RPKI

Novotel - Training room 1

AFRINIC RPKI (Resource Public Key Infrastructure) Training

Slide 1

Slide 2

Slide 3

RPKI tutorial

Resources Public key Infrastructure (RPKI) Tutorial

Target Audience

Operators interested in deploying  RPKI  and Routing Security extension as part of their security infrastructure and people with a general interest in RPKI and Routing Security, and those contemplating whether or not to deploy RPKI and routing security in their organization.

Pre-requisites

Basic  Public key encryption , PKI  and basic knowledge  about Internet Number resources management and Internet routing

Course Outline

This tutorial covers the following topics:

      • Introduction to Internet Number ressources (INR) certification

      • Introduction/Review of RPKI 

      • Route Origin Authorization (ROA)and BGP origin validation 

      • Enabling AFRINIC members RPKI engine

      • Signing of ROAs

      • ROAs Validation

      •  BGP Origin validation

      • BGPSEC discussion

 Technologies Covered

 INR certification, RPKI,  BGP security

DNS Anycast Workshop

Novotel - Training room 2

DNS Anycast Workshop

Trainer: Stéphane Bortzmeyer

Location: Novotel Training room 2

Resiliency of the DNS service is among the most important reponsabilities of a domain name registry. Users and applications cannot accept less than 100 % availability of the DNS service. This is specially difficult to do in an environment where technical failures (not only the DNS server but also the cables, the routing, etc) and deliberate attacks occur too frequently. One way to get a better resiliency is through anycasting of the name servers. First described officially in RFC 1546 in 1993, it was widely deployed after the attack on the root of 21st october 2002 and is documented in RFC 4786. Anycasting allows local traffic to stay local, limits the effects of distributed DoS attacks and is an important tool in the DNS service.

This talk will be targeted to operations people who want to evaluate and may be to deploy anycast DNS servers: what is anycast, what problems does it solve, BGP routing for anycast, what are the traps, the importance of monitoring, and a few anycast-specific issues. Stéphane Bortzmeyer is engineer at AFNIC, registry for the TLD .fr. AFNIC manages an in-house anycast cloud, d.nic.fr, and uses other anycast providers. His last article about anycast was published at RIPE Labs <https://labs.ripe.net/Members/stephane_bortzmeyer/using-atlas-udm-to-find-the-popular-instances-of-a-dns-anycast-name-server>.

IPv6 Basics (Engineers)

Novotel - Training room 3

The IPv6 for Engineers Module is the keystone foundation module for all our technical workshops. It gives participants a solid understanding of IPv6's core concepts required for understanding all other IPv6 topics. Upon completing this module participants will be able to:

• Identify, write and shorten IPv6 addresses
• List the types of IPv6 addresses and their unique characteristics
• Create an IPv6 address plan for a network
• Identify and list the equivalent IPv4 key protocols in IPv6
• Describe how NDP is used to deliver key IPv6 functions
• Configure and verify basic IPv6 on hosts and routers

Read more on this module on our dedicated Training websiteTraining website. 

Coffee Break

Novotel - Training room 1

Coffee Break

Novotel - Training room 2

Coffee Break

Novotel - Training room 3

RPKI

Novotel - Training room 1

AFRINIC RPKI (Resource Public Key Infrastructure) Training

RPKI tutorial

Resources Public key Infrastructure (RPKI) Tutorial

Target Audience

Operators interested in deploying  RPKI  and Routing Security extension as part of their security infrastructure and people with a general interest in RPKI and Routing Security, and those contemplating whether or not to deploy RPKI and routing security in their organization.

Pre-requisites

Basic  Public key encryption , PKI  and basic knowledge  about Internet Number resources management and Internet routing

Course Outline

This tutorial covers the following topics:

      • Introduction to Internet Number ressources (INR) certification

      • Introduction/Review of RPKI 

      • Route Origin Authorization (ROA)and BGP origin validation 

      • Enabling AFRINIC members RPKI engine

      • Signing of ROAs

      • ROAs Validation

      •  BGP Origin validation

      • BGPSEC discussion

 Technologies Covered

 INR certification, RPKI,  BGP security

AFRINIC Root Server Anycast Programme

Novotel - Training room 2

AFRINIC Root Server Anycast Programme

Trainer: Nishal Goburdhan

Location: Novotel Training room 2

IPv6 Basics (Engineers)

