Blog

• Guru99
• Juniper
• Thousandeyes
• Cybernews
• Stevens Guide

For IPv4:

For SYN flag set:
windump -i 1 "tcp[13] & 2 == 2"
tcpdump -i eth0 "tcp[13] & 2 == 2"

For ACK flag set:
windump -i 1 "tcp[13] & 2 != 0"
tcpdump -i eth0 "tcp[13] & 2 != 0"

For FIN flag set:
windump -i 1 "tcp[13] & 1 == 1"
tcpdump -i eth0 "tcp[13] & 1 == 1"

For IPv6:

For SYN Flag set:
windump -i 1 "ip6[6]=6 and ip6[40] & 2 == 2"
tcpdump -i eth0 "ip6[6]=6 and ip6[40] & 2 == 2"

For ACK Flag set: 
windump -i 1 "ip6[6]=6 and ip6[40] & 2 != 0"
tcpdump -i eth0 "ip6[6]=6 and ip6[40] & 2 != 0"

For FIN flag set:
windump -i 1 "ip6[6]=6 and ip6[40] & 1 == 1"
tcpdump -i eth0 "ip6[6]=6 and ip6[40] & 1 == 1"

Hvis man skal få dette til å kjøre sammen med Wireshark under windows, så må man først intallere Windump med tilhørende revisjon av pcap.

Nyttige redskaper:

• TCP-Viw
• Process explorer
• Linux kommandoer
• Linux kommandoer 2

https://www.sans.org/cyber-security-courses/?focus-area=industrial-control-systems-security

• ICS Cyber Security Video Kurs
• https://instrumentationtools.com/
• https://www.youtube.com/instrumentationtools
• https://engineerscommunity.com/

 

https://www.se.com/no/no/work/solutions/cybersecurity/

Bygninger:

https://download.schneider-electric.com/files?p_Doc_Ref=998-20119182_GMA-US

https://download.schneider-electric.com/files?p_Doc_Ref=998-2095-12-08-15AR0_EN

https://download.schneider-electric.com/files?p_Doc_Ref=998-20140821

https://download.schneider-electric.com/files?p_Doc_Ref=ciberseguridad_sistemas_bms

Kraftforsyning:

https://download.schneider-electric.com/files?p_Doc_Ref=998-20329038_GMA

https://download.schneider-electric.com/files?p_Doc_Ref=PAS_63680_CPM16068

https://download.schneider-electric.com/files?p_Doc_Ref=998-2095-04-06-16AR0_EN

Industri:

https://download.schneider-electric.com/files?p_Doc_Ref=How_can_I_Cybersec

https://download.schneider-electric.com/files?p_Doc_Ref=STN+v2

https://blog.se.com/digital-transformation/cybersecurity/2017/05/05/cybersecurity-business-case-arduous-challenge-part-1/

https://blog.se.com/digital-transformation/cybersecurity/2017/05/19/cybersecurity-business-case-arduous-challenge-part-2/

https://blog.se.com/industry/machine-and-process-management/2017/06/15/building-cybersecurity-knowledge-critical-first-step-secure-industrial-networks/

https://ntnuopen.ntnu.no/ntnu-xmlui/handle/11250/2622681

En litt eldre masteroppgave om samme tema.

https://ntnuopen.ntnu.no/ntnu-xmlui/handle/11250/262568

Denne masteroppgaven vinkler problemstillingen rundt Cyber Security i et ganske interessant tverrfaglig perspektiv.

Tittelen er:  Ikke-tekniske cybersikkerhetsbarrierer for OT-systemer i petroleumsindustrien. (Men den har nok også relevans utenfor petroleumsindustrien.)

https://ntnuopen.ntnu.no/ntnu-xmlui/handle/11250/3024585

Her er også en annen masteroppgave innenfor beslektet tema:

“Cybersecurity Incident Management Process in Industrial ICT Systems”

https://ntnuopen.ntnu.no/ntnu-xmlui/handle/11250/2781139

Her har vi en masteroppgave som er rettet mot innkjøp i forhold til overføringssystemene for elektrisk kraft. Inneholder kanskje litt generell informasjon som kan være interessant.

https://uia.brage.unit.no/uia-xmlui/bitstream/handle/11250/3019796/no.uia:inspera:110849353:20325511.pdf

Her er link til oppgaven til Marie Wilhelmsen:

https://www.duo.uio.no/bitstream/handle/10852/96151/5/Master_thesis_mariwilh.pdf

Kurs hos LinkedIn Learning:

• Wireshark Essential Training
• Wireshark: Network Troubleshooting