DNNSEC
Target Audience
Operators interested in deploying DNS Security as part of their security infrastructure and people with a general interest in DNSSEC, and those contemplating whether or not to deploy DNSSEC in their organisation.
Pre-requisites
Basic DNS, Public key encryption and basic knowledge about UNIX System Administration
Course Outline
This tutorial covers the following topics:
• Introduction/Review of DNSSEC
• Securing zone transfer (TSIG)
• Securing a zone
• Configuring a security-aware resolver
• Delegation of signing authority
• Rolling keys
• Troubleshooting
• DPS
• DNSSEC deployment plan
• OpenDNSSEC
Technologies Covered
DNS, TSIG, DNSSEC including NSEC3
AfricaCERT Day
AfricaCERT meetings provide a forum for collaboration and exchange for Computer Emergency response Teams and interested parties to sharing common practices, information, tools, techniques, and strategies that address problems related to cyber-security.
AfricaCERT Day builds on the experience from previous AfricaCERT events held in different African countries in collaboration with AfNOG and AFRINIC.
AfricaCERT V Day follows three days of Intensive training in collaboration with FIRST and JPCERT.
AfricaCERT V theme is “Our Role in the African Internet Ecosystem”.
JPCERT
Le programme CSIRT s'adresse aux équipes techniques pour la surveillance avancée des réseaux.
Description
Un atelier d’une journée, axé sur la sécurisation avancée du web.
Cours
Surveillance des réseaux et analyse du trafic (niveau supérieur)
Résumé
La surveillance des réseaux est un moyen parmi d’autres pour comprendre ce qui se passe sur un réseau. Cette session a pour objet les connaissances de base que nous devons avoir concernant la surveillance des réseaux et leurs problèmes (exemple : problèmes légaux, vie privée, chiffrage, réseaux cachés, etc.). Le cours de formation offre des sessions pratiques aux participants pour les analyses du trafic généré par malware, botnet et d’autres outils malveillants.
CSIRT Training
Introduction
The Computer Security Incident Response Team (CSIRT) training course aims to develop the knowledge and skills of staff members of a CSIRT or those interested in joining such a team, or involved in creating such a team.
Pre-requisites
Trainees are typically experienced system, network or IT managers (Interested persons from other backgrounds are welcome to contact the organisers to discuss the suitability of the course for them). They are expected to have an awareness of the security issues involved in connecting computers to the Internet. They must be committed to using their skills to improve the security of computers and networks. For the technical side of the course, familiarity with the normal operation of TCP/IP networks, addresses, port numbers and protocols will be assumed.
The following modules are covered:
CSIRT Organization
Describes how CSIRTs fit into their organisations: planning the CSIRT, defining the constituency of the team and gaining management authority for it, deciding the services the team will offer, working with those outside the organisation, staffing the CSIRT, funding. Participants will discuss their own organisation and how their team fits into it.
Technical Introduction
A basic introduction to the main attack vectors that malicious parties use to attack systems: intruders and their motivations, botnets, network protocols and how they can be abused, operating systems and services, types of vulnerability, information gathering, breaking in, hiding traces, denial-of-service attacks.
CSIRT Operations
Describes the facilities, systems and tools needed by CSIRTs to operate successfully: housing the CSIRT, equipment, e-mail, remote access, information and contacts, servers and networks, incident response plans and procedures, tracking systems. As an exercise participants will discuss and develop incident response plans for their own teams.
Legal Issues
A high level overview of the areas of legislation that are likely to affect CSIRTs in their work and that team members need to be aware of: origins of computer legislation, problems, data protection, computer misuse, working with law enforcement, monitoring, evidence, European developments.