Lab 11 - Security

Overview

This lab is a bit unique compared to the rest, very little programming is involved.

Getting help

If you want any help with any part of this lab, join the OCF slack (https://ocf.io/slack), and mention me (slack: @mdcha, IRC: dongkyun) in #decal-general.

Part 1: Threat Modeling

Read the below prompts and answer any related questions. These questions may take some research and googling. Remember:

  1. What are you protecting?
  2. Who are your adversaries?
  3. How likely is it you will need to protect it?
  4. What are the consequences of failing to protect it?
  5. How many resources should you devote to protecting it?

Example: Safekeeping

This one is just for reference, you don’t have to answer it:

You run a safe storage facility for customers to store a variety of valuables. Describe your threat model.

In this scenario, you’re responsible for your clients’ valuables. There are a multitude of adversaries, including burglars ranging from smash-and-grab to more sophisticated attackers, disgruntled employees, clients looking to claim fradulent loss, and natural disasters such as earthquakes, fires, or tornados.

Storage facilties containing potentially high amounts of valuables in close proximity to each other may serve as enticing targets for attackers and failing to protect the facility would result in a loss of trust that would be devastating for a business.

In order to protect against burglars, an variety of protections can be enabled from increased surveillance to 24/7 guards. The rational amount of security depends on the level of desired profit and likelihood of a break-in.

Allowing clients to install their own security protects allows them protection agaisnt both disgruntled employees and acts as a protection mechanism against fradulent clients.

Illicit Activity

You’re a drug dealer that communicates to your clients over SMS and offers to take Venmo. You usually offer to meet them at a local park only a few blocks away from your apartment.

First create a threat model and then determine how to go about your business more securely.

Secondly, if you were a fed, what tools do you have at your disposal, and how could you go about building a case against the above drug dealer?

Subversive Journalism

You’re a journalist criticizing the local authoritarian government and trying to get your story to ProPublica. Describe your threat model and how you would safely deliver the information.

Part 2: Network Security

Make a list of all the services running on your student VM that are accessible from the public internet, what user they are running as, and what port they are listening on. Use the tools you learned about in lecture 6, such as netstat, as well as tools like ps. You may also want to point nmap -A at your VM from another machine, such as tsunami.

Use less and grep to open up and search your SSH login log file, located in /var/log/auth.log. Besides yourself, is anyone else trying to log in? Who?

Part 3: Hashes

Find the checksum for the binary of a software you use. What is the software and checksum? How did you check the checksum?

Part 4: Submission

Congratulations on finishing the lab!

To submit, insert answer you have for each section into the gradescope submission.