Network Security

Date: 21 Oct 2021
Location: Tutorial
Venue: Online

Synopsis

The tutorial is a snapshot of some of the labs that are delivered in the 3 or 5 day Network security workshops that are delivered by APNIC. This is a combine tutorial of the Cryptography fundamentals and Packet Analysis tutorials.

• The objective of the “Cryptography Fundamentals” is to introduce cryptographic concepts by explaining various hash functions, encryption algorithms and digital signatures and how to utilise cryptography to enhance security.
• The objective of the “Packet Analysis” is to introduce packet analysis concepts by explaining various protocols, tools and strategies to analyse packets to enhance security and help with troubleshooting. This tutorial aims at providing attendees a practical approach to:
  • Overview of protocols.
  • Packet Analysis using tcpdump and other tools.
  • Strategies for packet analysis including encrypted traffic

Target Audience

• Engineers, Network Managers and Operators, and Security policy makers who are interested in network security and want to gain an understanding of how to utilise cryptography.

Pre-requisites

It is assumed that participants have a basic understanding of:

• network operations, Internet technologies, OSI reference model and TCP/IP.
• Basic Linux command line (CLI) skills.

We recommend the following Academy courses be completed before the start of the tutorial:

• Network security fundamentals: https://academy.apnic.net/en/webinar-courses/network-security-fundamentals/
• Introduction to Cybersecurity: https://academy.apnic.net/en/course/introduction-to-cybersecurity/
• Linux Basics virtual lab: https://academy.apnic.net/en/virtual-labs/

Tutorial topics

• Introduction to Cryptography
• Public Key Infrastructure (PKI) and Resource PKI
• Transport Layer Security (TLS)
• Virtual Private Networks (VPN) and IP security (IPSec)
• Overview of protocols
• Introduction to packet capturing
• Overview of various tools. For example tcpdump, tcpreplay, cloudshark, tshark and wireshark
• Strategies for packet analysis
• Utilising metadata to analyse encrypted traffic

Other requirements

• Participants are advised to bring their own laptop computers with high-speed Wi-Fi (802.11a/g/n/ac) and administrative access to system. It is also recommended that laptops have Intel i5 or i7 processor, >=8GB of RAM and 30GB of free hard disk space.
• Software: SSH Client, Telnet Client, VirtualBox/VMware
• Confirm Secure SHell (SSH) is allowed from the office or home network to access the lab infrastructure? Test ssh connectivity, try to connect to route-views.routeviews.org. For example from the CLI type: ssh rviews@route-views.routeviews.org

Workshop Items

• Agenda (includes links to presentations and schedule)
• Instructors: Warren Finch (APNIC)