PacNOG PacNOG

Fifth PacNOG Meeting: Track 3: Network Security

(Pacific Network Operators Group)

[Main Page | Track 1: Linux & Network Management]
[Track 2: Routing and IPv6 | Track 4: VoIP]

DETAILED AGENDA

  • Presentations: PDF
  • Labs: PDF
  • NetFlow and NFSen: here
Session I
  • Introduction to Security Fundamentals
    General Overview of Network and Host Security Principles
    Introduction to Security Technologies and Where They Apply
  • Practical Infrastructure Security
    Securing The Device
    Controlled Device Access using Filters and Encrypted Logins
    Protecting Integrity of System Images and Configuration Files
  • LAB I
    • Securing Device Access
      create secure user logins
      enable SSH access on routers
      compare Telnet vs SSH using network sniffers
      create filters to only allow trusted host SSH access
      disable unneeded services
      create accurate timestamps for system logs
Session II
  • Practical Infrastructure Security (cont)
    Securing The Data Path
    Firewalls and their applicability
    uRPF
    Securing The Routing Infrastructure
    Techniques and Best Practices
  • LAB II
    • Securing The Data Path
      create filters to protect against sending and/or receiving bad traffic
      configure uRPF
    • Securing The Routing Infrastructure
      configure route filters for BGP
      configure MD5 keys on eBGP/iBGP peers
Session III
  • IPv6 and Infrastructure Security
    Review of IPv6 Addressing and General Protocol Nuances
    Practical Infrastructure Security for IPv6 Networks
    Differences from IPv4 in certain areas
    Current standards work updates
  • LAB III
    • IPv6 Infrastructure Security
      Securing the Device, Data Path and Routing Infrastructure in an
      IPv6 environment
Session IV
  • Logging/Auditing
    Common pitfalls in logging and how to avoid them
    Tools used to make tracking potential issues easier
  • LAB IV
    • Logging via Syslog and using Netflow tools
    • NetFlow slides, NFSen exercises, NFSen Software available here.

 
[Return to Top]

  Last modified: Fri Jun 19 16:38:55 TAHT 2009