Utilising open source tools to map and analyse a domain based IT system.

Slides:



Advertisements
Similar presentations
The Conceptual Framework of mLearning Security for University in Thailand Sarawut Ramjan Department of e-Commerce Management North-Chiang Mai university.
Advertisements

Trust Management of Services in Cloud Environments:
Network Security of Labnet ******. Introduction Test the network security of the servers on our Labnet domain Find Potential Weaknesses Find Security.
Security Issues and Challenges in Cloud Computing
Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,
Naming Computer Engineering Department Distributed Systems Course Asst. Prof. Dr. Ahmet Sayar Kocaeli University - Fall 2014.
Active Directory: Final Solution to Enterprise System Integration
Technical Architectures
Understanding Active Directory
© Prentice Hall CHAPTER 14 Managing Technological Resources.
Web Servers How do our requests for resources on the Internet get handled? Can they be located anywhere? Global?
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Security Tools CS-480b Dick Steflik. CACLS Windows NT, W2000, XP Displays or modifies access control lists (ACLs) of files.
Component-Based Software Engineering Introducing the Bank Example Paul Krause.
Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.
Chapter 8: Network Operating Systems and Windows Server 2003-Based Networking Network+ Guide to Networks Third Edition.
A Survey of Risk: Federated ID Management in Cloud and Grid Computing Presentation by Andy Wood (P )
Querying Active Directory From SSRS
TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.
Smart Card Deployment David Gautrey IT Manager – Microsoft New Zealaand Microsoft Corporation.
LDS Account and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.
Developing Health Geographic Information Systems (HGIS) for Khorasan Province in Iran (Technical Report) S.H. Sanaei-Nejad, (MSc, PhD) Ferdowsi University.
Module D Panko and Panko Business Data Networks and Security, 9 th Edition © 2013 Pearson Education, Inc. Publishing as Prentice Hall.
Confidential Crisis Management Innovations, LLC. CMI CrisisPad TM Product Overview Copyright © 2011, Crisis Management Innovations, LLC. All Rights Reserved.
1 Group Account Administration Introduction to Groups Planning a Group Strategy Creating Groups Understanding Default Groups Groups for Administrators.
LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL Presented by Chaithra H.T.
Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.
Gregorio Martínez Pérez University of Murcia PROVIDING SECURITY TO UNIVERSITY ENVIRONMENT COMMUNICATIONS.
Module 11: Remote Access Fundamentals
INTRODUCTION What is a Web-Enabled Database? Problem and its Importance Two-tier Architecture Three-tier Architecture Need for a compatible centralized.
Building Secure, Flexible and Scalable Environments using LDAP - SANS Orlando Sacha Faust PricewaterhouseCoopers
Active Directory Harikrishnan V G 18 March Presentation titlePage 2 Agenda ► Introduction – Active Directory ► Directory Service ► Benefits of Active.
1 Introduction to Microsoft Windows 2000 Windows 2000 Overview Windows 2000 Architecture Overview Windows 2000 Directory Services Overview Logging On to.
Active Directory Overview n Course: Operating System n Professor: Mort Anvari n Student: Lina Si n Date: 09/07/02.
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
TASHKENT UNIVERSITY OF INFORMATION TECHNOLOGIES Lesson №18 Telecommunication software design for analyzing and control packets on the networks by using.
9 Systems Analysis and Design in a Changing World, Fourth Edition.
Using RADIUS as a AAA backbone for Windows networks Kostas Kalevras NTUA Network Operations Centre.
© 2005,2006 NeoAccel Inc. Partners Presentation Authentication & Access Control.
Authorization GGF-6 Grid Authorization Concepts Proposed work item of Authorization WG Chicago, IL - Oct 15 th 2002 Leon Gommans Advanced Internet.
Virtualization Technology and Microsoft Virtual PC 2007 YOU ARE WELCOME By : Osama Tamimi.
1/14/ :59 PM1/14/ :59 PM1/14/ :59 PM Research overview Koen Victor, 12/2007.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Three Managing Recipients.
1 AHM, 2–4 Sept 2003 e-Science Centre GRID Authorization Framework for CCLRC Data Portal Ananta Manandhar.
1 Active Directory Service in Windows 2000 Li Yang SID: November 2000.
Review on Active Directory. Aim Enable users to find network resources easily Central and easy administration of users and resources in a domain Improve.
Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.
Privacy-Preserving and Content-Protecting Location Based Queries.
Endpoints Lesson 17. Skills Matrix Endpoints Endpoints provide a reliable, securable, scalable messaging system that enables SQL Server to communicate.
PERMISSION ANALYZER 2 Reports NTFS permissions from the file system combined with user and group data from the Active Directory.
LINUX Presented By Parvathy Subramanian. April 23, 2008LINUX, By Parvathy Subramanian2 Agenda ► Introduction ► Standard design for security systems ►
Module 1: Introduction to Windows 2000 and Networking.
Grid Services for Digital Archive Tao-Sheng Chen Academia Sinica Computing Centre
Personal Home Healthcare System for the Cardiac Patient of Smart City Using Fuzzy Logic Shijia Liu.
Md Baitul Al Sadi, Isaac J. Cushman, Lei Chen, Rami J. Haddad
Benefits of Using Domain Name System (DNS)
Objectives Differentiate between the different editions of Windows Server 2003 Explain Windows Server 2003 network models and server roles Identify concepts.
Get Amazon AWS-Solution-Architect-Associate Exam Free Study material | Dumps4download.us
IIS.
FootPrinting CS391.
Design Unit 26 Design a small or home office network
Introduction to Name and Directory Services
Architecture Competency Group
BACHELOR’S THESIS DEFENSE
BACHELOR’S THESIS DEFENSE
ACTIVE DIRECTORY An Overview.. By Karan Oberoi.
PLANNING A SECURE BASELINE INSTALLATION
Presentation transcript:

