The Badge Archive

Fulfills Step 2 of GSUSA Senior Cybersecurity Investigator badge requirements.

Infor Needed for the badge requirements: Traceroutes are tools that cybersecurity investigators use to track the path data takes across the internet. They help retrace the steps of a cybercrime, identify unusual data routes that may indicate hacking (like data being rerouted to a different country), and detect connectivity issues if certain stops are slow or fail. These clues are essential for resolving internet and cybersecurity problems effectively

Items Needed

• VTK Traceroute Diagram by GSUSA for each scout
• VTK Sample Traceroutes by GSUSA
• 2 copies of VTK U.S. Map by GSUSA
• 3 copies of VTK World Map by GSUSA
• Pen, pencil, or marker for each scout

Instructions

1. Data moves through the internet to reach its destination, such as a website, using a tool called a traceroute. This is an important step in understanding how cybersecurity investigators track and identify issues during a cybercrime.
2. Distribute a Traceroute Diagram to each scout and review its components:
   • The URL at the top shows the destination (e.g., girlscouts.org).
   • The list of numbers on the left represents the “hops,” or stops, that data makes along its path.
   • The location codes (e.g., airport codes like DFW for Dallas/Fort Worth) indicate physical locations of the routers.
   • The IP addresses show the unique identifiers for each router along the path.
   • The numbers on the right (e.g., 153.274 ms) indicate the time it took for data to reach each stop, in milliseconds.
3. Ask scouts questions to analyze the traceroute:
   • What URL is listed on the diagram?
   • How many hops did the data make?
   • Can they identify any of the locations or codes?
   • Which hop took the longest to respond?
4. Divide scouts into five groups and give each group a Sample Traceroute and a corresponding U.S. Map or World Map. Scouts should review their traceroute, identify locations from the codes, and draw lines on their map to show the data’s path.
   • Sample Traceroute #1, and #2 get a U.S. Map.
   • Sample Traceroutes #3, #4, and #5 get a World Map.
5. Bring everyone back together and compare the maps created by each group. Discuss:
   • What patterns did they notice about the paths data traveled?
   • Were there similarities or differences between the maps?
   • Did anything surprise them, like the number of hops or how the data zig-zagged geographically?

Leader Answers for the Traceroute Activity

• Slow response times at specific hops might suggest connectivity problems at those locations.
• A traceroute showing all “timed out” hops likely indicates a local connectivity issue.
• Clues include unexpected locations for the final IP address (e.g., a website hosted in Australia but routed through Switzerland could indicate hacking).