Introduction to Secure Registry Operations
Date: Jan 2016
Venue: SANOG 27/Kathmandu
Instructors: Champika Wijayatunga and Rick Lamb
Agenda:
Time | Topic | Link |
Welcome & Introduction | ||
Introduction to Course Architecture | ||
> Exercise: SSH keys | txt | |
Secure Operations Overview | ||
Update: An Incident Response Checklist | ||
> Exercise: acct | txt | |
Cyber Attack Scenario Overview | ||
Reconnaissance and Enumeration | ||
> Exercise: Port Scanning | txt | |
Log Management | ||
> Exercise: Log Management with SWATCH | txt | |
> Exercise: Centralized Logging | txt | |
> Exercise: Detecting Router Configuration Changes | txt | |
Breaking In | ||
> Exercise: Brute Force SSH Attack | txt | |
> Exercise: Secure SSH Configuration | txt | |
Zone Transfer | - | |
> Exercise: Zone Transfer Monitoring | txt | |
> Exercise: Zone Transfer Mitigation | txt | |
Cacti | ||
SNMP | ||
> Exercise: Cacti | txt | |
NAGIOS Monitoring Framework | ||
> Exercise: NAGIOS Configuration | txt | |
Disruption | ||
Smokeping | ||
Netflow | ||
Nfsen | ||
> Exercise: NFSen & NetFlow | txt | |
Nfsen Example | ||
Mitigation Strategies | ||
End of Course Wrap-up, Critique, Certificates | - |