Presentation is loading. Please wait.

Presentation is loading. Please wait.

SCADA Security, DNS Phishing

Published byCullen Moores Modified over 9 years ago

Similar presentations

Presentation on theme: "SCADA Security, DNS Phishing"— Presentation transcript:

1 SCADA Security, DNS Phishing
Avesta Hojjati, Commuter science department Advisor Dr Akbar Namin Texas Tech University

2 What is SCADA? Supervisory Control And Data Acquisition, type of Industrial Control System (ICS). Computer based Communication through IPv4 & IPv6 Uses PLC (Programing Logic Controller) as the main operator

3 Main Areas of Concern Security and authentication in the design, deployment and operation of existing SCADA networks The premise that SCADA systems are secure because they use specialized protocols and have proprietary interfaces The premise that SCADA networks are secure because they have been physically secured The premise that SCADA networks are secure because they are not exposed to the Internet

4 SCADA Vulnerabilities
DoS (Denial of Service). Vulnerabilities found in FactoryTalk Services Platform and RSLinx Enterprise November 2011: The cyber-security of the North American power grid is "in a state of near chaos," according to a report by a respected U.S. energy consultancy monitoring the industry's transition to wireless digital technologies. Critical Remote Code Execution (CRCE). Vulnerabilities found in Modbus Serial Driver, product by Schneider Electric September 2010: Iran admits that the Stuxnet worm had infected at least 30, computers in the country. The worm, which researchers have dubbed the most sophisticated malware ever, targets Windows PCs that manage large-scale SCADA systems at manufacturing and utility companies.) Most SCADA protocols were never intended for use on publically accessible networks, and in some cases, not even on IP networks. MODBUS, a common SCADA protocol, was originally designed for use only within simple process control Networks to enable low speed serial communications between clients and servers

5 Point of Attack

6 CRCE Attack

7 CRCE Prevention

8 Securing SCADA Networks
Patch host operating systems, applications and SCADA components Control application communications between SCADA networks and other networks Control application communications within SCADA networks Control what and who are allowed to interact with SCADA networks and systems Monitor all networks closely and react quickly to viruses and attacks

9 What is DNS? The DNS (Domain Name System)translates Internet domain and host names to IP addresses. DNS automatically converts the names we type in our Web browser address bar to the IP addresses of Web servers hosting those sites. (wiki)

10 DNS Phishing (Fake HTTP request)
Redirecting all incoming traffic to a fake server Enables to launch additional attacks, or collect traffic logs that contain sensitive information Capturing all in-bound Allows the attacker to send on their behalf, using the victim organization's domain and cashing-in on their positive reputation

11 DNS Phishing (Fake HTTP request)
Taking over the registration of a domain Attackers take over the registration of a domain and change the authoritative DNS servers This was the type of attack used by the Syrian Electronic Army. They gained access to the domain registration accounts operated by Melbourne IT, changed the authoritative DNS servers to ns1.syrianelectronicarmy.com and ns2.syrianarmyelectronicarmy.com. Cache poisoning Attackers inject malicious DNS data into the recursive DNS servers operated by Internet Service Providers (ISPs). The damage cause by this attack is localized to specific users connecting to the compromised servers

12 DNS Phishing scenario

13 Demonstrating an attack using
Demonstrating an attack using BackTrack Using ARP spoofing Technique (Address Resolution Protocol)

14 Avoidance Good security practices such as strong passwords, IP acceptable client lists (ACLs) and social engineering training will help guard against attack DNSSTOP( Domain Name Server STOP) A curses-based application that displays various tables of DNS statistics DSC (Domain Statistics Collector) DNS Statistics Collector is designed to collect and aggregate statistics from busy authoritative servers, such as those used by TLD (Top-Level Domain) and root server operators. Traffic Gist A network traffic statistics collection tool. Gist can collect statistics about live traffic and do postmortem packet capture analysis

15 Limiting Recursion to Authorized Clients
For DNS servers that are deployed within an organization or Internet Service Provider, the resolver should be configured to perform recursive queries on behalf of authorized clients only. These requests typically should only come from clients within the organization’s network address range. We highly recommend that all server administrators restrict recursion to only clients on the organization’s network. BIND9 In the global options, include the following [10]: acl corpnets { /24; /24; }; options {   allow-query { any; };   allow-recursion { corpnets; }; };

16 References http://www.fastandeasyhacking.com/ (Armitage)
(Ettercap) Siemens PLS Simulator (S7 Seriese)

17 Questions?

Download ppt "SCADA Security, DNS Phishing"

Similar presentations

Enabling Secure Internet Access with ISA Server

Enabling Secure Internet Access with ISA Server
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
2.1 Installing the DNS Server Role Overview of the Domain Name System Role Overview of the DNS Namespace DNS Improvements for Windows Server 2008 Considerations.

2.1 Installing the DNS Server Role Overview of the Domain Name System Role Overview of the DNS Namespace DNS Improvements for Windows Server 2008 Considerations.
Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives  Give examples of common network.

Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives  Give examples of common network.
Computer Networks: Domain Name System. The domain name system (DNS) is an application-layer protocol for mapping domain names to IP addresses Vacation.

Computer Networks: Domain Name System. The domain name system (DNS) is an application-layer protocol for mapping domain names to IP addresses Vacation.
Cyber X-Force-SMS alert system for E-mail threats.

Cyber X-Force-SMS alert system for threats.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Introduction to Security Computer Networks Computer Networks Term B10.

Introduction to Security Computer Networks Computer Networks Term B10.
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Hands-On Microsoft Windows Server 2003 Networking Chapter 6 Domain Name System.

Hands-On Microsoft Windows Server 2003 Networking Chapter 6 Domain Name System.
Web server security Dr Jim Briggs WEBP security1.

Web server security Dr Jim Briggs WEBP security1.
Demonstrating HTTP Session Hijacking through ARP Cache Poisoning and Man-in-the-Middle Attack and exploring HTTPS and VOIP session vulnerabilities Mainuddin.

Demonstrating HTTP Session Hijacking through ARP Cache Poisoning and Man-in-the-Middle Attack and exploring HTTPS and VOIP session vulnerabilities Mainuddin.
Lesson 19: Configuring Windows Firewall

Lesson 19: Configuring Windows Firewall
A Virtual Environment for Investigating Counter Measures for MITM Attacks on Home Area Networks Lionel Morgan 1, Sindhuri Juturu 2, Justin Talavera 3,

A Virtual Environment for Investigating Counter Measures for MITM Attacks on Home Area Networks Lionel Morgan 1, Sindhuri Juturu 2, Justin Talavera 3,
Web-Enabling the Warehouse Chapter 16. Benefits of Web-Enabling a Data Warehouse Better-informed decision making Lower costs of deployment and management.

Web-Enabling the Warehouse Chapter 16. Benefits of Web-Enabling a Data Warehouse Better-informed decision making Lower costs of deployment and management.
A Critical Infrastructure Testbed for Cybersecurity Research and Education Ai Onda, Kalana Pothuvila, Joseph Urban, and Jordan Berg Abstract Awareness.

A Critical Infrastructure Testbed for Cybersecurity Research and Education Ai Onda, Kalana Pothuvila, Joseph Urban, and Jordan Berg Abstract Awareness.
Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer

Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer

Similar presentations

Ads by Google