Goals
This workshop will focus on security from the following perspectives
- Network: Ingress, egress filters, BCP 38, network intrusion
detection, network traffic etc;
- Server side: proper admin procedures, firewalls, secure
services, etc.
The workshop is aimed at Network and System administrators who are
interested in learning best practices for maintaining a secure and
stable
operating environment. Labs constitute about 60% of the course.
Core Topics
- Security: threats, risks and attacks, security life cycle
- Demo: demo: dsniff, metasploit, DNS hijack, buffer overflow, SQL
injections
- Cryptography basics
- Cryptography applied: using SSH
- Encryption with GPH and OpenSSL
- Logging and Auditing
- Network Security
- ACLs
- Authentication and Authorization
- TACACS/RADIUS/LDAP
- IDS methods and tools, using nmap, snort, netflow, building an NFR
- Apache and SSL, TLS
Dates
- Track 3: Tuesday 3rd - Friday 6th December
Pre-requisites
This is an introductory workshop. Participants don't need to have
extensive experience with PCs or network devices, but should be
aware of how to use command line interface for managing network
equipment, and be familiar with IPv4 and TCP/IP protocols.
PARTICIPANTS ARE REQUIRED TO BRING A LAPTOP COMPUTER.
Instructors
- Phil Regnauld, NSRC,
Denmark
- Andy Linton, NSRC,
New Zealand
Workshop Materials
The workshop materials and working configurations for each of the
lab exercise will be available at the end of the workshop.
| |