Novotel - Training room 3

The IPv6 for Engineers Module is the keystone foundation module for all our technical workshops. It gives participants a solid understanding of IPv6's core concepts required for understanding all other IPv6 topics. Upon completing this module participants will be able to:

• Identify, write and shorten IPv6 addresses
• List the types of IPv6 addresses and their unique characteristics
• Create an IPv6 address plan for a network
• Identify and list the equivalent IPv4 key protocols in IPv6
• Describe how NDP is used to deliver key IPv6 functions
• Configure and verify basic IPv6 on hosts and routers

Read more on this module on our dedicated Training websiteTraining website. 

Lunch Break

Novotel - Training room 1

Lunch Break

Novotel - Training room 2

Lunch Break

Novotel - Training room 3

IPv6 Address Planning (Engineers)

Novotel - Training room 3

Planning for resorces on your new network or extending an existing one, this module addresses that need. Upon completing this module, participants will be able to:

• Calculate the exact IPv4 and IPv6 address space that they need
• Request such address space from AFRINIC

Read more on this module on our dedicated Training website.

Coffee Break

Novotel - Training room 1

Coffee Break

Novotel - Training room 2

Coffee Break

Novotel - Training room 3

IPv6 Address Planning (Engineers)

Novotel - Training room 3

Whether rolling our a new network or extending and existing one, planning for the IP addresses required is an often overlooked endeavour. This module addresses that need. Upon completing this module, participants will be able to:

• Calculate the exact IPv4 and IPv6 address space that they need
• Request such address space from AFRINIC

Read more on this module on our dedicated Training website.

DNSSEC

Novotel - Plenary room

The DNSSEC Workshop targets Operators interested in deploying DNSSEC as part of their security infrastructure.

Pre-requisites

Basic DNS, Public key encryption and basic knowledge about UNIX System Administration

Course Outline

This tutorial covers the following topics:

• Introduction/Review of DNSSEC
• Securing zone transfer (TSIG)
• Securing a zone
• Configuring a security-aware resolver
• Delegation of signing authority
• Rolling keys
• Troubleshooting
• DPS
• DNSSEC deployment plan
• OpenDNSSEC

Technologies Covered

DNS, TSIG, DNSSEC including NSEC3

INRM

Novotel - Training room 1

Internet Number Resource Manager (INRM) workshop

Location: NOVOTEL - Training room 1

The Internet Number Resource Management module introduces how AFRINIC work, what services we offer and how to interact and request resources from AFRINIC using the AFRINIC whois database.

 After concluding this workshop, participant will be able to:

• Describe what services are available from AFRINIC
• Apply for IP number resources from AFRINIC
• Explain the importance of the policy development process and how to take part in it.
• Query the whois database

Target Audience

• Network engineers and architects
• Network technicians and support staff 

Read more on this module here

AfricaCERT Training

Ibis - Training room 1

The Computer Security Incident Response Team (CSIRT) training course aims to develop the knowledge and skills of staff members of a CSIRT or those interested in joining such a team, or involved in creating such a team.

Coffee Break

Novotel - Plenary room

Coffee Break

Novotel - Training room 1

Coffee Break

Ibis - Training room 1

DNSSEC

Novotel - Plenary room

The DNSSEC Workshop targets Operators interested in deploying DNSSEC as part of their security infrastructure.

Pre-requisites

Basic DNS, Public key encryption and basic knowledge about UNIX System Administration

Course Outline

This tutorial covers the following topics:

• Introduction/Review of DNSSEC
• Securing zone transfer (TSIG)
• Securing a zone
• Configuring a security-aware resolver
• Delegation of signing authority
• Rolling keys
• Troubleshooting
• DPS
• DNSSEC deployment plan
• OpenDNSSEC

Technologies Covered

DNS, TSIG, DNSSEC including NSEC3

INRM

Novotel - Training room 1

Internet Number Resource Manager (INRM) workshop

Location: NOVOTEL - Training room 1

The Internet Number Resource Management module introduces how AFRINIC work, what services we offer and how to interact and request resources from AFRINIC using the AFRINIC whois database.

