SANOG 17
11-18 January, 2010, Colombo, Sri Lanka.
Track 1: Advanced BGP Routing and IPv6 Deployment
Track 2: Campus Network Design and Network Management
Track 3: Network Forensics and DNSSec
Speakers Bio
Track 1: Advanced BGP Routing and IPv6 Deployment
Instructors: Gaurab Raj Upadhaya, Jonny Martin, Shankar
Who should attend:
This is a technical workshop, made up of lectures and hands-on lab work. Open to technical staff who are now or soon will be building or operating a wide area TCP/IP base Internet Service Provider (ISP) network or Internet eXchange Point (IXP), likely with international and/or multi-provider connectivity.
Pre-requisites:
Cisco IOS Fundamentals; user level UNIX and maybe some system administration; some use of network design, preferably TCP/IP-based.
- What you will learn:
Techniques for design, set-up, and operation of a metropolitan, regional, or national ISP backbone network. This includes advanced OSPF, BGP4, and policy based routing configurations.
- IOS Essentials every ISP should be doing. The hidden secrets that all key NSPs have been using for years, but not telling anyone (i.e. competitive advantage).
- Techniques for the design, set-up, and operation of Internet Exchange Points.
Techniques for multiple connections to the Internet (multihoming), including connections to IXPs and ISPs.
- Techniques to achieve optimal performance and configuration from a Cisco backbone router. This includes routing scalability, network design, and configuration tips.
Technologies covered:
IPv4 and IPv6, OSPF, iBGP, eBGP, BGP Scaling, BGP Policies, Route Reflectors, BGP Best Practices, BGP Configuration Essentials, Policy Routing, IXP Design.
Each class is different and tuned to the participants requirements. If there are any specific requirements, these should be communicated to the instructors during the workshops. The instructors who teach at these workshops are among the top Internet engineers today and between them, have a great deal of knowledge on many current technologies.
Track 2: Campus Network Design and Network Management
Instructors : Hervey Allen, Brian Candler and Carlos Vicente
Who should attend:
This is a technical workshop, made up of lectures and hands-on lab work. People who run campus networks for colleges and universities, ISPs with large Layer 2 networking environment will be benefit from this workshop.
Requirements:
All participants should bring Laptops.
Pre-requisites:
Basic working knowledge of IP Routing and TCP/IP networking environment. Students should also have basic knowledge of Unix environment and CLI.
What you will learn:
- The campus network design course emphasizes the importance of the campus network as the foundation in developing robust, high performance NRENs. The lab-based program addresses design methodologies, including physical cabling, switching architectures, core campus routing, network management, and network security.
Objectives
Track 3: Network Forensics and DNSSEC
Instructors :Cecil Goldstein, Champika Wijayatunga, Dileepa Lathsara
Who should attend:
This is workshop for those who have to deal with attacks, viruses, and infected computers on a day to day basis. This is for system administrators who are responsible for securing their network and also preving infection of client systems. Law Enforcement Persons will also find this very useful.
Requirements:
All participants should bring Laptops.
Pre-requisites:
Good working knowledge of IP Routing, and working knowledge of unix command line interface.
What you will learn:
- In this workshop a number of different modules will be presented looking at the nature of network attacks, how these occur, how they are controlled and how they can be identified.
TCP/IP Overview (if required)
Understanding TCP/IP traffic using Wireshark.
Introduction to Network Forensics:
This module will consider data sources used to collect network data, what data are commonly used in network forensics and which tools are commonly used to collect this data.
Understanding Botnets and Analysing Botnet Traffic
The role and impact of Botnets will be discussed and an overview of botnet operation, functionality and control presented. Participants will create and control an IRC based botnet and will use the botnet to initiate a ddos attack with the participants taking on the role of the “botherder” and controlling the infected machines. The network traffic generated in these exercises will be examined to see how botnet activity can be identified.
Investigating a malware infection:
Using several publicly available tools, participants will look at the traces that a malware infection can leave on an infected machine. These can include system changes and outgoing network traffic.
Netflow analysis:
In the courses of the workshop exercises netflow traffic can be collected. Participants will look at this netflow traffic using NFSEN and see how infected machines can be identified. This exercise will help participants understand netflow and how netflow can be used to help to protect a network.
Remote Access Tool (RAT) – Back Connect Infection (using Poison Ivy)
In this module participants will create a back-connect trojan using a Remote Access Tool (Poison-Ivy). They will then build the exploit which will be used to infect the compromised machine (install the trojan) using metasploit and deliver the exploit to the target machine (the bot). The functions that the RAT provides to control the bot via the back-connect will be examined.
DNS and DNS Secure Extensions (DNSSEC)
In this module students will create a full DNS hierarchy tree typical at a large network, along with multiple secondaries, zone transfers and resolvers. They'll then go to secure the DNS hierarchy with DNS Security Extensions. Students will learn to use TSIGs, sign the zones, and use of validating resolvers.
|