VTG (Lab) Bundle

Building Automation and BACnet (ICS007)

Lab: 2 CPE

In this advanced level module, get hands on experience with the BACnet protocol in a simulated server room cooling system to understand how to attack and harden one of the most common building automation system (BAS) protocols in use. After completing this chapter you will be able to

  • Explore building automation systems in Shodan

  • Run nmap scripts to enumerate BACnet devices

  • Set up a rogue BACnet master to read process data and send commands

  • Fuzz BACnet servers to check for vulnerabilities

  • Write Suricata/Snort content rules to detect suspicious BACnet activity

  • Set up a basic BACnet honeypot to study attacker behavior

  • The Fortiphyd Virtual Training Grounds series equips you with the practical experience needed to secure ICS networks. Practice launching real attacks, see their physical consequences, and learn how to defend against them all in realistic 3D simulated plants.

    • Introduction
    • Introduction to BAS and BACnet
    • Shodan
    • SHODAN Background
    • SHODAN Exercise
    • SHODAN Quiz
    • Network Reconnaissance with Nmap
    • BAS Network Reconnaissance Background
    • BAS Network Reconnaissance Exercise
    • BAS Network Reconnaissance Quiz
    • BACnet Traffic Sniffing
    • Man-In-The-Middle / Sniffing Background
    • Packet Sniffing and Inspection
    • BACnet Traffic Sniffing Quiz
    • Rogue Master
    • Rogue Master Background
    • Rogue Master Exercise
    • Rogue Master Quiz
    • BACnet Fuzzing
    • BACnet Fuzzing Background
    • BACnet Fuzzing Exercise
    • BACnet Fuzzing Quiz
    • Network Intrusion Detection
    • Network Intrusion Detection Background
    • Network Intrusion Detection Exercise
    • Network Intrusion Detection Quiz
    • BACnet Honeypot
    • Honeypot Background
    • Honeypot Exercise
    • Honeypot Quiz
    Completion rules
    • All units must be completed
    • Leads to a certificate with a duration: Forever