netsec-20220627-bdnog14:agenda

System and Network Security Workshop Agenda

Time Schedule

Session 1 09:30 - 11:00
Session 2 11:30 - 13:00
Session 3 14:30 - 16:00
Session 4 16:30 - 18:00

* The above schedule is in Bangladesh Standard Time (UTC+6) *

Trainers

FL Name Email Organisation Country
SK Suman K Saha ADN Telecom Ltd Bangladesh
SS Shaila Sharmin BRAC Bank Ltd Bangladesh
SP Swapneel Patnekar swapneel(at)brainattic(dot)in APNIC Community Trainer India
MZ Yoshinobu Matsuzaki maz(at)iij.ad.jp IIJ Japan

Ask Questions here - Expires 15th Jul 2022
View Questions here
Survey

Sessions

Session Topic Trainer Presentations Exercises Other Resources
Monday
Session 1 Agenda
Security in Layers
Crypto Basics 		SP

SK 		Agenda
Security in Layers
Crypto Basics 		https://overthewire.org/wargames/bandit/bandit0.html Network Security Trends Nov 2021 to Jan 2022
25% of Internet users vulnerable to infrastructure attack
https://flipperzero.one
https://darknetdiaries.com/episode/
Diffie-Hellman Key Exchange - Youtube
Cyber Chef
Session 2 & 3 SSH Lab
2FA Lab
Hashing Lab 		SK Secure Shell SSH LAB
Two Factor Authentication
Hashing Lab 		Telnet for Mac
Putty
PuttyGen
Pageant
Microsoft File Checksum
WinAuth
Google Auth plugin
Session 4 IPsec VPN SS VPN and IPsec Deploying IPSec (Academy Lab)
IPsec Lab (Site-to-Site) 		IPsec Lab (Packet Tracer)
Deploying IPSec (Academy Lab)
Tuesday
Session 1 Distributed Denial of Service (DDoS)
Attacks and Countermeausures 		SP DDoS https://blog.apnic.net/?s=ddos
https://academy.apnic.net/en/webinar-courses/ddos-attack-prevention
Generating, Capturing and Analyzing DoS
and DDoS-centric Network Traffic
Session 2 Honeypots SK HoneyPots Setup Cowrie Cowrie Github Repo
APNIC HoneyNet Project
https://dash.apnic.net
Session 3 Packet Analysis SP Packet Analysis Lab pcaps
TShark Lab
WireShark Lab 		RFC791 - IP
RFC793 - TCP
Telnet pcap
SSH pcap
HTTP pcap
HTTPS pcap
IPv6 pcap
Session 4 Intrusion Detection SK Overview of IDS - Snort Snort lab
SNORT Lab Answer
Update SNORT and review rules
Optional
Use nmap to do Xmas tree scan
Bruteforce SSH 		Snorpy Web based Rule Creator
http://www.cyb3rs3c.net - snorpy web UI
Blog post about Snorpy
MITRE - Xmas Scan Attack overview
Video - Xmas Scan Attack
CloudShark
APNIC Academy
The Incident Response Hierarchy of Needs
Pyramid of Pain
Wednesday
Session 1 Intrusion Detection SP Overview of Suricata Installation workshop.tar.gz
Session 2 & 3 Investigate Packet captures SP Use Suricata to Analyse Packet Captures https://suricata.io/documentation/
Packet Analysis Tutorial
Session 4 Security Onion SS Session and Signature Analysis Security Onion (Academy Lab)
Security Onion LAB 		https://academy.apnic.net/en/virtual-labs/
https://securityonion.net
Security Onion Summary Sheet
TCP Dump commands
TCP dump Lab
Thursday
Session 1 Route Leak prevention with
BGP Community by
Q S Tahmeed (Level3 Carrier Ltd.) 		QT Route Leaks
Session 2 Securing Internet Routing
How to create ROAs (demo) 		MZ PDF https://bgpstream.com
RPKI — 2021 retrospective
https://rpki-rfc.routingsecurity.net
https://rpki-monitor.antd.nist.gov
RPKI NLnetlabs
https://www.cidr-report.org/as2.0/
APNIC Route Management
How to Create ROAs in MyAPNIC
Session 3 & 4 Installing RPKI Validators All Routinator
Fort
RPKI-Client
RPKI Prover 		Install NLnet Labs Routinator
Install Octo rpki
Install FORT rpki
Install RPKI validator RIPEv3
APNIC Blog
Filtering with ROAs (Route Origin Validation) Lab All PDF RPKI Virtual LAB
Wrap Up

