rgnet-wiki/pages/Apricot2016Sec.md

APRICOT 2016 Security Workshop 2016.02.15-19

Daily Schedule

Session 1	09:00 - 10:30
Tea	10:30 - 11:00
Session 2	11:00 - 12:30
Lunch	12:30 - 14:00
Session 3	14:00 - 15:30
Tea	15:30 - 16:00
Session 4	16:00 - 17:30

Instructors

alisha	Alisha Gurung	Tashi Cell	Bhutan
maz	Yoshinobu Matzusaki	Internet Initiative Japan	Japan
randy	Randy Bush	Internet Initiative Japan	Japan
daniel	Daniel Griggs	New Zealand Registry Services	New Zealand

Official Song

Spyin’ NSA - by Keith Alexander, Daniel J. Bernstein, Timo Kasper, Tanja Lange, and Peter Schwabe

Agenda

Day 1	Topic	Inst	Presentations
Session 0	Intro	randy	1-0-1 Intro
	- admin
	- agenda
	- materials and resources
	- facilities and wireless
Session 1	Assets & Threat Models	randy	1-1-1 Assets, Threats, Pragmatics
	- what assets are we protecting?
	- from what kinds of attackers?
	.. kiddies
	.. financial gain
	.. nation state (you're dead)
	Threat Pragmatics
	. to network infrastructure (routing, wiretap, ...)
	. to service infrastructure (dns, mail, ...)
	.to users
	Social Engineering
Session 2	Cryptography	randy	1-2-1 Crypto Overview
	- symmetric encryption
	- asymmetric encryption
	- digital signatures
	- hash functions
	- certificates & trust anchors
Session 3-4	Cryptography Applications / PGP	maz
	- gpg		1-3-1 PGP
	- PGP Lab	alisha & daniel	1-3-2 PGP Lab
			1-3-1 GPG Mail for Mac OS X
Day 2	Topic	Inst	Presentations
Session 1	Cryptography Applications
	- ssh	randy	2-1-1 SSH
Session 2	Wireshark	maz	2-4-1 wireshark
	- wireshark lab	maz	2-4-1 wireshark lab
Session 3	Cryptography Applications	maz
	- VPNs, IPsec, TLS		2-2-1 VPN IPsec TLS
Session 4	OpenVPN & pfSense	randy	2-3-1 OpenVPN
Day 3	Topic	Inst	Presentations
Session 1	Network Infrastructure	daniel
	- management pane	daniel	3-1 Management Plane
	- control plane	daniel	3-2 Control Plane Protection
	- data plane	daniel	3-3 Data Plane Protection
	- Logging and Monitoring	daniel	3-4 Monitoring
Day 4	Topic	Inst	Presentations
Session 1	DNS & DNS Security	alisha
	- DNS		DNS.pptx
	- DNS Security		DNS_Security.pptx
	- DNS Rate Limiting	randy	4-1-3 DNS Rate Limiting
Session 2	IDS	maz
	- IDS pragmatics - snort		3-4-1.snort
Session 3	Protecting Hosts from Net	maz
	- hosts		4-2-1 Hosts
	- Recovery Plan!		4-2-2 wipe, recovery
Session 4	Virus, Mail and Browsing
	- Anti-virus	maz	4-3-1 Anti-virus
	- Safe Mail Practices	randy	4-3-2 Safer Mail
	- Safe Browsing Practices	randy	4-3-3 Safer browsing
	- File & Disk Encryption	randy	4-3-4 File & Disk Encryption
Day 5	Topic	Inst	Presentations
Session 1	Inter-Host Protocols
	- sftp, ...	randy	4-4-1 sftp & scp
	- Covert Channels, TOR, Steganography	randy	4-4-2 Covert Channels
Session 2	Inter-Network Cooperation	maz
	- Communities and Cooperation		5-2-1 Security Communities
Session 3 & 4	Dessert	randy
	Protecting Routing Protocols	randy	Protecting Routing Protocols
	Telco vs Internet & Complexity	randy	Complexity
	Critical Infrastructure and SW Eng	randy	Critical Infrastructure and Software Engineering