Skip to content

Latest commit

 

History

History
137 lines (124 loc) · 8.95 KB

README.md

File metadata and controls

137 lines (124 loc) · 8.95 KB

Bhutan NOG 2017 Security Workshop 2017.06.06-09

Daily Schedule

Session Time
Session 1 09:00 - 10:30
Tea 10:30 - 11:00
Session 2 11:00 - 12:30
Lunch 12:30 - 13:30
Session 3 13:30 - 15:00
Tea 15:00 - 15:30
Session 4 15:30 - 17:00

Instructors

Instructor Name Affiliation Country
alisha Alisha Gurung Bhutan Telcom Bhutan
maz Yoshinobu (Maz) Matzusaki Internet Initiative Japan Japan
randy Randy Bush Internet Initiative Japan Japan

Tools

If you run a datacenter or a significant office LAN, you should look seriously at running a few Canaries; and a Guide for Deploying Canaries.

pfSense, a free Firewall, VPN, ... solution.

Movies!

Some time during the week, please watch Haroon Meer's excellent keynote, Learning the wrong lessons from Offense, from the t2’16 Infosec Conference in Helsinki.

Official Song

Spyin’ NSA - by Keith Alexander, Daniel J. Bernstein, Timo Kasper, Tanja Lange, and Peter Schwabe

Agenda

Day/Session Topic Instructor Material
Day 1 Topic Instructor Materials
Session 0 Intro randy 1-0-1 Intro
- admin
- agenda
- materials and resources
- facilities and wireless
Session 1 Assets & Threat Models randy 1-1-1 Assets, Threats, Pragmatics
- what assets are we protecting?
- from what kinds of attackers?
.. kiddies
.. financial gain
.. nation state (you're dead)
Threat Pragmatics
. to network infrastructure (routing, wiretap, ...)
. to service infrastructure (dns, mail, ...)
. to users
Social Engineering
Session 2 Cryptography randy 1-2-1 Crypto Overview
- symmetric encryption
- asymmetric encryption
- digital signatures
- hash functions
- certificates & trust anchors
Session 3-4 Cryptography Applications / PGP maz
- checksum maz 1-3-1 checksum
1-3-1 hello-unix.dat
1-3-1 hello-win.dat
- PGP Lab maz & alisha 1-3-2 PGP
1-3-2 email-header
1-3-2 mailvelope
Day 2 Topic Instructor Materials
Session 1 Cryptography Applications
- ssh randy 2-1-1 SSH
- ssh lab alisha and maz 2-1-2 SSH Lab
Session 2 Wireshark maz 2-2-1 wireshark
- wireshark lab maz & alsiha 2-2-1 wireshark lab
Session 3 Cryptography Applications maz
- VPNs, IPsec, TLS 2-3-1 VPN IPsec TLS
Session 4 OpenVPN & pfSense randy 2-4-1 OpenVPN lab
Day 3 Topic Instructor Materials
Session 1 Network Infrastructure maz 3-1-1 securing network
Session 2 anomaly and firewalls maz
- anomaly 3-2-1 anomaly
- fierwalls 3-2-2 firewalls
Session 3 DNS & DNS Security alisha
- DNS 3-3-1 DNS
- DNS Security 3-3-2 DNS Security
Session 4 nmap maz 3-4-1 scanning
Day 4 Topic Instructor Materials
Session 1 IDS
- IDS pragmatics - snort maz 4-1-1.ids
Session 2 Protecting Hosts from Net maz
- clients 4-2-1 Hosts
Session 3 Communities and cooperation maz 4-3-1 cooperation
Session 4 Safer Mail and Browsing
- Safe Mail Practices randy 4-4-1 Safer Mail
- Safe Browsing Practices randy 4-4-2 Safer browsing
- File & Disk Encryption randy 4-4-3 File & Disk Encryption
scp and sftp randy 4-4-4 scp and sftp
DNS Rate Limiting randy 4-4-5 DNS Rate Limiting
workshop setup maz workshop setup
Day 5 Topic Instructor Materials
Session 1 Inter-Host Protocols
- sftp, ... randy 4-5-1 sftp & scp
- Covert Channels, TOR, Steganography cristel 5-1-2 Covert Channels
Session 2 Inter-Network Cooperation maz
- Communities and Cooperation 5-2-1 Security Communities
Session 3 & 4 Dessert randy
Protecting Routing Protocols randy Protecting Routing Protocols
Telco vs Internet & Complexity randy Complexity
Critical Infrastructure and SW Eng randy Critical Infrastructure and Software Engineering
Day 6 Topic Instructor Materials
Session 1 Virtual Box & pfSense randy 6-1-1 Install VirtualBox & pfSense
Session 2 Configure OpenVPN randy 6-1-2 Configure OpenVPN Server