Additional Resources

Topic Resources
Other resources IDS & SNORT Snorpy Web based Rule Creator
Snort 101
Snort 2 - Installation and Config
Snort 2 - Introduction to Rule Writing
Snort 3 - Introduction and overview
MITRE - Xmas Scan Attack overview
Video - Xmas Scan Attack
CloudShark
Putty
https://github.com/OJ/gobuster
WireShark TCP dump summary
TCP dump - 50 ways to isolate traffic
Wireshark
Detecting Network Attacks
Youtube Song - Call Offensive Security
https://www.youtube.com/c/OISFSuricata
https://www.youtube.com/results?search_query=suricata
https://www.youtube.com/results?search_query=snort
Suricata Online Documentation https://suricata.readthedocs.io/en/suricata-6.0.3/
https://suricata.readthedocs.io/en/suricata-6.0.3/rule-management/adding-your-own-rules.html
https://doc.emergingthreats.net/bin/view/Main/SidAllocation
https://suricata.readthedocs.io/en/suricata-6.0.3/file-extraction/file-extraction.html
https://suricata.io/webinars/
Rulesets Getting Started with Suricata-Update: Managing rule sets and sources
An Introduction to Writing Suricata Rules
https://suricata.readthedocs.io/en/suricata-6.0.3/rules/intro.html
https://doc.emergingthreats.net/bin/view/Main/TorRules
http://rules.emergingthreats.net/blockrules/emerging-tor.suricata.rules
Suricata Sample data https://github.com/FrankHassanabad/suricata-sample-data
Other ToolsScirius https://www.stamus-networks.com/scirius-open-source
Hunting Threats That Use Encrypted Network Traffic with Suricata
EveBox documentation https://buildmedia.readthedocs.org/media/pdf/evebox/release/evebox.pdf
Using EveBox
Honeypots https://github.com/Hackinfinity/Honey-Pots-
Malware Analysis Wireshark tutorial dridex infection traffic
Example malware analysis
Malware and where to find them
Malware Traffic Analysis
SANS Challenge
SANS Ransomware Summit 16th Jun 2022 (free)
RangeForce Community Edition https://go.rangeforce.com/community-edition-registration
Packet Analysis &
Threat Intelligence 		https://github.com/idaholab/Malcolm
https://www.blackhillsinfosec.com/projects/rita/
https://arkime.com
https://zeek.org
Threat map https://threatmap.checkpoint.com
https://attack.mitre.org/docs/attack_roadmap_2020_october.pdf
Network and Security trends Trustwave Global trends
Imperva DDoS attack trends 2019
Cisco Networking Trends Report 2020
Cisco Networking Trends Report 2021
European Union Agency for Cybersecurity (ENISA), Threats and Trends
Enisa 2020 Threat Landscape
World Economic Forum, Global Risks
Red Canary 2021 Threat Detection Report - Threats
Red Canary 2021 Threat Detection Report - Techniques
https://unit42.paloaltonetworks.com/network-attack-trends
Misc. Cybersecurity Glossary of Terms
Comptia Basic definitions
Biggest Data Breaches
Significant Cyber Incidents
http://zone-h.org/archive
Cybersecurity Reference Architecture
Enisa Network Forensics Handbook
https://www.exabeam.com/incident-response/csirt/
Cybersecurity Best Practices Guide For IIROC Dealer Members
https://www.exploit-db.com
https://www.zerodayinitiative.com/advisories/upcoming/
Network Simulation https://netsim.erinn.io
https://github.com/errorinn/netsim
https://academy.apnic.net/en/virtual-labs/
https://www.eve-ng.net/
https://gns3.com/
Networking Lab Images From Arista, Cisco, nVidia
Frameworks https://www.mercuryit.co.nz/our-services/cyber-security-framework/
https://attack.mitre.org
https://www.nist.gov/cyberframework
https://cyberexperts.com/cybersecurity-frameworks/
Mitigation ASD mitigation strategies
https://www.cisecurity.org/cis-benchmarks/
https://attack.mitre.org/mitigations/enterprise/
Tutorials https://academy.apnic.net
https://pentesterlab.com/exercises
https://cyberdefenders.org/labs/?type=ctf
https://go.rangeforce.com/community-edition-registration
Using ATT&CK for threat intelligence
Infographic Defense in Depth FAN
https://momentumcyber.com/docs/CYBERscape.pdf
CyberSecurity Maturity Model (CSMM)
InfoSec Colour Wheel
Parkerian Hexad
Unified Kill Chain
  • netsec-20220627-bdnog14/agenda.txt
  • Last modified: 2023/01/30 00:48
  • by awal