This is the first module in the Cyber-Physical Industry course; however, it can be taught as a standalone module.  The purpose of this module is to introduce students to concepts associated with system assets and system operations in industrial control systems.

7 Lessons

This Intermediate level, real world lab exercise has students log into a worm-infected CentOS Linux server (ssh terminal only) and follow prescribed steps to secure, clean up and lock down the infected server. Students will use utilities such as chkconfig, service, ps, and kill to examine running services and shut down potentially malicious ones; netstat and nmap to identify rogue network services; iptables to properly configure the firewall; and, package management software such as rpm and yum to verify and repair system packages.

This introductory lab has students scanning a small network subnet using nmap to identify live hosts and open ports. Targets include three virtual machines: a web server, a vulnerable Samba server, and an FTP server, as well as other open network ports. It teaches Linux utilities for reconnaissance and scanning such as whois, ifconfig, and nmap with various command-line switches.

This introductory lab has students learn how to use both symmetric and asymmetric encryption at the Linux command line. This exercise includes an encryption primer and an introduction to symmetric encryption using the Linux utility ccrpyt. It also has students use the Linux gpg utility to create a public/private key pair, as well as encrypt and decrypt a file using public-key cryptography.

This introductory lab has students using simple command injection to attempt to gain unauthorized access to data on an intentionally vulnerable web server. The lab document includes a brief primer on command injection and an introduction to DVWA and its command injection tab so students can use command injection to answer a series of lab questions.

This introductory lab has students using simple SQL injection to attempt to gain unauthorized access to data on an intentionally vulnerable web server. The lab document includes a brief SQL primer so that students understand enough to exploit simple SQL injection attacks, followed by an introduction to DVWA and its SQL Injection page for testing injection techniques.