Agenda

Security Workshop

Time Schedule

Session 1 09:00 - 11:00
Break 11:00 - 11:30
Session 2 11:30 - 13:00
Lunch 13:00 - 14:00
Session 3 14:00 - 15:30
Break 15:30 - 16:00
Session 4 16:00 - 18:00

Instructors

maz Yoshinobu (Maz) Matzusaki Internet Initiative Japan (Link) Japan
pappu Fakrul Alam Bangladesh Network Operators Group bdNOG (Link) Bangladesh
patrick Patrick Okui Network Startup Resource Center (Link) Uganda
randy Randy Bush Internet Initiative Japan (Link) Japan
sheryl Sheryl Hermoso APNIC (Link) Australia
phil Phil Regnauld Network Startup Resource Center (Link) Denmark

Available reference materials here

Day 1 Topic Inst Presentations
Session 0 Intro randy 1-0-1 Intro
- admin
- agenda
- materials and resources
- facilities and wireless
Session 1 Assets & Threat Models phil & sheryl 1-1-1 Threats 1-1-2 Assets and Threats
- what assets are we protecting?
- from what kinds of attackers?
.. kiddies
.. financial gain
.. nation state (you're dead)
Threat Pragmatics phil 1-2 Pragmatics
- to network infrastructure (routing, wiretap, ...)
- to service infrastructure (dns, mail, ...)
- to users
Session 2 Cryptography phil 1-3 Cryptography
- symmetric encryption
- asymmetric encryption
- digital signatures
- hash functions
- certificates & trust anchors
- random number generation
Session 3 Cryptography Applications / PGP
- gpg patrick 1-3-1 PGP :: 2-1-1 PGP Lab
Day 2
Session 1 GPG/PGP continued
Session 2 Cryptography Applications
- SSH randy 2-2-1 SSH
Session 3-4 Cryptography Applications Cont
- VPNs, IPsec sheryl 2-2-2 VPN-IPsec-TLS 2-2-2 IPsec Lab
- TLS
Day 3
Session 1 Network Infrastructure
- router and switch protection randy 2-3-1 Protecting Routers and Switches
- DNS Rate Limiting & UDP Attacks randy 3-2-4.dns-rate-limit.pdf
- filtering at the border pappu 2-1-2 Filtering at the Border
- configuration & archiving randy 2-3-3 Archiving
Session 2-3 Anomaly detection
- Sick Host Detection patrick 3-2-1 Sick Hosts
- Logging and Monitoring pappu 2-3-1 Logging-monitoring
- IDS theory pappu 2-3-2 IDS Theory
- IDS pragmatics - snort patrick 3-2-4 Snort Pragmatics
- anomaly detection maz 2-3-4 Anomalies
- firewalls maz 2-3-5 Firewalls
Session 4 Network Infrastructure contd.
- Routing Protocol Protection randy 2-4-1 Routing Protocols 2-4-1 RPKI-Lab
Day 4
Session 1 Protecting Hosts from Net pappu, patrick, phil 3-1-1 Hosts
- Host hardening PDF
- Default Services PDF
- Keeping up to date - patching PDF
- Get Patches from the Source PDF
- Mobile Hosts 3-1-5 Mobile Node Security
Protecting User Hosts pappu, patrick
- Backup! PDF
- Authentication Credentials PDF
- Authentication Services PDF
- Host-based Firewalls PDF
- Scanning for Diseases PDF
Session 2-3 DNS
- DNS: auth, slave, cache phil 2-4-1 Securing DNS
- DNS Server Protection 2-4-2 DNSSEC
- Providing DNSsec patrick & randy 2-4-3 OpenDNSSEC
Session 4 - Validating/Using DNSsec patrick & phil 4-4-1 Validating-dns
Day 5
Session 1 Virus, Mail and Browsing
- Anti-virus maz & randy 4-1-1 Anti-virus
- Safe Mail Practices maz & randy 4-1-2 Safer mail
- Safe Browsing Practices maz & randy 4-1-3 Safer browsing
Inter-Host Protocols
- personal encryption of files pappu 3-4-1 File encryption
- ssh, rsync, sftp, ... randy 3-4-2.rsync+sftp.pdf
- Covert Channels, VPNS, TOR, Steganography sheryl 3-4-3 Covert Channels
Session 2 Plan in Advance
- Host Forensics & Analysis everyone 4-1-1 FreeBSD hack
- Incident Reporting and Pre-approvals sheryl 4-1-3 Incident Reporting
- External actors - who to trust (LEO or other) pappu 4-3-2 Leo
- Wipe, Recover, Replace maz & sheryl 4-1-5 Wipe-etc
Session 3 Inter-Network Cooperation maz
- NOGs, CSIRT 4-2 Inter-network Cooperation
- Security Communities 4-2-2 Inter-network Cooperation
Planning for the Future pappu PDF
Session 4 Atlas Probes randy 5-3-1.AtlasProbes.pdf Atlas Probes
Misc
Support docs Editors, SSH, ...
Last modified 5 years ago Last modified on Mar 11, 2014, 1:28:43 AM

Attachments (41)