Alex's Cyber Security Website

Independent projects:

Here is my ASCII art version of what is happening within the defensive system I have set up.

work in progress

One of my mission statements is to become a Cyber Defense Specialist or Cyber Crime Fighter. In pursuit of that I started to learn about security controls and policies. One thing I found that was important to me was a government regulation called the Children’s Internet Protection Act (CIPA) which was enacted in 2000 by congress.

The Federal Communications Commission(FCC) said, "Schools and libraries subject to CIPA may not receive the discounts ...unless they... block or filter Internet access to pictures that are: (a) obscene; (b) child pornography; or (c) harmful to minors..." https://www.fcc.gov/consumers/guides/childrens-internet-protection-act I read about this policy in a book called Security Policies and Implementation Issues, second edition, Jones and Bartlett Learning (2015) ISBN:9781284055993.

I implemented several different tools to meet CIPA certification standards for a test network. I downloaded various applications available from the Ports collection on the FreeBSD UNIX operating system. Among those tools were PF which is a full-featured firewall and packet filtering system, Dynamic Host Configuration Protocol (DHCPD) which is a server port that handles assigning IP addresses, and Squid which can be used as a transparent proxy and caching server. I was able to combine the knowledge from each tool and apply them together to make browsing the internet safer as well as accessing the internet in a defensive posture.

My implementation has a regular MacOSX desktop computer that is connected to a UNIX desktop computer with a special cable called an ethernet CAT5E crossover cable. With help from people on an online forum located at forums.freebsd.org and the documentation for Squid at "www.squid-cache.org/Doc/ I was able to set up Squid as a transparent proxy by configuring PF as a tool to pass HTTP and HTTPS packets from the ethernet interface on FreeBSD to a special port inside the UNIX computer where Squid is listening and then out to the internet. Using OpenSSL I was able to create a certificate on the UNIX system so that when my MacOSX sends a request over the internet through HTTPS the MacOSX will allow the UNIX computer to intercept that encrypted traffic. Now I can use Squid as a content filtering proxy for HTTP traffic as well as HTTPS. Basically Squid filters websites based upon a configuration file of whitelisted domain names plus some blacklisted sites.

The OSI model was created to help people understand how all this filtering works and all this abstract knowledge is applied. The OSI model is being taught at the Eastern Michigan University that I attend.

Here is an example of what the MacOSX computer receives when the browser tries to go to an unapproved site for example squid-cache.org

work in progress

Here is a screenshot of the certificate that I applied to the MacOSX computer so that it would allow the UNIX computer to intercept the HTTPS traffic.

work in progress

This security control directly maps to a content filtering policy and thus maps directly to the CIPA regulation.

Here is a link to the Squid on FreeBSD procedure: ampshock.com/blog/procedure-squid-freebsd.html

Studies Related to Cyber Defense Training:

My bucket list:

  • Charter a business continuity plan (BCP) and create a scope statement.
  • Understand the processes used by a business.
  • Record the performance and controls used within a business.
  • Create a list of the quantity of customers, employees, and documents handled in a business.
  • Compile a list of assets with monetary values with a network infrastructure diagram of the seven domains of a business.
  • Complete a business impact analysis (BIA.)
  • Conduct a risk assessment with enumeration via quiet and loud penetration tests and calculate a risk matrix.
  • Conduct an exploits assessment and identify some countermeasures to mitigate risks of those vulnerabilities.
  • Develop individual Disaster Recovery Plans (DRP).
  • Give feedback to provide employee training.
  • Test and exercise the plansI created.
  • Create a business cyber defense policy.
  • Create a critical business operations report that identifies mission-critical business systems, applications, and data access.
  • Identify equipment and store building replacement costs with penalty costs for noncompliance issues and nonrepudiation issues.
  • Draft a data flow diagram.
  • Install a temporary network tap using an open source intrusion detection system such as SNORT.
  • Write subsequent detailed forensics reports for any breaches detected using SNORT.
  • Develop a plan for a new project using tools developed by the United States Navy: (PERT) Chart.

New Defensive Protection

logo

The seven domains of information technology can be inspected to identify and evaluate relevant vulnerabilities. This can be done through documentation review, system logs, audit trails, and intrusion detection outputs. Furthermore, penetration testing, system testing, functionality testing, access control testing, and applications testing can be done.

Automation of Business

logo

Are you working too much to be able to enjoy your computer too? I have learned how to write code that can add automated business solutions to give you the freedom to enjoy your job. No project is too small!

Need your computer screened or just a small repair?

Call us today