 After concluding this workshop, participant will be able to:

• Describe what services are available from AFRINIC
• Apply for IP number resources from AFRINIC
• Explain the importance of the policy development process and how to take part in it.
• Query the whois database

Target Audience

• Network engineers and architects
• Network technicians and support staff 

Read more on this module here

AfricaCERT Training

Ibis - Training room 1

The Computer Security Incident Response Team (CSIRT) training course aims to develop the knowledge and skills of staff members of a CSIRT or those interested in joining such a team, or involved in creating such a team.

Lunch break

Novotel - Plenary room

Lunch break

Novotel - Training room 1

Lunch break

Ibis - Training room 1

DNSSEC

Novotel - Plenary room

The DNSSEC Workshop targets Operators interested in deploying DNSSEC as part of their security infrastructure.

Pre-requisites

Basic DNS, Public key encryption and basic knowledge about UNIX System Administration

Course Outline

This tutorial covers the following topics:

• Introduction/Review of DNSSEC
• Securing zone transfer (TSIG)
• Securing a zone
• Configuring a security-aware resolver
• Delegation of signing authority
• Rolling keys
• Troubleshooting
• DPS
• DNSSEC deployment plan
• OpenDNSSEC

Technologies Covered

DNS, TSIG, DNSSEC including NSEC3

INRM

Novotel - Training room 1

Internet Number Resource Manager (INRM) workshop

Location: NOVOTEL - Training room 1

The Internet Number Resource Management module introduces how AFRINIC work, what services we offer and how to interact and request resources from AFRINIC using the AFRINIC whois database.

 After concluding this workshop, participant will be able to:

• Describe what services are available from AFRINIC
• Apply for IP number resources from AFRINIC
• Explain the importance of the policy development process and how to take part in it.
• Query the whois database

Target Audience

• Network engineers and architects
• Network technicians and support staff 

Read more on this module here

AfricaCERT Training

Ibis - Training room 1

The Computer Security Incident Response Team (CSIRT) training course aims to develop the knowledge and skills of staff members of a CSIRT or those interested in joining such a team, or involved in creating such a team.

Coffee Break

Novotel - Plenary room

Coffee Break

Novotel - Training room 1

Coffee Break

Ibis - Training room 1

DNSSEC

Novotel - Plenary room

The DNSSEC Workshop targets Operators interested in deploying DNSSEC as part of their security infrastructure.

Pre-requisites

Basic DNS, Public key encryption and basic knowledge about UNIX System Administration

Course Outline

This tutorial covers the following topics:

• Introduction/Review of DNSSEC
• Securing zone transfer (TSIG)
• Securing a zone
• Configuring a security-aware resolver
• Delegation of signing authority
• Rolling keys
• Troubleshooting
• DPS
• DNSSEC deployment plan
• OpenDNSSEC

Technologies Covered

DNS, TSIG, DNSSEC including NSEC3

INRM

Novotel - Training room 1

Internet Number Resource Manager (INRM) workshop

Location: NOVOTEL - Training room 1

The Internet Number Resource Management module introduces how AFRINIC work, what services we offer and how to interact and request resources from AFRINIC using the AFRINIC whois database.

 After concluding this workshop, participant will be able to:

• Describe what services are available from AFRINIC
• Apply for IP number resources from AFRINIC
• Explain the importance of the policy development process and how to take part in it.
• Query the whois database

Target Audience

• Network engineers and architects
• Network technicians and support staff 

Read more on this module here

AfricaCERT Training

Ibis - Training room 1

The Computer Security Incident Response Team (CSIRT) training course aims to develop the knowledge and skills of staff members of a CSIRT or those interested in joining such a team, or involved in creating such a team.

Internet Governance

Novotel - Plenary room

• 9:00-9:15 Mamadou Youssouf Thiam Looking at the facts about Internet regulation in the future | 
• 9:15-9:30 Ibrahima Saidou Connecting Africa - Power of Satellite in Africa. How satellite technology can help bridge the digital divide on the continent | 
• 9:30-9:45 Koffi Fabrice Djossou Launch strategy of Dot Africa |
• 9:45:10:00 Yves MiezanEzo L’Afrique à l'heure de l'économie de la connaissance |
• 10:00-10:15 Adiel Akplogan Montevideo Declaration |

FIRE Workshop (Closed session)

Novotel - Meeting Room 1

Agenda

 Presentation slide 1

Slide 1

Slide 2

Slide 3

Slide 4 

AfricaCERT Training

Ibis - Training room 1

Coffee break

Novotel - Plenary room

Coffee break

Novotel - Training room 1

Coffee break

Novotel - Meeting Room 1

Coffee break

Ibis - Training room 1

AfGWG

Novotel - Plenary room

The AFRINIC Government Working Group (AfGWG) was set up at the initiative of AFRINIC to work with African governments and regulators to address general internet governance challenges in Africa.

