APNIC Information Security for Systems Administrators Workshop

Yesterday concluded a 3 day workshop on Information Security facilitated by the APNIC Foundation and covered areas of internet and information security relating to the area of systems administration. 

The workshop, held from November 5 – 7, was at Telikom Rumana and as usual was free. It had a very good turnout with the Bank of Papua New Guinea (BPNG) and Bank South Pacific (BSP) sending a good number of participants.  

The training was conducted by APNIC staff Jamie Gillespie who has experience working with UUNET in Canada, Google, Macquarie Telecom and AusCERT.

He is currently working as an Internet Security Specialist with APNIC.

The workshop ties neatly with the Network Security workshop I last attended. 

Day 1

The first day was the usual – introductions, set up and a lecture of a few topics. 

Introductions were started with Jamie introducing himself and then asking the participants to do the same. The format was to give the name, then the organization they were from and what they hoped to achieve from the workshop. 

This format was different from the Network Security workshop in which participants were asked to do introductions for the person sitting beside them.  

After the formalities, participants were asked to download Virtualbox and a couple of virtual machines on the lab network. In the end, we had a copy of a Kali Linux machine (trimmed and modified by Jamie) and we had to ensure the setting were done correctly.

This was followed by a lecture covering the definitions, trends and patterns of intrusion, threats and countermeasures to confidentiality, integrity and availability, operating system security and policies. The next day would be the most exciting part of the program.

Day 2   

The second day was dedicated to lab work on penetration testing using the tools available on Kali Linux. The main focus was on understanding the process of penetrating a system so nmap was used as a scanner (recon stage) and then using Metasploit to compromise systems. 

The exercise was done on a targeting vulnerabilities in a Unix and Windows machine respectively and it was surprisingly easy provided you know what to look for and how to use the available tools.  

This was followed with a few ways to strengthen security on systems including hiding software versions from being displayed and blocking off unessential services – most of which should be common practice for systems administrators.  

Day 3

The last day covered areas of cryptography, passwords and DDoS attacks as well as mitigation. 

Cryptography is a very complex topic and took half the day to cover. There were exercises encrypting and decrypting basic information using a couple of techniques. 

We also covered file security using hashing and configuration basics. 

The day ended with certificates being handed out and a group photograph. 

Summary

Most of what was covered was from beginner to intermediary level. As Jamie explained, there is much more to learn about security and we barely scratched the surface. 

As someone who has been doing systems administration since 2007, some things are common practice. However, there are other aspects of security that I have often overlooked – and these are the ones that bad people will use to exploit. 

The workshop was very informative and tied neatly into the previous workshop I attended.