CSG 5308: Wireless Security- Wireshark- Top Gear Industries Case Study- Report Writing Assignment

By
Responsive Centered Red Button

Need Help with this Question or something similar to this? We got you! Just fill out the order form (follow the link below), and your paper will be assigned to an expert to help you ASAP.

Order Form

Added on: 0000-00-00 00:00:00Order Code: Question Task Id: 0

MAS7532
Report Writing Assignment:

Overview

Wireshark is a network sniffer and analyser tool which can be used by IT administrators, developers, hackers, incident response or security researchers to capture and analyse wired or wireless traffic. This allows you to “see” all traffic that is sent and received when computers interact with one another. A few examples of this include downloading a file from the Internet, logging into your online banking account or watching a video on
YouTube.

Learning how to use this tool and identify certain types of traffic is an extremely valuable skill and is essential in the security industry, especially for penetration testers and incident response.

You can find more information and resources on Wireshark from their official site, located here: https://www.wireshark.org/

Case Background

Top Gear Industries is a small IT company that specializes in creating electronic devices and IoT (Internet of Things) devices for automotive vehicles. Such examples of their work include an embedded device named “Sea Slug” that records fuel consumption and uploads this data to the cloud for analysis or “Rainbow Fish” which is an informative heads up display rear view mirror.

Recently the CEO held a major press conference and informed the public that they have been working on a secret project which they claim will “revolutionize the automotive industry and leave all their competitors behind in a trail of dust”. The media interviewed CEO’s from other competitors similar to Top Gear Industries and they all showed genuine interest and were concerned that this product could put them out of business.

As you could imagine, a statement of this nature from Top Gear Industries could put the company at increased risk from cyber-attacks or industrial espionage.

Incident Information

The following week, the Head of Engineering at Top Gear Industries discovered that the schematics for their new project, codenamed “swordfish” had been mysteriously deleted and replaced with a digital calling card. They also discovered that a number of servers were infected with malware. To make matters worse, all log files on the affected servers were deleted. Fortunately, Top Gear Industries had installed an advanced Wireless Intrusion Detection System (WIDS) just for the Engineering Department which collects all wireless traffic and saves it in a secure location for further analysis. Upon further analysis it was discovered that the WIDS was not involved in the attack and was not compromised.

While the Engineering Department started cleaning up the infected servers, they were informed by the Human Resources Department that one of their newer Engineers “Flynn  Griffen” had not turned up to work this morning and submitted his letter of resignation.

Task

You have been contracted as a wireless network forensic expert by an organization to investigate the issue that has occurred recently. You have been assigned to review, analyse, and provide a full report and documentation of the live packet capture that was intercepted in relationship to some suspected member of your organization to be linked with some kind of “organized crime”.

Your task consists of analyzing, reporting and providing a full documentation of the live packet capture that was handed over to you by the organization which include but not restricted to the following.

1. What websites were accessed by the suspect?
2. What files were download by the suspect?
3. What videos were accessed by the suspect?
4. For all websites, files downloaded and videos accessed, are any of these related to hacking?
5. How did the suspect gain access to our FTP server?
6. What commands did the suspect run on the FTP server?
7. Did the suspect view or alter any other projects on the FTP server?
8. Is there any information to suggest the suspect was working alone or as part of a team?
9. Is there any evidence of suspicious emails?

Referencing

All sources of references must be cited (in text citation) and listed (end reference list). Please also be aware that “copy and paste” referencing will incur a marks penalty – you cannot get marks for work that you did not write. For details about referencing and the required format, please refer to the ECU Referencing Guide, which can be found from the following URL: http://ecu.au.libguides.com/referencing or downloading the reference guide here

Uploaded By : jack
Posted on : April 05th, 2018
Downloads : 0

How to create Testimonial Carousel using Bootstrap5

Clients' Reviews about Our Services