= APRICOT 2017 Security Workshop 2017.02.20-24 = == Daily Schedule == || || || ||Session 1 ||09:00 - 10:30 || ||Tea ||10:30 - 11:00 || ||Session 2 ||11:00 - 12:30 || ||Lunch ||12:30 - 14:00 || ||Session 3 ||14:00 - 15:30 || ||Tea ||15:30 - 16:00 || ||Session 4 ||16:00 - 17:30 || || || || == Instructors == || || || || || ||'''cristel''' || Cristel Pelsser || [https://clarinet.u-strasbg.fr/~pelsser/ Uni Strasbourg] || France || ||'''maz''' || Yoshinobu Matzusaki || [http://www.iij.ad.jp Internet Initiative Japan] || Japan || ||'''pappu''' || Fakrul Alam || [https://apnic.net APNIC] || Bangladesh || ||'''randy''' || Randy Bush || [http://www.iij.ad.jp Internet Initiative Japan] || Japan || || '''toai''' || Toai Vi || [http://www.rmit.edu.vn/ RMIT University Vietnam] || Viet Nam || || || || || || == Official Song == [http://www.anagram.com/jcrap/Volume_9/spyin.pdf Spyin’ NSA - by Keith Alexander, Daniel J. Bernstein, Timo Kasper, Tanja Lange, and Peter Schwabe] == Movies! == Some time during the week, please watch Haroon Meer's excellent keynote, //[http://t2.fi/2017/02/05/haroon-meer-keynote-2016/ Learning the wrong lessons from Offense]//, from the t2’16 Infosec Conference in Helsinki. == Agenda == || || || || || ||='''Day 1''' ||='''Topic''' ||='''Inst''' ||='''Presentations''' || || || || || || ||Session 0 || Intro || randy || [raw-attachment:1-0-1.intro.pdf 1-0-1 Intro] || || || - admin || || || || || - agenda || || || || || - materials and resources || || || || || - facilities and wireless || || || ||Session 1 || Assets & Threat Models || cristel || [raw-attachment:1-1-1.AssetsThreats.pdf 1-1-1 Assets, Threats, Pragmatics] || || || - what assets are we protecting? || || || || || - from what kinds of attackers? || || || || || .. kiddies || || || || || .. financial gain || || || || || .. nation state (you're dead) || || || || || Threat Pragmatics || || || || || . to network infrastructure (routing, wiretap, ...) || || || || || . to service infrastructure (dns, mail, ...) || || || || || .to users || || || || || Social Engineering || || || ||Session 2 || Cryptography || randy || [raw-attachment:1-2-1.Crypto-Overview.pdf 1-2-1 Crypto Overview] || || || - symmetric encryption || || || || || - asymmetric encryption || || || || || - digital signatures || || || || || - hash functions || || || || || - certificates & trust anchors || || || ||Session 3-4 || Cryptography Applications / PGP || maz || || || || - gpg || || [raw-attachment:1-3-1.PGP.pdf 1-3-1 PGP] || || || - PGP Lab || maz & pappu || [raw-attachment:PGP-Lab.pdf 1-3-2 PGP Lab] || || || || || [raw-attachment: 1-3-1 GPG Mail for Mac OS X] || || || || || || ||='''Day 2''' ||='''Topic''' ||='''Inst''' ||='''Presentations''' || || || || || || ||Session 1 || Cryptography Applications || || || || || - ssh || randy || [raw-attachment:2-1-1.ssh.pdf 2-1-1 SSH] || || || - ssh lab || pappu and maz || || ||Session 2 || Wireshark || cristel || [raw-attachment:2-2-1.Wireshark.pdf 2-2-1 wireshark] || || || - wireshark lab || pappu || [raw-attachment:Wireshark-lab.zip 2-2-2 wireshark lab] || ||Session 3 || Cryptography Applications || maz || || || || - VPNs, IPsec, TLS || || [raw-attachment:2-3-1.vpn-tls.pdf 2-3-1 VPN IPsec TLS] || ||Session 4 || OpenVPN & pfSense || randy || [raw-attachment:2-4-1.openvpn.pdf 2-4-1 OpenVPN lab] || || || || || || ||='''Day 3''' ||='''Topic''' ||='''Inst''' ||='''Presentations''' || || || || || || ||Session 1 || Network Infrastructure || || || || || - overview || cristel || [raw-attachment:3-1-1.rtrs-switches.pdf 3-1-1 rtrs-switches] || || || - data plane || maz || [raw-attachment:3-1-2.Filtering-at-border.pdf 3-1-2 Filtering at border] || || || - Logging and Monitoring || maz || [raw-attachment:3-1-3.Logging-Monitoring.pdf 3-1-3 Logging Monitoring] || ||Session 2 || SSL || pappu || [raw-attachment:3-2-1.ssl.pdf 3-2-1.ssl] || || || || pappu || [raw-attachment:3-2-2.ssl-labs.pdf 3-2-2.ssl lab] || || || || || || ||='''Day 4''' ||='''Topic''' ||='''Inst''' ||='''Presentations''' || || || || || || ||Session 1 || DNS & DNS Security || rick || || || || - DNS || || [raw-attachment:DNS.pptx] || || || - DNS Security || || [raw-attachment:DNS_Security.pptx] || || || - DNS Rate Limiting || randy || [raw-attachment:4-1-3.dns-rate-limit.pdf 4-1-3 DNS Rate Limiting] || ||Session 2 ||IDS || || || || || - IDS pragmatics - snort || || [raw-attachment:3-4-1.snort-ids.pdf 3-4-1.snort] || ||Session 3 || Protecting Hosts from Net || maz || || || || - hosts || || [raw-attachment:4-2-1.hosts.pdf 4-2-1 Hosts] || || || - Recovery Plan! || || [raw-attachment:4-2-2.wipe-etc.pdf 4-2-2 wipe, recovery] || ||Session 4 || Virus, Mail and Browsing || || || || || - Anti-virus || maz || [raw-attachment:4-4-1.anti-virus.pdf 4-4-1 Anti-virus] || || || - Safe Mail Practices || randy || [raw-attachment:4-4-2.safer-mail.pdf 4-4-2 Safer Mail] || || || - Safe Browsing Practices || randy || [raw-attachment:4-4-3.safer-browsing.pdf 4-4-3 Safer browsing] || || || - File & Disk Encryption || randy || [raw-attachment:4-4-4.file-encrypt.pdf 4-4-4 File & Disk Encryption] || || || || || || ||='''Day 5''' ||='''Topic''' ||='''Inst''' ||='''Presentations''' || || || || || || ||Session 1 || Inter-Host Protocols || || || || || - sftp, ... || randy || [raw-attachment:4-5-1.scp+sftp.pdf 4-5-1 sftp & scp] || || || - Covert Channels, TOR, Steganography || ???? || [raw-attachment:4-4-2.Covert-Channels.pdf 4-4-2 Covert Channels] || ||Session 2 || Inter-Network Cooperation || maz || || || || - Communities and Cooperation || || [raw-attachment:5-2-1-cooperation.pdf 5-2-1 Security Communities] || ||Session 3 & 4 || Dessert || randy || || || || Protecting Routing Protocols || randy || [raw-attachment:160219.routing-protocols.pdf Protecting Routing Protocols] || || || Telco vs Internet & Complexity || randy || [raw-attachment:160219.complexity.pdf Complexity] || || || Critical Infrastructure and SW Eng || randy || [raw-attachment:160219.CI-apricot.pdf Critical Infrastructure and Software Engineering] || || || || || ||