The following application was submitted (UTC) on Thu, 03 Mar 11 21:47:10 +0000 Items with an '*' were required items in the application form. PERSONAL INFORMATION ==================== Family Name (Last name, Surname)*: Pwajok Full Name*: John Danboyi Pwajok Employer/Organization*: University of Jos, Nigeria Position/Title*: Network Administrator Business Address ---------------- Network and Internet Services, ICT Directorate, Bauchi Road Main Campus, Jos, Nigeria Business Phone: +2348034511583 Alternate Telephone: +2348095137653 Email*: pwajokj@unijos.edu.ng URL: www.unijos.edu.ng FAX: Date of Birth: 1968-08-04 Country of Residence*: Nigeria Passport Name: Pwajok John Danboyi Passport Number: A00891135 Passport Issuing Country: Nigeria Passport Issue Date: 2009-01-13 Passport Expiry Date: 2014-01-12 WORKSHOP SPECIFIC INFORMATION ============================= Workshop Applied For*: CT-E: CERT (Computer Emergency Response Team) Reason for Track Choice* ------------------------ Reverse Engineering and Penetration Testing Training. TECHNICAL SKILLS ================ Unix User?*: true How much have you used it? -------------------------- Am a daily user of UNIX and have participated actively in installing our Network Servers (CentOS, FreeBSD,Fedora and Solaris). I have installed and configured Mandriva Linux on my Laptop and Solaris 10 on my Office Desktop. Have you been a UNIX admin?*: true Describe your experience (length of time, versions, etc.) --------------------------------------------------------- Being a member of the Server team in the ICT Directorate of my University, I have been involved in managing our servers which run on Linux Operating Systems (CentOS, Free BSD, Fedora and Windows Server 2003) for a period of about Four (4) years now Have you used/administered TCP/IP nets?*: true Describe --------- I have configured and managed TCP/IP system for packets transmission and dynamic IP allocation via our DHCP server. Though in some instances for obvious reasons, the Servers and some nodes on our network are assigned static IP address. Have you set up and/or administered any of the following? Please give details Bind or any other Nameservers* ------------------------------ I have installed and configured a DNS Server to run address registration protocols to manage computers and other resources on our network. Mail Transport Agents (ex. Sendmail, Exim, Postfix, Qmail)* ----------------------------------------------------------- Have Installed and managing Mail Server is part of my current responsibilities, and configured SMTP for Sendmail. Currently, we have installed and configured Zimbra mail application and on the process of migration. Mailing List Managers (e.g. Majordomo or other list manager)* ------------------------------------------------------------- In configuring the Mail Server, aliases were created for certain groups within the University. There is also the Unijos Helpdesk Forum to get feedback from clients on our services and other queries. Web Systems/Servers (e.g. Apache, IIS or other web server)* ------------------------------------------------------------ Web applications are part of our services I have participated in the installation and configuration of the Unijos main Web Server with other team members synchronised with the Management Information System (MIS) Server running Apache. This gives very secured HTTP authentication and authorisation for web services such content compression, bandwidth throttling. Have you configured or otherwise managed any of the following? Please give details. Routers* -------- I have configured configured the routers to mange packets traffic from our LAN network to the Internet. On the CISCO router, using a serial cable to connect COM port of a terminal to the router console port, the COM port is selected and using the Hyperterminal the connection speed is set. Switches* --------- I have setup and configured the CISCO catalyst 2950. Our network is segmented into several VLANs for better performance of Internet/Intranet services where switches provides the trunking channel with the router for better Inter-VLAN communications. Network Monitoring Systems* ---------------------------- We the Bandwith Optimizer configured to monitor and manage the bandwidth usage. We have just installed and configured the SmoothWall Express, to serve in the first instant as a firewall to our network. This could perform other tasks like that of the DHCP server, DNS server, SIP proxy, Web proxy etc for reason of properly securing the network from attacks from within and outside. Network Operations Center (NOC)* -------------------------------- The University of Jos ICT Directorate does not have a structured NOC per say, but Data Centre runs NAGIOS application on one of the servers for reason of monitoring the network. The network deployment and management emanates from within and based on feedback from clients and monitoring software installed and configured in the Data center. CERT WORKSHOP APPLICANTS ONLY ============================= Which area of security interests you? ------------------------------------- Having taken training and done a Certification in Data Recovery (CCFE) and seen the different tricks adopted by hackers, I have developed a lot of interest in Reverse Engineering and Penetration Testing and wish for exposure training. What security interventions have you experienced? ------------------------------------------------- The typical scenario I have experienced is with our Network (The University of Jos)where some end users of our services have been using third party software to do heavy downloads and