Network Security

Time Schedule

	BT timezone
Session 1	09:00 - 10:30
Break	10:30 - 11:00
Session 2	11:00 - 13:00
Lunch	13:00 - 14:00
Session 3	14:00 - 15:30
Break	15:30 - 16:00
Session 4	16:00 - 17:00

* All times are quoted as GMT+6
https://www.timeanddate.com/worldclock/personal.html?cities=47,690
Survey

Trainers

FL	Name	Email	Organisation	Country
WF	Warren Finch	warren(at)apnic(dot)net	APNIC	Australia
MP	Mohan Pradhan		DITT	Bhutan

Session	Topic	Trainer	Presentations	Exercises	Other Resources
Session 1	Information Security overview	WF	Agenda Information Security overview		osi.jpg Shodan Search - Devices in Thimpu Shodan Search - List by Organisation Shodan Search - GPON Home Gateways Security text file https://www.google.com/alerts https://seclists.org/fulldisclosure/
Session 2	Introduction to Cryptography	WF	Cryptography Basics	https://www.dcode.fr/caesar-cipher CyberChef - enigma machine https://github.com/Nodeblue/ASD_50c_Coin https://www.asio.gov.au/resources/puzzles	https://www.garykessler.net/library/crypto.html http://www.crypto-it.net/eng/theory/index.html https://gchq.github.io/CyberChef/ X.800 Security architecture for Open Systems Interconnection Guidelines for Cryptography NIST sp800-175b NIST Crypto Standards and Guidelines OWASP User Privacy Protection Cheat Sheet Key Management Fundamentals Diffie-Hellman Key Exchange - Youtube
Session 3	Lab - Setup Virtual Machine	WF		Setup Lab	Install Ubuntu Server 18.04 Remove Packages Setup for RPKI workshop https://github.com/githubapnic/Ubuntu YouTube live stream https://github.com/splunk/attack_range https://github.com/clong/DetectionLab https://www.sans.org/webcasts/sans-workshop-building-azure-pentest-lab-red-teams/
Session 4	Lab	All	Secure Shell	SSH LAB Two Factor Authentication Hashing Lab PKI Demo	WinAuth Google Auth plugin Microsoft File Checksum Integrity Verifier
Day 02	Topic	Trainer	Presentations	Exercises	Resources
Session 1	Introduction to Access Control	WF	Access Control		https://portswigger.net/web-security/access-control Password Requirements Access Control
Session 2	Pretty Good Privacy (PGP)	WF		PGP Lab
Session 3	Firewall	WF	Linux Security & Firewalls	IPTables example iptables.zip IPTables	https://configserver.com/cp/csf.html https://gist.github.com/jirutka/3742890 Linux 2.4 Packet Filtering HOWTO Linux netfilter Hacking HOWTO firewall and anomaly macOS Block connections to your Mac with a firewall How to Configure Your Mac's Firewall Quick and easy pf (packet filter) firewall rules ivanti - Configuring firewall settings for macOS devices Windows Firewall Best practices for configuring Windows Defender Firewall Windows Defender Firewall with Advanced Security Windows Firewall Applied (PDF) Windows Firewall Ruleset Netsh command Azure - Design and implement network security
Session 4	Intrusion Detection	WF	Overview of IDS - Snort	Snort lab SNORT Lab Answer Update SNORT and review rules Optional Use nmap to do Xmas tree scan Go Buster to discovery directories Bruteforce SSH Bruteforce SSH Lab	Snorpy Web based Rule Creator http://www.cyb3rs3c.net - snorpy web UI Blog post about Snorpy MITRE - Xmas Scan Attack overview Video - Xmas Scan Attack CloudShark APNIC Academy The Incident Response Hierarchy of Needs Pyramid of Pain
Day 03	Topic	Trainer	Presentations	Exercises	Resources
Session 1	Security in Layers	WF	Security in Layers	https://overthewire.org/wargames/bandit/bandit0.html	Network Security Trends Nov 2021 to Jan 2022 25% of Internet users vulnerable to infrastructure attack https://flipperzero.one https://darknetdiaries.com/episode/ Diffie-Hellman Key Exchange - Youtube Cyber Chef
Session 2 & 3	Vulnerability Assessment and Penetration Testing	WF	Overview of PenTesting	Vuln Assessment and PenTest VM Lab	Penetration testing report template https://github.com/redcanaryco/atomic-red-team https://www.purplesharp.com/en/latest/
Session 4	Introduction to WiFi	WF	WiFi Security	https://wigle.net Create a WLAN report https://tryhackme.com/room/wifihacking101	WiFi Security Timeline https://academy.apnic.net/en/webinar-courses/wifi-security DRAGONBLOOD - Analysing WPA3's Dragonfly Handshake Wi-Fi Alliance Frag Attacks Wireless.pcap sae_simple_psk.pcapng Wireless Emulation Link Layer Exchange Daemon Wi-Fi pcap Analysis Wi-Fi pcap tricks WEP cracking Decrypt 802.11 Hak5 - WiFi scanning Wireshark Basics for Wi-Fi Hacking Linux Compatible USB Adapters
	Install Cisco Packet Tracer	WF		Download Packet Tracer	Wireless router configuration Free Packet Tracer labs
Day 04	Topic	Trainer	Presentations	Exercises	Resources
Session 1	Flow monitoring Network monitoring for Threats	WF	Flow Monitoring Overview of Suricata	Installation	workshop.tar.gz
Session 2	Investigate Packet captures	WF		Use Suricata to Analyse Packet Captures	https://suricata.io/documentation/ Packet Analysis Tutorial
Session 3	Security Onion	WF	Session and Signature Analysis	Security Onion (Academy Lab) Security Onion LAB	https://academy.apnic.net/en/virtual-labs/ https://securityonion.net Security Onion Summary Sheet TCP Dump commands TCP dump Lab
Self-Paced	Capture the Flag (CTF)	WF	More CTF details during the session		Capture the Flag Bootcamp Practice for CTFs https://amanhardikar.com/mindmaps/Practice.html
	Resources to help with CTF Packet Analysis	All	Packet Analysis	Decrypt TLS using Wireshark	RFC791 - IP RFC793 - TCP Telnet pcap SSH pcap HTTP pcap HTTPS pcap IPv6 pcap
	Lab	All		APNIC Academy TCP dump Lab TShark Lab WireShark Lab Lab pcaps	TCP dump summary TCP dump commands Wireshark Decrypt SSL with Wireshark https://packetlife.net/captures/ https://apackets.com/pcaps Packet Analysis Reference Guide

