Five Weakest Links in Cybersecurity That Target the Supply Chain

Third-party breaches have become an epidemic as cybercriminals target the weakest link. Organizations such as BestBuy, Sears, Delta and even NYU Medical Center are just a few that have felt the impact of cyberattacks through third-party vendors. The fallout from these breaches can be costly, as the average enterprise pays $1.23 million per incident, up […]

Link: https://threatpost.com/five-weakest-links-in-cybersecurity-that-target-the-supply-chain/137453/

DELTA – SDN Security Evaluation Framework

DELTA is a penetration testing framework that regenerates known attack scenarios for diverse test cases. This framework also provides the capability of discovering unknown security problems in SDN by employing a fuzzing technique.Agent-Manager is the control tower. It takes full control over all the agents deployed to the target SDN network.Application-Agent is a legitimate SDN application that conducts attack procedures and is controller-dependent. The known malicious functions are implemented as application-agent functions.Channel-Agent is deployed between the controller and the OpenFlow-enabled switch. The agent sniffs and modifies the unencrypted control messages. It is controller-independent.Host-Agent behaves as if it was a legitimate host participating in the target SDN network. The agent demonstrates an attack in which a host attempts to compromise the control plane.PrerequisitesIn order to build and run DELTA, the following are required:An agent manager based on Ubuntu 14.04 LTS 64 bitAnt build systemMaven v3.3.9VagrantJDK 1.7 and 1.8Target Controller (for application agent)Floodlight: 0.91, 1.2ONOS: 1.1, 1.6, 1.9OpenDaylight: Helium-sr3, CarbonCbench (for channel agent)Mininet 2.1+ (for host agent)(in the case of All-In-One Single Machine) Three virtual machines based on Ubuntu 14.04 LTS 64 bit.VM-1: Target controller + Application agentVM-2: Channel agentVM-3: Host agentInstalling DELTADELTA installation depends on maven and ant build system. The mvn command is used to install the agent-manager and the agents. DELTA can support an All-In-One Single Machine environment via virtual machines as well as a real hardware SDN environment.STEP 1. Get the source code of DELTA on the agent manager machine$ git clone https://github.com/OpenNetworkingFoundation/DELTA.gitSTEP 2. Install DELTA dependencies$ cd /tools/dev/delta-setup/$ ./delta-setup-devenv-ubuntuSTEP 3. Install DELTA using maven build$ cd <DELTA>$ source ./tools/dev/delta-setup/bash_profile$ mvn clean installSTEP 4-a. (All-In-One Single Machine) Install three virtual machines using vagrant system$ cd <DELTA>/tools/dev/delta-setup/$ ./delta-setup-vms-ubuntu$ cd vagrant/$ vagrant upSTEP 4-b. (All-In-One Single Machine) Add NAT to VM3 (mininet) In the case of all-in-one single machine, the test environment is automatically setup as below: Configuring your own experimentsExecute sudo without the password$ sudo visudoIn the bottom of the file, type the follow:username ALL=(ALL) NOPASSWD: ALLConfigure passwd-less ssh login for the agents$ vi <DELTA>/tools/dev/delta-setup/bash_profile(by default, the addresses are set as vms)export DELTA_APP=vagrant@10.100.100.11export DELTA_CHANNEL=vagrant@10.100.100.12export DELTA_HOST=vagrant@10.100.100.13$ source <DELTA>/tools/dev/delta-setup/bash_profile$ cd ~$ ssh-keygen -t rsa(Press enter)$ ssh-copy-id -i ~/.ssh/id_rsa.pub $DELTA_APP$ ssh-copy-id -i ~/.ssh/id_rsa.pub $DELTA_CHANNEL$ ssh-copy-id -i ~/.ssh/id_rsa.pub $DELTA_HOSTCheck if you can access the VMs without having to enter the password.The agent-manager automatically reads a configuration file and sets up the test environment based on the file. DELTA/tools/config/manager.cfg contains the All-In-One Single Machine configuration by default. If you want to test a real SDN environment, you should specify your own configuration file.CONTROLLER_SSH=vagrant@10.100.100.11CHANNEL_SSH=vagrant@10.100.100.12HOST_SSH=vagrant@10.100.100.13TARGET_HOST=10.0.0.2ONOS_ROOT=/home/vagrant/onos-1.6.0CBENCH_ROOT=/home/vagrant/oflops/cbench/TARGET_CONTROLLER=FloodlightTARGET_VERSION=0.91OF_PORT=6633OF_VER=1.3MITM_NIC=eth1CONTROLLER_IP=10.100.100.11SWITCH_IP=10.100.100.13,10.100.100.13,10.100.100.13DUMMY_CONT_IP=10.0.2.2DUMMY_CONT_PORT=6633AM_IP=10.0.2.2AM_PORT=3366Floodlight 1.2$ cd <DELTA>/tools/dev/app-agent-setup$ ./floodlight-1.2-scpONOS 1.1$ cd <DELTA>/tools/dev/app-agent-setup/onos$ ./onos-1.1.0-scp(on the controller machine) $ ./onos-1.1.0-setupONOS 1.6 or 1.9$ cd <DELTA>/tools/dev/app-agent-setup/onos$ ./delta-setup-onos <onos-version>* Supported ONOS version in the script: 1.6, 1.9 OpenDaylight helium-sr3 (only JDK 1.7-supported)$ cd <DELTA>/tools/dev/app-agent-setup$ ./odl-helium-sr3-scp(on the controller machine) $ ./odl-helium-sr3-setupOpenDaylight Carbon$ cd <DELTA>/tools/dev/app-agent-setup$ ./odl-carbon-scp(on the controller machine) $ ./odl-carbon-setupThe app-agent (on the controller machine) needs ‘agent.cfg’ file to connect to the agent-manager.MANAGER_IP=10.0.2.2MANAGER_PORT=3366Running DELTASTEP 1. Distribute the executable files to VMs$ cd <DELTA>$ source ./tools/dev/delta-setup/bash_profile$ ./tools/dev/delta-setup/delta-agents-scpSTEP 2. Execute Agent-Manager first$ cd <DELTA>$ bin/run-delta tools/config/<configuration file> # e.g., manager_vm.cfg DELTA: A Penetration Testing Framework for Software-Defined Networks [pP] – Show all known attacks [cC] – Show configuration info [kK] – Replaying known attack(s) [uU] – Finding an unknown attack [qQ] – QuitCommand>_STEP 3. Connect Web-based UI (port number is 7070)Main ContributorsSeungsoo Lee (KAIST)Jinwoo Kim (KAIST)Changhoon Yoon (KAIST)Sandra Scott-Hayward (Queen’s University Belfast)Seungwon Shin (KAIST)CollaboratorsPhil Porras, Vinod Yegneswaran (SRI International)Kyuho Hwang, Daewon Jung (National Security Research Institute)Atto ResearchDownload DELTA

Link: http://feedproxy.google.com/~r/PentestTools/~3/LxnUTNwnwCQ/delta-sdn-security-evaluation-framework.html