Utilising open source tools to map and analyse a domain based IT system

I. Introduction II. Method overview III. Domain detail aggregation IV. Procedure V. Visualisation VI. Conclusion © Photo: O van Ginkel

Introduction: Domain mapping  Purpose of paper: Network mapping technique Visualisation Exposure of cyber-security risk to centrally managed Smart Grid IT infrastructure.  Stouffer et al. 2014: Centralised authentication management systems preferred? …to distributed access control solutions  Why? Scalability Large number of users and systems Frequent changes in access privileges I. Introduction II. Method overview III. Domain detail aggregation V. Visualisation VI. Conclusion IV. Procedure

Introduction: Domain mapping  Typical centralised solution Microsoft TM Active Directory and the Lightweight Directory Access Protocol (LDAP) (Howes 1997: RFC 2254) Stores all accounts Manages authentication / authorization All individuals, systems in domain  Numerous concerns: centralised (Stouffer et al. 2014): Authentication servers require high security and availability Local credential caching Network infrastructure needs high reliability - prevent hindrance of authentication attempts. I. Introduction II. Method overview III. Domain detail aggregation V. Visualisation VI. Conclusion IV. Procedure

Introduction: Domain mapping  This study endeavours to i nvestigate a technique: Enabling a person to gain knowledge of a domain network Using a set of simple readily available software tools AdFind Nmapnslookup I. Introduction II. Method overview III. Domain detail aggregation V. Visualisation VI. Conclusion nmap.org support.microsoft.com/kb/ joeware.net IV. Procedure

Method overview: Domain mapping  Utilising the user detail exposed by an Active Directory server Simplify / speed up the process of mapping The domain network  3 Steps: 1. Query 2. Receive 3. Trace / map I. Introduction II. Method overview III. Domain detail aggregation V. Visualisation VI. Conclusion IV. Procedure AdFindNmapftrace tracert

Method overview: Domain mapping I. Introduction II. Method overview III. Domain detail aggregation V. Visualisation VI. Conclusion IV. Procedure

Domain detail aggregation: Domain mapping I. Introduction II. Method overview III. Domain detail aggregation V. Visualisation VI. Conclusion IV. Procedure nslookup -types=any _ldap._tcp.domain.com adfind -h adserver.domain.com -b dc=domain,dc=com -f "objectcategory=computer">domainmachines.txt  4 minutes -> details of machines of network AdFindnslookup GET AD SERVER AD SERVER DOMAIN FILTERRESULT

Domain detail aggregation: Domain mapping I. Introduction II. Method overview III. Domain detail aggregation V. Visualisation VI. Conclusion IV. Procedure  Too slow? 4 minutes… Add “-dn” parameter to adfind query less detail returned but 30 seconds for domain names of machines  Further focus on Servers Limits the approximately domain machines to Smart Grid supporting servers can be identified and possibly be targeted

Domain detail aggregation: Domain mapping I. Introduction II. Method overview III. Domain detail aggregation V. Visualisation VI. Conclusion IV. Procedure Smart Grid Supporting Systems

Procedure: Domain mapping I. Introduction II. Method overview III. Domain detail aggregation IV. Procedure V. Visualisation VI. Conclusion nmap --traceroute -sn -iL hostlist.txt -oN routes.txt  Other tools evaluated: Nmap ftrace tracert

Procedure: Domain mapping I. Introduction II. Method overview III. Domain detail aggregation IV. Procedure V. Visualisation VI. Conclusion Route tracing tool comparative study 1 day: MAPPED devices Only servers: 17 minutes

Procedure: Domain mapping I. Introduction II. Method overview III. Domain detail aggregation IV. Procedure V. Visualisation VI. Conclusion Latency analysis histogram (all hops: devices) Includes intermediary devices

Procedure: Domain mapping I. Introduction II. Method overview III. Domain detail aggregation IV. Procedure V. Visualisation VI. Conclusion Latency analysis histogram (final hops: devices) D C B A Excludes intermediary devices

Procedure: Domain mapping I. Introduction II. Method overview III. Domain detail aggregation IV. Procedure V. Visualisation VI. Conclusion Spatial agreement of typical final hop latency D C B A Spatial location Province Associated average latency (milliseconds) Gauteng2 Free State10 KwaZulu-Natal15 Western Cape24  Pinpoint the location of critical cyber assets within the Smart Grid environment without the necessity of a geo-IP database

Visualisation: Domain mapping I. Introduction II. Method overview III. Domain detail aggregation V. Visualisation VI. Conclusion  Visualisation tools: Data design IV. Procedure RadialNetZenMapvis.js Support JSON For visualisation (Almende 2015)

Visualisation: Domain mapping I. Introduction II. Method overview III. Domain detail aggregation V. Visualisation VI. Conclusion Detail on demand added IV. Procedure

Visualisation: Domain mapping I. Introduction II. Method overview III. Domain detail aggregation V. Visualisation VI. Conclusion Mapped domain network IV. Procedure

Visualisation: Domain mapping I. Introduction II. Method overview III. Domain detail aggregation V. Visualisation VI. Conclusion Mapped domain network (zoom) IV. Procedure

Conclusion: Domain mapping I. Introduction II. Method overview III. Domain detail aggregation V. Visualisation VI. Conclusion  Requests launched at an Active Directory Server  Filtering prior to scanning and mapping of the network  In 20 minutes: knowledge of critical systems, both physical and network location  Ensure that Smart Grid architecture exhibits : Robustness Sufficient redundancy Communication network sustained Do not expose critical cyber assets to damage by accidental or malicious intruders IV. Procedure

Thank you!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.