	Topic	Resources
Other resources	Cryptography tools	https://github.com/sobolevn/awesome-cryptography https://www.cryptool.org/en/ http://practicalcryptography.com/ciphers/ https://project-rainbowcrack.com/table.htm
	Cryptography Mind Maps	https://www.mindcert.com/general-items/cissp-mind-map-cryptography/ https://offensivesec.blogspot.com/2016/09/cryptography-2-mind-map_54.html https://www.mindmeister.com/289895434/basic-cryptography https://www.mindomo.com/mindmap/cryptography-abd0b2b2ec8742fc9d9dfe5e3494bb5f
	Theory	https://cs.lmu.edu/~ray/notes/cryptology/
	Challenges	https://www.mysterytwisterc3.org/en/ Crypto Challenges Cipher Challenges https://cryptohack.org
	XMAS Scan Attack	MITRE - Xmas Scan Attack overview Video - Xmas Scan Attack CloudShark
	WireShark	Download Wireshark https://www.wireshark.org/docs/ https://wiki.wireshark.org/TLS Top 10 filters Packet Diagrams in Wireshark Using Wireshark to Analyze nmap Column Setup https://termshark.io
	Tools	Putty Win 10 Packet Monitor List of packet capture tools Network Miner TCP dump summary Compare network captures How to use Zeek for PCAP Analysis BruteShark and other tools Awesome pcap tools PCAP Remote Tutorial SANS Blue Team Wiki Code-Breaking, Cipher and Logic Puzzles solving tools
	Malware Analysis	Wireshark tutorial dridex infection traffic Example malware analysis Malware and where to find them Malware Traffic Analysis SANS May 2021 Challenge
	Wi-Fi Resources	Fundamentals of 802.11 Wireless Sniffing 802.11 Mgmt : Deauth & Disassociation Frames Analyzing Deauthentication Packets With Wireshark Analyzing Wireless Packet Captures Open Wireless Intrusion Prevention System Pixie Dust Attack Pixie Dust Attack (2) Youtube Pixie Dust attack in the wild - Kali Linux Vulnerable Network Adapters Wi-Fi Standards explained Wireshark sample wifi pcaps WiFi Analysis Resources Pick a Wi-Fi Antenna for WiFi Hacking Track Wi-Fi Devices with a Directional Antenna & Wireshark Wireshark IO Graph: WLAN Data Rate and Channel Utilization (CU) Troubleshooting WiFi Ubiquiti WiFiman https://www.aircrack-ng.org/doku.php https://www.javatpoint.com/pre-connection-attacks
	Hardening Guides	https://www.cisco.com/c/en/us/support/docs/ip/access-lists/13608-21.html https://www.juniper.net/assets/kr/kr/local/pdf/books/tw-hardening-junos-devices-checklist.pdf https://ncp.nist.gov/repository

Network Security

Tutorial Sessions

APNIC TRAINING WIKI