APNIC Network Security Workshop
This week I attended an intensive workshop on Network Security organized by the APNIC Foundation. The program was free and had a good turnout.
The workshop was conducted by Warren Finch from the foundation and covered some interesting areas including IPv6 and the emerging threats.
The workshop included some lab exercises to give the participants a chance to simulate real situations.
Here are the highlights of the areas covered.
Day 1
The first day started with a basic introduction of network security and then went straight into packet capture and analysis using Wireshark. It is amazing what this tool can do.
I personally did not have much experience with the tool and it was an eye opener to see the capabilities demonstrated by Warren.
It also revealed some interesting insights into how vulnerable most networks are and how easily someone could spy on the users.
This was followed with file verification using checksum and securing SSH connections.
Day 2
The second day saw us tackle 2 Factor Authentication (2FA) and securing network infrastructure. The labs were interesting with us enabling 2FA on SSH tunnel using Google Authentication and generating certificates to secure infrastructure. The labs were done on a virtual Ubuntu server.
This also led to SSL and TLS encryption for websites.
Day 3
In day 3 we covered Pretty Good Privacy (PGP) for file and email encryption. This was followed by a lecture on Resource Public Key Infrastructure (RPKI).
VPN and IPSec followed with a lab. However, Warren opted for a much simpler exercise which included encrypting a link between 2 Cisco routers.
We also touched base on Intrusion Detection (ID) but had to stop due to time constraints.
Day 4
The last day started off with ID and the open source tool Snort. This was followed with IPv6.
The lab included running virtual machines on Graphical Network Simulator 3 (GNS3) environment and simulating an IPv6 attack on a client machine.
Unfortunately, I was not able to complete this successfully due to the limited resources on my laptop.
This was followed by session on Incident Handling Response (IHR) and an introduction to PNG Computer Emergency Response Team (PNGCERT).
The day ended with handing out of certificates of participation and a group photo session.
Observations & suggestions
The workshop was very informative and enlightening. However, there are a couple of things that could have been done better.
The first thing is the time. There was simply not enough time to digest the information and knowledge shared by Warren. I believe this program can be a course of its own.
The other thing is that some of these labs use a lot of computer resources. This obviously means that participants have to have hyped up machines i.e., +8GB RAM or more, +i5 processor and at least 500GB of free HD space.
Overall, the workshop was very informative and I am happy that I attended. I am also looking forward to other training APNIC Foundation has to offer.
Resources
If you are interested in training offered by APNIC Foundation, then I suggest taking a look at these websites:
- apnic.foundation
- www.facebook.com/APNICFoundation/
- www.pngcert.org.pg
- wiki.apnictraining.net/netsec20181029-png/agenda
- blog.apnic.net/2017/11/21/strong-start-png-cert/
- How to Get Stock Photography Pictures That Sell - April 10, 2024
- How to Use Etcher AppImage on Ubuntu - September 13, 2023
- How to Install LogicalDOC CE on Ubuntu 22.04 LTS - June 22, 2023