer of some Malcolm Docker images)
• nginx 1.19.6 (the web server handling encryption, authentication and proxying for Malcolm's Docker containers)
• CMake 3.19.3 (for building some Malcolm source code)
• netsniff-ng 0.6.8 (for packet capture)

Malcolm and Hedgehog Linux may be obtained by pulling or building the Docker images and/or building the ISO installer images as described in the documentation. Unofficial ISO installer images for Malcolm and Hedgehog Linux are not hosted on GitHub, but may be downloaded from https://malcolm.fyi/download/.