Assignment-
Introduction:
A mining company based in Perth operates from three separate offices: Perth Head Office, branch offices in the Pilbara Region and at Port Hedland. There is also a Mobile Ad-Hoc Network deployed at one of the mining company's plants in North-West WA. Based on a regular audit of the network, it has been noted that several security vulnerabilities are exposing the internal network to third-parties. These security issues are to be rectified.
You are a network security consultant who has been hired to advice on the issues present in the current architecture from a network security perspective and to proposed possible architectural improvements to the network in response to the identified vulnerabilities. Following is a description of the corporate network.
Perth Head Office:
- 60 client desktop PCs running Windows 10
- 20 client desktop PCs running Windows 8
- Web server (external) running Apache on Redhat Linux
- MS Exchange Server on Windows Server 2008
- 802.11 wireless links using WPA TKIP
- Executives are allowed to BYOD and access the internal network from their personal devices
- Connection between Head Office and PH Site over a leased line
- External Access is via VPN (PPTP) user name and password
- There is an anti-virus server
Port Hedland Office and Pilbara Region Offices:
- 20 PCs each with Windows 10
- Authentication to ADS over the WAN link to Perth office
- Connected to the Mobile Ad-Hoc Network site via an 802.11 wireless (WPA TKIP) Mining Site
- No ADS - all PCs belong to a workgroup
- Connection to Perth Office via 802.11g point to point link (WPA TKIP)
Mobile Ad-Hoc Network:
- 5 machines running Windows 10
- Wireless connectivity to the Port Hedland Office
- No Firewall or Anti-Virus Deployed
Other information:
- The network security policy has not been updated since 2010
- There is no patching regime
- See attached network diagram (Note: this may be out of date but is the most current we can find)
- The VPN at the Head Office and the VPN at the mine site are not connected
Tasks:
You are required to produce the following deliverables as part of your contract:
1. Analyse the network and enlist all vulnerabilities found.
2. The vulnerabilities identified in the network architecture from (1) above should be explained in detail.
3. Provide recommended improvements to the network architecture in order to harden the entire network and to fix the vulnerabilities identified above.
4. Draw the improved network architecture.
5. Based on a rough estimate of the number of operating devices at the Perth HO and the Port Hedland Offices, as well as the network bandwidth, estimate the network traffic intensity during a given time of the day (approximated in numbers). Is there any bottleneck identified on this link that can be exploited by the adversary for launching a DoS attack? If so, propose a solution for countering this threat.
6. Create a JMeter profile to generate network traffic with intensity calculated in (5) above.
7. Generate the network traffic based on the profile from (6) above.
8. Capture the generated network traffic using Wireshark. (Hint: Run Wireshark on a separate virtual machine from JMeter).
9. Write-up network security policies for the resources of the network (devices and technologies). Do not write access policies for end-users rather define policies appertaining solely to the network architecture.