requirements of a network good working relationship with it secure location for antenna and...
Post on 13-Jan-2016
216 Views
Preview:
TRANSCRIPT
Requirements of a NetworkRequirements of a Network
Good working relationship with ITGood working relationship with IT
Secure location for antenna and receiverSecure location for antenna and receiver
Uninterrupted powerUninterrupted power
Capability to log on remotelyCapability to log on remotely
The SC RTNThe SC RTN
We manage the accounts in-houseWe manage the accounts in-house
We have a user feeWe have a user fee
We have one type of subscriptionWe have one type of subscription
Have application and user agreement Have application and user agreement
onlineonline
The South Carolina Real Time NetworkThe South Carolina Real Time Network
GACC
NCHENCSP NCSH
NC77
NCMR NCPO NCRO
NCLU
NCWH
NCSL
SCHA
SCEB
LegendHEIGHT MODERNIZATION STATION Located at non-SCDOT site
HEIGHT MODERNIZATION STATIONLocated at SCDOT site
PROPOSED SITE
SC Real Time GPS Network (SC RTN)
SC RTN comprises 53 base stations continuously collecting and transmitting GPS dataSC RTN provides real-time corrections, via cell phones, to users in the field operating GPS equipmentUsers in the field provided with real-time coordinates and elevations accurate to + 0.1 foot471 Subscribers to the SC Real Time Network include, but are not limited to:
Registered Professional Land Surveyors and EngineersGeographic Information System (GIS) ProfessionalsFederal, State, County and Municipal PlannersSCDOT and SCDOT Contractors using GPS Machine Control for Road ConstructionThe Army Corps of Engineers
The SC DOTThe SC DOT
Thirty six receiversThirty six receivers
All assigned an internal 10. addressAll assigned an internal 10. address
Data streams to the SCDOT headquartersData streams to the SCDOT headquarters
SLA between the two offices SLA between the two offices VPN between SCDOT and ORS server VPN between SCDOT and ORS server
farmfarm
Other LocationsOther Locations
Educational facilitiesEducational facilities Colleges, Technical CollegesColleges, Technical Colleges
Municipal BuildingsMunicipal Buildings Court Houses, Public Works facilities, Pump Court Houses, Public Works facilities, Pump
Houses, State Port Authority, State OfficesHouses, State Port Authority, State Offices
Fire DepartmentsFire Departments
Network ConfigurationNetwork ConfigurationFirst GenerationFirst Generation
Network ConfigurationNetwork ConfigurationSecond GenerationSecond Generation
Receiver Receiver Trimble NetR9Trimble NetR9
Firewalls and ProtectionFirewalls and Protection
Static IP AddressStatic IP Address
IO and HTTPIO and HTTP
Password ProtectionPassword Protection
The SituationThe Situation SCGS was contacted by an IT contractor working for a municipality that hosts one of our SCGS was contacted by an IT contractor working for a municipality that hosts one of our
base stations. The IT contractor had received an email from the IT service provider base stations. The IT contractor had received an email from the IT service provider stating that a device, identified by our specific IP address, had been used to create false stating that a device, identified by our specific IP address, had been used to create false requests for data.requests for data.
The “requests” appeared to be from the target of a cyber-attack but were actually The “requests” appeared to be from the target of a cyber-attack but were actually
generated through the NTP server of the GNSS receiver. The small amount of data used generated through the NTP server of the GNSS receiver. The small amount of data used to create the requests in turn generates an exponentially larger amount of data directed at to create the requests in turn generates an exponentially larger amount of data directed at the target. the target.
Upon notification from the IT provider, the IT contractor disconnected our device from the Upon notification from the IT provider, the IT contractor disconnected our device from the municipality’s network. municipality’s network.
SCGS remotely disabled the NTP server at one of our functioning base stations.SCGS remotely disabled the NTP server at one of our functioning base stations.
SCGS has learned that the affected receivers were identified and exploited by a malicious SCGS has learned that the affected receivers were identified and exploited by a malicious search program. All SCGS receivers are now operating as NTP client only with the NTP search program. All SCGS receivers are now operating as NTP client only with the NTP server disabled. server disabled.
First true Security problem we First true Security problem we have encounteredhave encountered
ClosingClosing
The security of a network goes back to The security of a network goes back to having a great cooperation with your local IT having a great cooperation with your local IT department. Building that alliance is department. Building that alliance is instrumental in offsetting type of cyber attack instrumental in offsetting type of cyber attack to a network. The idea here is that attacks to a network. The idea here is that attacks happen 24 hours a day on a network. happen 24 hours a day on a network.
Thank-you!Thank-you!
Matt WellslagerMatt WellslagerSouth Carolina Geodetic SurveySouth Carolina Geodetic Survey
5 Geology Rd5 Geology Rd
Columbia, SC 29212Columbia, SC 29212
803-896-7715803-896-7715
matt.wellslager@scgs.sc.govmatt.wellslager@scgs.sc.gov
top related