Use of Various Windows Utilities to Manage ICS Processes

Target Audience: Operational Technology (OT) operators of industrial control systems (ICS) that do not have information technology (IT) training.

Need: Typically, OT operators learn IT commands as they need them. They do not have a formal training class that teaches some of the fundamentals of network or system administration.

Execution: This article will attempt to provide some traditional IT tools and their application within the OT network.

It is assumed that you have access to at least one Windows computer on the ICS network. All work should be performed from that box.

Open a command prompt. Start àtype cmd in the search box. Press enter.

After the command prompt is opened, type: hostname

The resultant is the name of the computer that you are accessing.

Open a command prompt. Start àtype cmd in the search box. Press enter.

After the command prompt is opened, type: ipconfig

The IP of the box that you are accessing is listed. In this example, it is 10.175.53.127

Step 3:
Find the name of A box that you KNOW THE IP

Ping is an extremely useful network administration tool. It is primarily to used to test the round-trip time for messages sent from a server going to a destination computer. In fact, the name comes from active sonar terminology that sends a pulse of sound and listens for the echo to detect objects under water.

Ping operates by sending Internet Control Message Protocol (ICMP) echo request packets to the target host and waiting for an ICMP echo reply. The program reports errors, packet loss, and a statistical summary of the results, typically including the minimum, maximum, the mean round-trip times, and standard deviation of the mean.

By using ping to a hostname, ping resolves to the IP. For example:

This indicates that a communication pathway, a connection, exists between the host box and PCCRTS1. However, (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Jim Acord. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/4I5wgJsSRuw/