wiki:Apricot2017Sec

Version 28 (modified by pappu, 2 years ago) (diff)

--

APRICOT 2017 Security Workshop 2017.02.20-24

Daily Schedule

Session 1 09:00 - 10:30
Tea 10:30 - 11:00
Session 2 11:00 - 12:30
Lunch 12:30 - 14:00
Session 3 14:00 - 15:30
Tea 15:30 - 16:00
Session 4 16:00 - 17:30

Instructors

cristel Cristel Pelsser Uni Strasbourg France
maz Yoshinobu Matzusaki Internet Initiative Japan Japan
pappu Fakrul Alam APNIC Bangladesh
randy Randy Bush Internet Initiative Japan Japan
toai Toai Vi RMIT University Vietnam Viet Nam

Official Song

Spyin’ NSA - by Keith Alexander, Daniel J. Bernstein, Timo Kasper, Tanja Lange, and Peter Schwabe

Movies!

Some time during the week, please watch Haroon Meer's excellent keynote, Learning the wrong lessons from Offense, from the t2’16 Infosec Conference in Helsinki.

Agenda

Day 1 Topic Inst Presentations
Session 0 Intro randy 1-0-1 Intro
- admin
- agenda
- materials and resources
- facilities and wireless
Session 1 Assets & Threat Models cristel 1-1-1 Assets, Threats, Pragmatics
- what assets are we protecting?
- from what kinds of attackers?
.. kiddies
.. financial gain
.. nation state (you're dead)
Threat Pragmatics
. to network infrastructure (routing, wiretap, ...)
. to service infrastructure (dns, mail, ...)
.to users
Social Engineering
Session 2 Cryptography randy 1-2-1 Crypto Overview
- symmetric encryption
- asymmetric encryption
- digital signatures
- hash functions
- certificates & trust anchors
Session 3-4 Cryptography Applications / PGP maz
- gpg 1-3-1 PGP
- PGP Lab maz & pappu 1-3-2 PGP Lab
1-3-1 GPG Mail for Mac OS X
Day 2 Topic Inst Presentations
Session 1 Cryptography Applications
- ssh randy 2-1-1 SSH
- ssh lab pappu and maz 2-1-2 SSH Lab
Session 2 Wireshark cristel 2-2-1 wireshark
- wireshark lab pappu 2-2-2 wireshark lab
Session 3 Cryptography Applications maz
- VPNs, IPsec, TLS 2-3-1 VPN IPsec TLS
Session 4 OpenVPN & pfSense randy 2-4-1 OpenVPN lab
Day 3 Topic Inst Presentations
Session 1 Network Infrastructure
- overview cristel 3-1-1 rtrs-switches
- data plane maz 3-1-2 Filtering at border
- Logging and Monitoring maz 3-1-3 Logging Monitoring
Session 2 SSL pappu 3-2-1.ssl
pappu 3-2-2.ssl lab
Day 4 Topic Inst Presentations
Session 1 DNS & DNS Security rick
- DNS DNS.pptx
- DNS Security DNS_Security.pptx
- DNS Rate Limiting randy 4-1-3 DNS Rate Limiting
Session 2 IDS
- IDS pragmatics - snort 3-4-1.snort
Session 3 Protecting Hosts from Net maz
- hosts 4-2-1 Hosts
- Recovery Plan! 4-2-2 wipe, recovery
Session 4 Virus, Mail and Browsing
- Anti-virus maz 4-4-1 Anti-virus
- Safe Mail Practices randy 4-4-2 Safer Mail
- Safe Browsing Practices randy 4-4-3 Safer browsing
- File & Disk Encryption randy 4-4-4 File & Disk Encryption
Day 5 Topic Inst Presentations
Session 1 Inter-Host Protocols
- sftp, ... randy 4-5-1 sftp & scp
- Covert Channels, TOR, Steganography ???? 4-4-2 Covert Channels
Session 2 Inter-Network Cooperation maz
- Communities and Cooperation 5-2-1 Security Communities
Session 3 & 4 Dessert randy
Protecting Routing Protocols randy Protecting Routing Protocols
Telco vs Internet & Complexity randy Complexity
Critical Infrastructure and SW Eng randy Critical Infrastructure and Software Engineering

Attachments (40)