randy/rgnet-wiki
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

from wiki

Browse source
This commit is contained in:
Randy Bush 2020-07-04 15:27:18 -07:00
parent f00ae1e1e8
commit 19ad279dc6
1 changed files with 123 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

123
pages/Apricot2017Sec.md Normal file
View file

@ -0,0 +1,123 @@
# APRICOT 2017 Security Workshop 2017.02.20-24
## Daily Schedule
| | |
| --------- | ------------- |
| Session 1 | 09:00 - 10:30 |
| Tea | 10:30 - 11:00 |
| Session 2 | 11:00 - 12:30 |
| Lunch | 12:30 - 14:00 |
| Session 3 | 14:00 - 15:30 |
| Tea | 15:30 - 16:00 |
| Session 4 | 16:00 - 17:30 |
| | |
## Instructors
| | | | |
| ----------- | ------------------- | --------------------------------------------------------- | ---------- |
| **cristel** | Cristel Pelsser | [Uni Strasbourg](https://clarinet.u-strasbg.fr/~pelsser/) | France |
| **maz** | Yoshinobu Matzusaki | [Internet Initiative Japan](http://www.iij.ad.jp) | Japan |
| **pappu** | Fakrul Alam | [APNIC](https://apnic.net) | Bangladesh |
| **randy** | Randy Bush | [Internet Initiative Japan](http://www.iij.ad.jp) | Japan |
| **toai** | Toai Vi | [RMIT University Vietnam](http://www.rmit.edu.vn/) | Viet Nam |
| | | | |
## Official Song
[Spyin NSA - by Keith Alexander, Daniel J. Bernstein, Timo Kasper, Tanja Lange, and Peter Schwabe](http://www.anagram.com/jcrap/Volume_9/spyin.pdf)
## Movies!
Some time during the week, please watch Haroon Meer's excellent keynote, *[Learning the wrong lessons from Offense](http://t2.fi/2017/02/05/haroon-meer-keynote-2016/)*, from the t216 Infosec Conference in Helsinki.
## Agenda
| | | | |
| :------------ | :-------------------------------------------------- | :-------------- | :----------------------------------------------------------- |
| **Day 1** | **Topic** | **Inst** | **Presentations** |
| | | | |
| Session 0 | Intro | randy | [1-0-1 Intro](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/1-0-1.intro.pdf) |
| | - admin | | |
| | - agenda | | |
| | - materials and resources | | |
| | - facilities and wireless | | |
| Session 1 | Assets & Threat Models | cristel | [1-1-1 Assets, Threats, Pragmatics](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/1-1-1.AssetsThreats.pdf) |
| | - what assets are we protecting? | | |
| | - from what kinds of attackers? | | |
| | .. kiddies | | |
| | .. financial gain | | |
| | .. nation state (you're dead) | | |
| | Threat Pragmatics | | |
| | . to network infrastructure (routing, wiretap, ...) | | |
| | . to service infrastructure (dns, mail, ...) | | |
| | .to users | | |
| | Social Engineering | | |
| Session 2 | Cryptography | randy | [1-2-1 Crypto Overview](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/1-2-1.Crypto-Overview.pdf) |
| | - symmetric encryption | | |
| | - asymmetric encryption | | |
| | - digital signatures | | |
| | - hash functions | | |
| | - certificates & trust anchors | | |
| Session 3-4 | Cryptography Applications / PGP | maz | |
| | - gpg | | [1-3-1 PGP](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/1-3-1.PGP.pdf) |
| | - PGP Lab | maz & pappu | [1-3-2 PGP Lab](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/1-3-2.PGP_Lab.pdf) |
| | | | [1-3-1 GPG Mail for Mac OS X](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/) |
| | | | |
| **Day 2** | **Topic** | **Inst** | **Presentations** |
| | | | |
| Session 1 | Cryptography Applications | | |
| | - ssh | randy | [2-1-1 SSH](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/2-1-1.ssh.pdf) |
| | - ssh lab | pappu and maz | [2-1-2 SSH Lab](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/2-1-2.ssh-lab.pdf) |
| Session 2 | Wireshark | cristel | [2-2-1 wireshark](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/2-2-1.Wireshark.pdf) |
| | - wireshark lab | cristel & pappu | [2-2-2 wireshark lab](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/2-2-2.WiresharkExerciseData.zip) |
| Session 3 | Cryptography Applications | maz | |
| | - VPNs, IPsec, TLS | | [2-3-1 VPN IPsec TLS](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/2-3-1.vpn-tls.pdf) |
