Network Security

Time Schedule

BT timezone
Session 1 09:00 - 10:30
Break 10:30 - 11:00
Session 2 11:00 - 13:00
Lunch 13:00 - 14:00
Session 3 14:00 - 15:30
Break 15:30 - 16:00
Session 4 16:00 - 17:00

* All times are quoted as GMT+6,690


FL Name Email Organisation Country
WF Warren Finch warren(at)apnic(dot)net APNIC Australia
MP Mohan Pradhan DITT Bhutan
Session Topic Trainer Presentations Exercises Other Resources
Session 1 Information Security overview WF Agenda
Information Security overview
Shodan Search - Devices in Thimpu
Shodan Search - List by Organisation
Shodan Search - GPON Home Gateways
Security text file
Session 2 Introduction to Cryptography WF Cryptography Basics
CyberChef - enigma machine
X.800 Security architecture for Open Systems Interconnection
Guidelines for Cryptography
NIST sp800-175b
NIST Crypto Standards and Guidelines
OWASP User Privacy Protection Cheat Sheet
Key Management Fundamentals
Diffie-Hellman Key Exchange - Youtube
Session 3 Lab - Setup Virtual Machine WF Setup Lab Install Ubuntu Server 18.04
Remove Packages
Setup for RPKI workshop
YouTube live stream
Session 4 Lab All Secure Shell SSH LAB
Two Factor Authentication
Hashing Lab
PKI Demo
Google Auth plugin
Microsoft File Checksum Integrity Verifier
Day 02 Topic Trainer Presentations Exercises Resources
Session 1 Introduction to Access Control WF Access Control
Password Requirements
Access Control
Session 2 Pretty Good Privacy (PGP) WF PGP Lab
Session 3 Firewall WF Linux Security & Firewalls IPTables example
Linux 2.4 Packet Filtering HOWTO
Linux netfilter Hacking HOWTO
firewall and anomaly
Block connections to your Mac with a firewall
How to Configure Your Mac's Firewall
Quick and easy pf (packet filter) firewall rules
ivanti - Configuring firewall settings for macOS devices
Windows Firewall
Best practices for configuring Windows Defender Firewall
Windows Defender Firewall with Advanced Security
Windows Firewall Applied (PDF)
Windows Firewall Ruleset
Netsh command
Azure - Design and implement network security
Session 4 Intrusion Detection WF Overview of IDS - Snort Snort lab
SNORT Lab Answer
Update SNORT and review rules
Use nmap to do Xmas tree scan
Go Buster to discovery directories
Bruteforce SSH
Bruteforce SSH Lab
Snorpy Web based Rule Creator - snorpy web UI
Blog post about Snorpy
MITRE - Xmas Scan Attack overview
Video - Xmas Scan Attack
APNIC Academy
The Incident Response Hierarchy of Needs
Pyramid of Pain
Day 03 Topic Trainer Presentations Exercises Resources
Session 1 Security in Layers WF Security in Layers Network Security Trends Nov 2021 to Jan 2022
25% of Internet users vulnerable to infrastructure attack
Diffie-Hellman Key Exchange - Youtube
Cyber Chef
Session 2 & 3 Vulnerability Assessment and Penetration Testing WF Overview of PenTesting Vuln Assessment and PenTest VM Lab Penetration testing report template
Session 4 Introduction to WiFi WF WiFi Security
Create a WLAN report
WiFi Security Timeline
DRAGONBLOOD - Analysing WPA3's Dragonfly Handshake
Wi-Fi Alliance
Frag Attacks
Wireless Emulation Link Layer Exchange Daemon
Wi-Fi pcap Analysis
Wi-Fi pcap tricks
WEP cracking
Decrypt 802.11
Hak5 - WiFi scanning
Wireshark Basics for Wi-Fi Hacking
Linux Compatible USB Adapters
Install Cisco Packet Tracer WF Download Packet Tracer Wireless router configuration
Free Packet Tracer labs
Day 04 Topic Trainer Presentations Exercises Resources
Session 1 Flow monitoring
Network monitoring for Threats
WF Flow Monitoring
Overview of Suricata


Session 2 Investigate Packet captures WF Use Suricata to Analyse Packet Captures
Packet Analysis Tutorial
Session 3 Security Onion WF Session and Signature Analysis Security Onion (Academy Lab)
Security Onion LAB
Security Onion Summary Sheet
TCP Dump commands
TCP dump Lab
Self-Paced Capture the Flag (CTF) WF More CTF details during the session Capture the Flag Bootcamp
Practice for CTFs
Resources to help with CTF
Packet Analysis
Packet Analysis

Decrypt TLS using Wireshark
RFC791 - IP
RFC793 - TCP
Telnet pcap
SSH pcap
HTTP pcap
HTTPS pcap
IPv6 pcap
Lab All APNIC Academy
TCP dump Lab
TShark Lab
WireShark Lab
Lab pcaps
TCP dump summary
TCP dump commands
Decrypt SSL with Wireshark
Packet Analysis Reference Guide
Topic Resources
Other resources Cryptography tools
Cryptography Mind Maps
Crypto Challenges
Cipher Challenges
XMAS Scan Attack MITRE - Xmas Scan Attack overview
Video - Xmas Scan Attack
WireShark Download Wireshark
Top 10 filters
Packet Diagrams in Wireshark
Using Wireshark to Analyze nmap
Column Setup
Tools Putty
Win 10 Packet Monitor
List of packet capture tools
Network Miner
TCP dump summary
Compare network captures
How to use Zeek for PCAP Analysis
BruteShark and other tools
Awesome pcap tools
PCAP Remote Tutorial
SANS Blue Team Wiki
Code-Breaking, Cipher and Logic Puzzles solving tools
Malware Analysis Wireshark tutorial dridex infection traffic
Example malware analysis
Malware and where to find them
Malware Traffic Analysis
SANS May 2021 Challenge
Wi-Fi Resources Fundamentals of 802.11 Wireless Sniffing
802.11 Mgmt : Deauth & Disassociation Frames
Analyzing Deauthentication Packets With Wireshark
Analyzing Wireless Packet Captures
Open Wireless Intrusion Prevention System
Pixie Dust Attack
Pixie Dust Attack (2)
Youtube Pixie Dust attack in the wild - Kali Linux
Vulnerable Network Adapters
Wi-Fi Standards explained
Wireshark sample wifi pcaps
WiFi Analysis Resources
Pick a Wi-Fi Antenna for WiFi Hacking
Track Wi-Fi Devices with a Directional Antenna & Wireshark
Wireshark IO Graph: WLAN Data Rate and Channel Utilization (CU)
Troubleshooting WiFi
Ubiquiti WiFiman
Hardening Guides
  • netsec-20221011-online/agenda.txt
  • Last modified: 2022/10/16 09:07
  • by warren