• 11:00 -11:20 Adiel Akplogan AFRINIC Introduction 
• 11:20 -11:50 Ernest Byaruhanga AFRINIC Policy update |
• 11:50 - 12:10 Jean Robert Hountomey Our Role In The African Internet Ecosystem |
• 12:10 -12:30 Open mic/Wrap – up

FIRE Workshop (Closed session)

Novotel - Meeting Room 1

Agenda

Presentation slide 2

Slide 1

Slide 2

Slide 3

Slide 4 

AfricaCERT Training

Ibis - Training room 1

Lunch break

Novotel - Plenary room

Lunch break

Novotel - Training room 1

Lunch break

Novotel - Meeting Room 1

Lunch break

Ibis - Training room 1

Cybersecurity session

Novotel - Plenary room

• 14:00 - 14:20 Valdes Nzalli Penetration de l”Internet en Afrique |
• 14:20 - 14:40 Valdes Nzalli  Etude statistique d’un mois de vulnerabilities en Afrique |
• 14:40 - 15:00 Questions and Answers

Sponsors presentations

• 15:00 - 15:15 MTN Presentation |
• 15:15 - 15:30 Wire+ |

IPv6 For Managers

Novotel - Training room 1

IPv6 For Managers

Introduction

The IPv6 for Managers module aims to close the knowledge gap and give advice to business executives on how to evaluate IPv6 strategically as well as support their technical people in deploying it.

Target audience

• Executives and managers
• Government regulators
• IT advisors to government officials

Pre-requisites

• An open mind
• A willingness to keep your organisation technologically relevant 

Read more on this module on our dedicated Training websiteTraining website. 

FIRE Workshop (Closed session)

Novotel - Meeting Room 1

Agenda

Presenter slide 2

AfricaCERT Training

Ibis - Training room 1

Coffee break

Novotel - Plenary room

Coffee break

Novotel - Training room 1

Coffee break

Novotel - Meeting Room 1

Coffee break

Ibis - Training room 1

Cybersecurity session

Novotel - Plenary room

• 16:00 - 16:20  Valdes Nzalli  Internet et vie privée: Analyses des comportements en Afrique après PRISM |
• 16:20 - 16:50  Stephane Konan Cybercriminalité |

IPv6 For Managers

Novotel - Training room 1

IPv6 For Managers

Introduction

The IPv6 for Managers module aims to close the knowledge gap and give advice to business executives on how to evaluate IPv6 strategically as well as support their technical people in deploying it.

Target audience

• Executives and managers
• Government regulators
• IT advisors to government officials

Pre-requisites

• An open mind
• A willingness to keep your organisation technologically relevant 

Read more on this module on our dedicated Training websiteTraining website. 

FIRE Workshop (Closed session)

Novotel - Meeting Room 1

Agenda

Presenter slide 2

AfricaCERT Training

Ibis - Training room 1

Welcome Cocktail

Novotel - Plenary room

Dress code: Casual smart

Welcome Cocktail

Novotel - Training room 1

Dress code: Casual smart

Welcome Cocktail

Novotel - Meeting Room 1

Dress code: Casual smart

IPv6 Session

Novotel - Plenary room

• 9:00 - 9:30 Ahmed SAKO - Projet National de  déploiement de l’IPv6 |
• 9:30 -10:00 Jan Zorz - RIPE-501 and RIPE-554 The story |

FIRE Workshop (Closed Session)

Novotel - Meeting Room 1

FIRE Workshop

Agenda

Agenda

Slide 1

Slide 2

Slide 3

Slide 4 

Joint Event with Asia Pacific Incident Response and Security Teams

Ibis - Training room 1

CSIRT training for technical staff: advanced network monitoring. This is a one-day workshop focusing on advance web security.

Description                                                                                                                      

This is a one-day workshop focusing on advance web security.

