Objectives:
- Students will examine the relationship between anonymity and active reconnaissance
- Students will evaluate the relationship between network penetration tools and the OSI 7 Layer model
- Students will determine anonymization techniques for anti-forensics
- Students will evaluate tools and strategies for using those tools.
- Students will examine common SCADA protocols
- Students will research commonalities between SCADA protocols and the OSI 7 Layer model
- Students will examine exploit tools and their relationship to SCADA.
Directions:
Part 1
Active reconnaissance involves what should be detected probing of a network. The analogy is instead of simply listening like a submarine with passive acoustic systems, you are pinging away at the adversary and they know you are there. That is assuming they are listening of course. For this section you will install tools based on their level of the OSI 7 Layer network. The tools should actively intrude or examine the network. Examples of tools like this are NMAP, NESSUS, and scripts that query the network.
You should also look at tools that anonymize your whereabouts. Though active reconnaissance is participatory in the network you may want to obscure as part of anti-forensics your actual location. You can read (Anti-forensics: Obfuscating the path to forensic examination ) for more information. Reconnaissance tools are primarily against the confidentiality service. However, you should still relay where they are located in the McCumber Cube Hierarchy as done in lab 1.
For this section you should find active tools and fill out the grid below. Do not recreate the diagram. Instead create a table that shows the relationships to the different layers of the OSI 7 Layer model. How many tools? The number of tools should be large enough to be a significant sampling.
For a higher resolution image of this picture click on the picture.
Part 2
SCADA is rarely considered by information technology students and even less by information security students until relatively recently. There is a shroud between the electrical engineering crowd and the information technology team that allows for security to become lax. SCADA systems require high speed, clean, secure networks, but what we have seen is a remarkable amount of convergence between the SCADA network and the enterprise network in the name of cost savings.
With this lab you have several tasks. Provided is a figure that depicts the OSI 7 Layer model TCP/IP and a few SCADA protocols. Now first caveat. THESE ARE NOT ALIGNED AT ALL IN THE DIAGRAM in any meaningful way. Your tasks are as follows.]
1) Align TCP/IP with the OSI 7 Layer Model. I have given what is considered to be the standard TCP/IP model. There are others. I know for a protocol that supposedly standardized that doesn’t make much sense. The question is are there four or five layers to TCP/IP? Be wary of the Wikipedia article the question is much deeper than that. Stallings and others have argued on this point. Make sure you document all of your sources as per the syllabus.
2) I’ve given you a few SCADA protocols you should be able to find the protocols and determine if they fit or not. What we are doing breaks them in some ways. In some ways they fit quite nicely. You should look up and define these in detail. Do all of these protocols and find a couple more to do the same. Do not recreate the picture. Instead make a table that depicts the alignments.
For a higher resolution image of this picture click on the picture.
Special Directions:
- The write up should be as discussed in the syllabus and course special instructions.
- Peer review and analysis as per the syllabus
