| Workshop Outline | Topics | Assessment | ccTLDs Amsterdam | ccTLD Nepal | Planning Notes | Emails |
Here is a sample 5-day workshop outline. At the end of this outline are additional topics that we will have materials available for. In addition, you can view the Topics table for a detailed view of each topic, status of materials and how they relate to each other.
Each session is 90 minutes in length. There is a lunch break between sessions 2 and 3.
Advanced ccTLD Workshop
Draft Outline
5 Day Workshop
--------------
DAY 1
-----
Session 1: Introduction and Welcomes
Country presentations
Session 2: Country presentations cont.
Lunch
Session 3: Operating System Basics, Tips and Tricks
Session 4: Cryptography Intro - Ciphers, Public/Private Keys,
Digital Signatures, Certificates. Mention of where
these fit (PGP, SSH, SSL, DNSSEC, HTTPS, POPS, IMAPS, etc.)
DAY 2
-----
Session 1: Cryptography cont.
Session 2: DNSSEC - Overview
- What is DNSSEC
- How does it work and what does it offer ?
- Where are we today and what are the alternatives
- What does deployment roadmap look like ?
Lunch
Session 3: Single to multiple registry to registrar model
- Why transition ?
- Administrative, and operational comparison of 2 tier vs 3 tier model
- Technical implications
- Impact on policy
Session 4: Single to multiple registry to registrar model cont.
- Choosing and implementing a Registry- Registrar interface (EPP or other)
- Database schema, and normalization of registrar and registrant data
- DB API, methods and tools
- Database and middleware choices
DAY 3
-----
Session 1: Scripting
- System scripts (bash)
- Perl, Python, Ruby, RegEx
Session 2: Scripting cont.
- More practice and use, including some focus on DNS specific items like:
a Perl coding example with Net::DNS and similar modules, to ease DNS
monitoring, debugging, ...
Lunch
Session 3: Building Out Your Registry (30+ minute intro)
- Scaling your operation
- Monitoring your network and Registry specific services
+ Key services using SmokePing, Nagios, DNSMON, etc.
- Monitoring of DB, nameservers, web servers, monitoring of zone data,
zone export processes and the general "production chain" from producing
a zone file to serving the right contents.
- Support systems including helpdesk and ticket/support systems
- Archiving/Backups (recovery from security incidents)
- Constant query logging- saving all DNS queries for the last few days
to facilitate analysis of DNS traffic (including attacks)
Registry Tools:
- TinyReg
- Registro
- CoCCA
- CodevNIC
- .NZ Registry/Registrar code
- Isle of Mann (.IM) EPP-compliant code
Session 4: Build up Workstation as Needed to support previous topics
We'll install and configure:
- SNMP
- MRTG/RRDTool
- Nagios
- Smokeping
- DNSMON
- Trac (possibly RT)
- Syslog, rsync,
Initial Introduction to SNMP
DAY 4
-----
Session 1: SNMP Cont.
Session 2: Install and Discuss MRTG/RRDTool
Revision Control in Practice
- Install and use CVS
Lunch
Session 3: Setup rsync with practical backup example
Discuss and Install Nagios
Session 4: Setup key service monitoring with Nagios
- HTTP on all PCs in class
Setup Smokeping with DNS check
DAY 5
-----
Session 1: Install/Configure logging
- Log all DNS queeries
- Log IP traffic to/from nameservers using wireshark
Session 2: Potential Helpdesk/Ticketing Systems
- Install Trac (or RT)
- Concept of SLA and ticketing systems (Who is the customer?)
Lunch
Session 3: Helpdesk/Ticketing Systems cont.
- Sample live ticket generation. Down service noted by Nagios
or SmokePing. Generates ticket, generates email.
Revisit Building Out Your Registry
- What do you need for your registry software?
+ Database(s)
+ Revision control
Session 4: Discuss SLAs Again
Revisit Building Out Your Registry one final time
Course Summary and Review
Student Feedback
Hand out Certificates
ADDITIONAL TOPICS
-----------------
* Ticket System with RT or Trac, depending on which is taught.
* Security: additional depth of discussion on cryptographic techniques.
* SSL:
- Discussion of trust model.
- Digital certificate generation.
- HTTPS
* PGP:
- Key signing
* Databases additional
- Possible example w/PostGreSQL and Whois Server and/or showing how to
use a DB to store zone information.
- Whois data
- Billing data
- Dealing with versioning/change control in a DB environment
* DNSSEC: More detail or practicals, like signing:
* TSIG (as part of DNS)