Course

Network Monitoring and Traffic Analysis (Advanced)

Network monitoring is one of the ways to understand what is happening within the network. This session will cover the basic knowledge of network monitoring and issues that we should know (Ex: legal issues, privacy issues, encryption, covert channel, etc.). This training course provide participants hands-on experience on analysing traffic generated by malware, botnet and other malicious tools.

Best current pratices

Novotel - Plenary room

Coffee break

Novotel - Plenary room

Coffee break

Novotel - Meeting Room 1

Coffee break

Ibis - Training room 1

AFRINIC Infrastructure: Anycast and root server copy, RPKI, DNSSEC

Novotel - Plenary room

• Alain Aina - RPKI and DNSSEC 
• Nishal Goburdhan -  Anycast in the AFRINIC service regio  

FIRE Workshop (Closed Session)

Novotel - Meeting Room 1

FIRE Workshop

Joint Event with Asia Pacific Incident Response and Security Teams

Ibis - Training room 1

CSIRT training for technical staff: advanced network monitoring. This is a one-day workshop focusing on advance web security.

Description                                                                                                                      

This is a one-day workshop focusing on advance web security.

Course

Network Monitoring and Traffic Analysis (Advanced)

Network monitoring is one of the ways to understand what is happening within the network. This session will cover the basic knowledge of network monitoring and issues that we should know (Ex: legal issues, privacy issues, encryption, covert channel, etc.). This training course provide participants hands-on experience on analysing traffic generated by malware, botnet and other malicious tools.

Lunch break

Novotel - Plenary room

Lunch break

Novotel - Meeting Room 1

Lunch break

Ibis - Training room 1

Internet Access and Connectivity

Novotel - Plenary room

• 13:30 -13:45 Coppens Pasteur: Ndayiragije Broadband deployment, Access and Transport Technologies | 
• 13:45 -14:00 Hyacinthe Nzigou: A wimax solution for an efficient public administration| 
• 14:00 -14:15 Jan Zorz: BCPOP updates and results from around the world | 
• 14:15 - 14:30 Emile Aben: RIPE Atlas update | 
• 14:40 -15:00 Questions and Answers

FIRE Workshop (Closed Session)

Novotel - Meeting Room 1

FIRE Workshop

Slide 1

Slide 2

Slide 3

Slide 4 

Joint Event with Asia Pacific Incident Response and Security Teams

Ibis - Training room 1

CSIRT training for technical staff: advanced network monitoring. This is a one-day workshop focusing on advance web security.

Description                                                                                                                      

This is a one-day workshop focusing on advance web security.

Course

Network Monitoring and Traffic Analysis (Advanced)

Network monitoring is one of the ways to understand what is happening within the network. This session will cover the basic knowledge of network monitoring and issues that we should know (Ex: legal issues, privacy issues, encryption, covert channel, etc.). This training course provide participants hands-on experience on analysing traffic generated by malware, botnet and other malicious tools.

Coffee break

Novotel - Plenary room

Coffee break

Novotel - Meeting Room 1

Cyber security

Novotel - Plenary room

• 15:30 -16:00 Benoit Morel - AfricaCERT is needed by the rest of the world 

FIRE Workshop (Closed Session)

Novotel - Meeting Room 1

FIRE Workshop

Slide 1

Slide 2

Slide 3

Slide 4 

Coffee break

Ibis - Training room 1

Joint Event with Asia Pacific Incident Response and Security Teams

Ibis - Training room 1

CSIRT training for technical staff: advanced network monitoring. This is a one-day workshop focusing on advance web security.

Description                                                                                                                      

This is a one-day workshop focusing on advance web security.

Course

Network Monitoring and Traffic Analysis (Advanced)

Network monitoring is one of the ways to understand what is happening within the network. This session will cover the basic knowledge of network monitoring and issues that we should know (Ex: legal issues, privacy issues, encryption, covert channel, etc.). This training course provide participants hands-on experience on analysing traffic generated by malware, botnet and other malicious tools.

Chad ICT updates

Novotel - Plenary room

• 16:30 – 17:00 - Chad ICT updates - 

BoF on BCOP

Novotel - Plenary room

AfricaCERT Cybersecurity Day

Novotel - Plenary room

The Computer Security Incident Response Team (CSIRT) training course aims to develop the knowledge and skills of staff members of a CSIRT or those interested in joining such a team, or involved in creating such a team.

