The "Big Red Rocks" (BRR) mining company is based and operates in Western Australia. They are primarily an iron ore miner, but they also produce electricity through tidal power to support their crushing operations, with any excess power sold back to the power grid through the electricity market. BRR maintains a head office in Perth, and a site office in Port Hedland. There is also a control system network operated at their crushing plant outside of Port Hedland. There is a requirement for database information from the crusher site to be sent on a regular basis to the Perth office for accounting and other purposes. BRR has been informed by CERT Australia that some of their internal documents, through an information leak, have been found on external third party websites, and that they have significant security issues which need to be rectified. You are a network security consultant who has been hired to advice on the issues present in the current architecture from a network security perspective. The following hardware and software is in operation at each site: Perth Head Office · 200 client desktop PCs running Windows Vista · Web server (external) running Apache on Redhat Linux · MS Exchange Server on Windows Server 2008 · 802.11 wireless using WPA TKIP · Executives have iPads to access the internal network · Connection between Head Office and PH Site over Telco private WAN · External Access is via VPN (PPTP) user name and password · There is an AV server Port Hedland Office · Runs 20 PCs with Windows Vista · Authentication to ADS over the WAN link to Perth · Connected to mine site via 802.11 wireless (WPA TKIP) Mining Site · No ADS – all PCs belong to a workgroup · Connection to Port Hedland Site Office via 802.11g point to point link (WPA TKIP) · 10 PCs running Windows Vista in the office · 5 PCs running Windows NT in the control room (NOTE: This cannot be changed as the SCADA · software will not run on a newer OS) · There are no individual logons or pass Other information: · The network security policy has not been updated since 2005 · There is no patching regime · See attached network diagram (Note: this may be out of date but is the most current we can find) · The VPN at the Head Office and the VPN at the mine site are not connected Tasks: You are required to produce the following deliverables as part of your contract: 1. Analyse the network and enlist all vulnerabilities found. 2. The vulnerabilities identified in the network architecture from (1) above should be explained in detail. 3. Provide recommended improvements to the network architecture in order to harden the entire network and to fix the vulnerabilities identified above. 4. Draw the improved network architecture. 5. Based on a rough estimate of the number of operating devices at the Perth HO and the Port Hedland Offices, as well as the network bandwidth, calculate the network traffic intensity during a given time of the day (approximated in numbers). Is there any bottleneck identified on this link that can be exploited by the adversary for launching a DoS attack? If so, propose a solution for countering this threat. 6. Create a JMeter profile to generate network traffic with intensity calculated in (5) above. 7. Generate the network traffic based on the profile from (6) above. 8. Capture the generated network traffic using Wireshark. (Hint: Run Wireshark on a separate virtual machine from JMeter). 9. Write-up network security policies for the resources of the network (devices and technologies). Do not write access policies for end-users rather define policies appertaining solely to the network architecture. SA