Security tutorial

4 September 2006

Abstract

Understanding security threats and implementing effective security measures are key factors in ensuring network infrastructure reliability and integrity. Such measures need to be implemented on both an individual device level (server or host) and as part of the network design, configuration and implementation.

This tutorial will consider the latest threats and discuss best current practices for addressing many of these risks. Specific attention will be given to securing network infrastructure devices, common filtering practices, effective logging practices, routing protocol security issues, and mechanisms to mitigate damage from Distributed Denial of Service (DDoS) attacks.

Intended audience

The tutorial is targeted at network administrators and engineers responsible for implementing network security within an organisation, as well as anyone with an interest in system security implementation strategy.

Morning: Sessions 1 & 2 (180min)

Speaker: Gaurab Raj Upadhaya and Merike Kaeo

Presentation Session 1 [pdf], Session 2 [pdf]

Host-based security

FreeBSD as an OS for ISPs
Securing FreeBSD installations
Network monitoring tools such as

tcpdump, ntop, nmap, nessus, netflow

Building Firewalls using IPFW
Snort IDS
IPSEC in FreeBSD
Web server security
Using Tacacs for authentication and authorization of network devices
Using OpenLDAP for system authentication

Afternoon: Sessions 3 & 4 (180min)

Speaker: Merike Kaeo

Presentation [pdf]

Network-based security

This session will focus on current ISP security best practice and will discuss the current methods used by various large ISPs to secure their infrastructures. Devices with new capabilities used to provide additional protection against intrusions and/or malicious behaviour will also be considered.

Topics covered will include:

Physical security
In-band/out-of-band management
Data traffic
Routing control plane
Software upgrades/configuration integrity
Logging considerations
Filtering considerations
DoS tracking/tracing

Minutes Program Tutorials IPv6 tutorial Security tutorial Spam tutorial Routing workshop Opening plenary Plenary panel APOPS Lightning talks SIGs IPv6 technical NIR Policy BoF APNIC Member Meeting Events Opening reception APNIC social event Informal closing dinner NC election Sponsorship Fellowship HM consultation APNIC meetings Past meetings APNIC 21 APNIC 20 APNIC 19 APNIC 18 More... APNIC 22 home APNIC home
	APNIC 22 home » Program » Tutorials Security tutorial 4 September 2006 Abstract Understanding security threats and implementing effective security measures are key factors in ensuring network infrastructure reliability and integrity. Such measures need to be implemented on both an individual device level (server or host) and as part of the network design, configuration and implementation. This tutorial will consider the latest threats and discuss best current practices for addressing many of these risks. Specific attention will be given to securing network infrastructure devices, common filtering practices, effective logging practices, routing protocol security issues, and mechanisms to mitigate damage from Distributed Denial of Service (DDoS) attacks. Intended audience The tutorial is targeted at network administrators and engineers responsible for implementing network security within an organisation, as well as anyone with an interest in system security implementation strategy. Morning: Sessions 1 & 2 (180min) Speaker: Gaurab Raj Upadhaya and Merike Kaeo Presentation Session 1 [pdf], Session 2 [pdf] Host-based security FreeBSD as an OS for ISPs Securing FreeBSD installations Network monitoring tools such as tcpdump, ntop, nmap, nessus, netflow Building Firewalls using IPFW Snort IDS IPSEC in FreeBSD Web server security Using Tacacs for authentication and authorization of network devices Using OpenLDAP for system authentication Afternoon: Sessions 3 & 4 (180min) Speaker: Merike Kaeo Presentation [pdf] Network-based security This session will focus on current ISP security best practice and will discuss the current methods used by various large ISPs to secure their infrastructures. Devices with new capabilities used to provide additional protection against intrusions and/or malicious behaviour will also be considered. Topics covered will include: Physical security In-band/out-of-band management Data traffic Routing control plane Software upgrades/configuration integrity Logging considerations Filtering considerations DoS tracking/tracing