| Session 4 | OpenVPN & pfSense | randy | [2-4-1 OpenVPN lab](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/2-4-1.openvpn.pdf) |
| | | | |
| **Day 3** | **Topic** | **Inst** | **Presentations** |
| | | | |
| Session 1 | Network Infrastructure | | |
| | - overview | cristel | [3-1-1 rtrs-switches](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/3-1-1.rtrs-switches.pdf) |
| | - data plane | cristel | [3-1-2 Filtering at border](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/3-1-2.Filtering-at-border.pdf) |
| | - Logging and Monitoring | maz | [3-1-3 Logging Monitoring](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/3-1-3.logging-monitoring.pdf) |
| Session 2 | anomaly and firewalls | maz | |
| | - anomaly | | [3-2-1 anomaly](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/3-2-1.anomaly.pdf) |
| | - fierwalls | | [3-2-2 firewalls](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/3-2-2.firewalls.pdf) |
| Session 3 | SSL | pappu | [3-2-1.ssl](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/3-2-1.ssl.pdf) |
| | | pappu | [3-2-2.ssl lab](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/3-2-2.ssl_lab.pdf) |
| | | | |
| **Day 4** | **Topic** | **Inst** | **Presentations** |
| | | | |
| Session 1 | DNS & DNS Security | rick | |
| | - DNS | | DNS.pptx |
| | - DNS Security | | DNS_Security.pptx |
| | - DNS Rate Limiting | randy | [4-1-3 DNS Rate Limiting](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/4-1-3.dns-rate-limit.pdf) |
| Session 2 | IDS | | |
| | - IDS pragmatics - snort | cristel | [4-2-1.snort](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/4-2-1.snort.pdf) |
| | - IDS pragmatics - snort-lab | cristel & pappu | [4-2-2.snort-lab](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/4-2-2.snort-lab.pdf) \| [4-2-3.snort_lab_answer](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/4-2-3.snort_lab_answer.rtf) |
| Session 3 | Protecting Hosts from Net | maz | |
| | - hosts | | [4-3-1 Hosts](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/4-3-1.host.pdf) |
| Session 4 | Virus, Mail and Browsing | | |
| | - Anti-virus | maz | [4-4-1 Anti-virus](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/4-4-1.anti-virus.pdf) |
| | - Safe Mail Practices | randy | [4-4-2 Safer Mail](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/4-4-2.safer-mail.pdf) |
| | - Safe Browsing Practices | randy | [4-4-3 Safer browsing](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/4-4-3.safer-browsing.pdf) |
| | - File & Disk Encryption | randy | [4-4-4 File & Disk Encryption](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/4-4-4.file-encrypt.pdf) |
| | | | |
| **Day 5** | **Topic** | **Inst** | **Presentations** |
| | | | |
| Session 1 | Inter-Host Protocols | | |
| | - sftp, ... | randy | [4-5-1 sftp & scp](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/4-5-1.scp%2Bsftp.pdf) |
| | - Covert Channels, TOR, Steganography | cristel | [5-1-2 Covert Channels](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/5-1-2.Covert-Channels.pdf) |
| Session 2 | Inter-Network Cooperation | maz | |
| | - Communities and Cooperation | | [5-2-1 Security Communities](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/5-2-1.cooperation.pdf) |
| Session 3 & 4 | Dessert | randy | |
| | Protecting Routing Protocols | randy | Protecting Routing Protocols |
| | Telco vs Internet & Complexity | randy | [Complexity](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/6-6-6.complexity.pdf) |
| | Critical Infrastructure and SW Eng | randy | [Critical Infrastructure and Software Engineering](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/6-6-6.dagstuhl-CI.pdf) |
| | | | |
| **Day 6** | **Topic** | **Inst** | **Presentations** |
| | | | |
| Session 1 | Virtual Box & !pfSense | randy | [6-1-1 Install VirtualBox & pfSense](https://wiki.rg.net/raw-attachment/wiki/Apricot2017Sec/6-1-1.vbox-pfsense.pdf) |
| Session 2 | Configure OpenVPN | randy | [6-1-2 Configure OpenVPN Server |