APNIC home / Meetings / APNIC 25 / Program / Network Security tutorial . .

Network Security tutorial

"CSI on the Internet"

(Anatomy of a network attack, network forensics, network attack and defense.)

Monday 25 February, 09:00 - 17:30
Magnolia Narcissus room, level B2,
Howard Plaza Hotel, Taipei
Champika Wijauatunga (APNIC training team)
Miwa Fujii (APNIC training team)
Amante Alvaran (APNIC training team)
Ryan Connelly (Team Cymru)
Anatomy of a network attack (PDF, 3.1MB)
Network forensics (PDF, 790KB)


This tutorial will look at the nature and structure of network attacks and the tools, actions and processes that can be used to identify and respond to such attacks.

A brief overview examining the anatomy of an attack and the creation of botnets will be presented and the motivation that drives such on-line malicious activity, the type of tools that are used in modern attacks, who is behind these and the impact they have will be discussed.

Identifying attack streams and understanding the nature of TCP/IP traffic will be discussed through the use of Wireshark, fprobe, nfsen and nfdump. Darknets and their operation and contribution to combating malicious network activity will be considered.

As a practical, hands-on exercises, participants will be able to simulate a network attack and response scenario by trying to penetrate a remote network while at the same time protecting their own network from attack. This will be done using the tools and techniques discussed earlier and by remotely accessing either a virtual network topology or a real network running in the APNIC training lab.

Intended audience

All engineers and operators concerned with network security and interested in gaining an understanding of the threats they face and how to mitigate these should attend.

Return to program...