Pre-requisites 

Trainees are typically experienced system, network or IT managers (Interested persons from other backgrounds are welcome to contact the organisers to discuss the suitability of the course for them). They are expected to have an awareness of the security issues involved in connecting computers to the Internet. They must be committed to using their skills to improve the security of computers and networks. For the technical side of the course, familiarity with the normal operation of TCP/IP networks, addresses, port numbers and protocols will be assumed.

The following modules are covered:

CSIRT Organization

Describes how CSIRTs fit into their organisations: planning the CSIRT, defining the constituency of the team and gaining management authority for it, deciding the services the team will offer, working with those outside the organisation, staffing the CSIRT, funding. Participants will discuss their own organisation and how their team fits into it.

Technical Introduction

A basic introduction to the main attack vectors that malicious parties use to attack systems: intruders and their motivations, botnets, network protocols and how they can be abused, operating systems and services, types of vulnerability, information gathering, breaking in, hiding traces, denial-of-service attacks.

 CSIRT Operations 

Describes the facilities, systems and tools needed by CSIRTs to operate successfully: housing the CSIRT, equipment, e-mail, remote access, information and contacts, servers and networks, incident response plans and procedures, tracking systems. As an exercise participants will discuss and develop incident response plans for their own teams.

Legal Issues

 A high level overview of the areas of legislation that are likely to affect CSIRTs in their work and that team members need to be aware of: origins of computer legislation, problems, data protection, computer misuse, working with law enforcement, monitoring, evidence, European developments.

Coffee break

Novotel - Plenary room

AfricaCERT Cybersecurity Day

Novotel - Plenary room

Lunch break

Novotel - Plenary room

AfricaCERT Cybersecurity Day

Novotel - Plenary room

Coffee break

Novotel - Plenary room

AfricaCERT Cybersecurity Day

Novotel - Plenary room

New Comers Session

Novotel - Plenary room

•  Anne-Rachel Inné :

Official Opening

Novotel - Plenary room

Coffee break

Novotel - Plenary room

RIR Global Updates

Novotel - Plenary room

Element Selection

• 11:30 - 11:45 - Adiel Akplogan - NRO and ASO updates |  
• 11:45 - 11:55 - Tuan Nguyen - APNIC updates |  
• 12:05-12:15 - Kevin Blumberg -  ARIN updates |  
• 12:15-12:25 - Sergio Rojas -  Lacnic updates |
• 12:25-12:35 - Kaveh Ranjbar -  RIPE NCC update |  
• 12:35-12:45 - Pierre Dandjinou -  ICANN update |  
• 12:45-12:55 - Leo Vegoda -  IANA update |  

Lunch break

Novotel - Plenary room

Création de contenus pour une identité numérique africaine

Novotel - Plenary room

• Mireille Houndji |

History of Internet in Africa

Novotel - Plenary room

• Michuki Mwangi |

Policy Discussion

Novotel - Plenary room

• Seun Ojedeji & Emile Milandou -PDWG co-chairs |

Coffee break

Novotel - Plenary room

Policy Discussion

Novotel - Plenary room

   NRO NC Elections

Gala Dinner: The Gala Dinner will be held at the hotel LE WAFOU

Novotel - Plenary room

The Gala Dinner will be held at the hotel LE WAFOU. The organising committee will provide for pick-ups at several hotels within the Plateau region. We shall communicate more on this during the conference.

Dress code: Casual smart

Corporate and Service Updates

Novotel - Plenary room

• 9:00-9:25   Adiel A Akplogan  Corporate Updates|
• 9:25-9:50   Patrisse Deessee  Finance  Department update |
• 9:50-10:15  Anne-Rachel Inne  Communications Department update |

Coffee break

Novotel - Plenary room

Corporate and Service Updates

Novotel - Plenary room

• 11:00-11:25 - Neriah Sossou T and Engineering  report |
• 11:25-11:50 - Arthur  Cardinal  Member Services update |
• 11:50-12:15 - Madhvi G okool  Registration Services Update |
• 12:15-12:40 - Anne-Rachel Inne FIRE updates |

Lunch break

Novotel - Plenary room

Open Policy discussion session

Novotel - Plenary room

Coffee break

Novotel - Plenary room

AFRINIC Open Mic and Closing Ceremony

Novotel - Plenary room