SANOV VI IP Services Workshop Outline
Location: Thimphu, Bhutan (Royal Banquet Hall)
Organizers: South Asian Network Operators Group (SANOG) and
The Network Startup Resource Center (NSRC)
Primary Instructors: Sufi Faruq Ibne Abubakar, TM International (BD) Ltd, AKTEL
Hervey Allen, Network Startup Resource Center (NSRC)
Philip Hazel, University of Cambridge
Champika Wijayatunga, Asia Pacific NIC (APNIC)
Daily Time Schedule
Saturday
Morning (HA/CW)
-------
* Welcome to workshop (HA/CW)
* FreeBSD Materials
* Why we are using FreeBSD (HA)
* A FreeBSD Overview
- Note some differences from Linux
- FreeBSD Command Reference:
- Additional/Advanced topics based on class level
* Install FreeBSD (HA)
* Post-Install Exercises
- Include install of Gnome/KDE
- Additional exercises for those who want practice
* Cryptography overview (HA)
- [OpenOffice | pdf 1-up | pdf 4-up]
- symmetric ciphers, public/private keys,
hashing, integrity checks, key lengths,
digital signatures
Afternoon (HA/CW)
---------
* Security overview/review (HA)
- [OpenOffice | pdf 1-up | pdf 4-up | PowerPoint]
- Best practices
- FreeBSD specific steps
* Install and Scan with Nessus: [html | pdf] (HA)
- Sample Nessus report: 1 machine
- Sample Nessus report: subnet scan
- See if we can find security issues in our lab
* Review Securing What we Find (HA)
- Based on security scans take first steps to secure
- lockdown/reconfigure services
- Turn off services
- Update services
- Do we need a firewall? Discuss this.
* SSH Overview (HA)
- Review public/private key
- Importance of private key
- "man-in-the-middle" attacks
- Tunneling services
* SSH lab (HA)
- scp/sftp, including scp between two
remote servers.
- Login/scp without passwords
- Exectute commands
- Tunneling
Sunday
Morning (CW/HA)
-------
* DNS Materials
* DNS Concepts
* BIND Installation
- Install Bind
* Recursive Server
- Configure a recursive (caching) name server
- Configure domains on primary and secondary servers
* Troubleshooting
Afternoon (CW/HA)
---------
* Reverse DNS
- Reverse DNS lab
* RNDC & TSIG
- RNDC lab
- TSIG lab
- Modifying logging
Monday
Morning (CW/HA)
-------
* DNS Materials
* ACL and Views
- ACL and Views lab
* Secured Dynamic Updates
- Dynamic updates
Afernoon (SA/HA)
--------
* Squid overview (Proxy and cache services)
* Squid installation and initial configuration
- [pdf-1up | PowerPoint]
* Advanced Squid topics
- ACLs
- Delay pools
- Transparent proxies
* Overview of Digital Certificates/Apache with SSL (HA)
- [pdf-1up | pdf-4up | OpenOffice | PowerPoint]
* Install/configure Apache with SSL (HA)
- [html | pdf]
- Configure local ssl certificate
- Connect to web server using https
Tuesday
Morning (PH/HA)
-------
* Mail Materials
* Introduction to Email
* Installation of Exim MTA
- Initial Exim exercises
Afternoon (PH/HA)
---------
* Exim routing configuration
* Exim routing exercises
Wednesday
Morning (PH/HA)
-------
* Mail Materials
* Exim input/relay control and ACL's
* Exim input/relay control exercise for incoming email
* Dealing with unwanted email
- filtering, blacklists, filter by content
whitelists, viruses, unwanted bounces
(Joe Job problems)
* Scalability and performance tips for Exim
Afternoon (HA/PH)
---------
* Overview of Spamassassin (HA)
* Install Spamassassin (HA)
- How to use Spamassassin with Exim
* Overview of ClamAV (HA)
* Install ClamAV (HA)
- Send infected message to test functionality
* Configure Exim for maildirs
* Install Courier POP/IMAP server
* Install Sqwebmail
* Connect to POP/IMAP and Sqwebmail with ssl
* Workshop exam
- [html | pdf]
* Q&A
* Books and workshop certificates
* Close of workshop
Last modified: Tue Jul 19 14:35:34 BTT 2005