visit all sort of sites despite the security measures adopted to manage the limited bandwidth available to the institution. How do you intend to use the knowledge gained at the workshop? -------------------------------------------------------------- In incident response situations I realized my knowledge of computer forensics investigations alone cannot be completed accurately or thorough. Understanding runtime nature of binaries and vulnerabilities such as buffer overflows, use of customized Trojans that are not detected by antivirus which can only be analyzed and traced back to the original attacker via reverse engineering and, of course knowledge of hacking techniques will assist greatly in helping to secure the University network and any network. In incident response situations I realized my knowledge of computer forensics investigations alone cannot be completed accurately or thorough. Understanding runtime nature of binaries and vulnerabilities such as buffer overflows, use of customized Trojans that are not detected by antivirus which can only be analyzed and traced back to the original attacker via reverse engineering and, of course knowledge of hacking techniques will assist greatly in helping to secure the University network and any network. ROLE IN NATIONAL NETWORKING ACTIVITIES ====================================== A description of your current employer, your position, your duties and responsibilities, and how they relate to current and future data networking activities in your country* ----------------------------------------------------------------------- My employer, the University of Jos is an employer of about 4,000 staff (Teaching and non-teaching). I work in the Network and Internet Services of the ICT Directorate as a Network Administrator. I currently belong to 2 teams (Server team and Security team) where in the first instance we are saddled with the responsibilities of configuring, administer and manage all the University Intranet and Internet services. As the security team, we are saddled with the responsibilities of analyzing the trends in ICT visa viz the security challenges and, from time to time suggest solutions to those issues and where necessary, they are made a matter of policy. This, to a large extend applies to the wider society as opportunities come to contribute. A brief description of your computing and networking environment (operating systems, networking software, modems, etc.), including the connectivity of your organization to the Internet and your country's connectivity to the international Internet* ------------------------------------------------------------------------------------ The University of Jos is a multi-campus University with work stations (Desktops/Laptops) across the campuses running different versions of Windows and different flavours of Linux operating systems. The campuses are networked using a combination of Fibre-optic, cat5/6 wires and wireless systems depending on the location from the data center. Most Servers run the CentOS Linux, Nagios on FreeBSD, Request Tracker on Fedora and Library LMS on Solaris 10. The Sophos Antivrus Server however runs the Windows 2003 server. The University is linked to the International Internet usint Intelsat via a VSAT with Comtech 57PL Modem. Scope of your institution (check all categories that apply)* ------------------------------------------------------------ Academic Network Provider : Approximate number of full time staff at your institution* ---------------------------------------------------------- 4,000 How your training and current work prepare and qualify you for the track you wish to attend* -------------------------------------------------------------------------------------------- Being a member of the server team managing the Servers and services provided and a member of a special security team constituted with very clear mandate to analyse systems/networks/services security, draft a plan for Security policies,Provide advice and recommendations on implementing security best practices,Draft plan for routine security auditand come up with reports I see my myself well suited for this track. My interest is network services and security has made me very eager to want to learn and share the experiences of others across the continent and the globe as a whole. How you expect to use the knowledge you gain at the workshop after you return to your country* ---------------------------------------------------------------------------------------------- In this smart world where almost every facet of life has become competitive especially with the e-services, security has become paramount. With proper knowledge on how to secure your network the integrity of services provided can be well secured. So I hope to use the knowledge from the workshop to improve on the network security of the University of Jos and the country without compromising good service delivery. If you have previously attended AfNOG or INET Workshops for Developing Countries Year and track you attended --------------------------- 2009, SS-E: Scalable Internet Services A precise description of how you have used the training you have received in the past ------------------------------------------------------------------------------------- The NgNOG workshop I attended in 2006 on Unix System Administration AfNog in 2009 on Scalable Internet Services has broaden my knowledge in the IT industry greatly enhanced my productivity as far as my responsibilities and duties are concerned. We have installed and configured the Nagios and Request Tracker applications among other services. Of particular improvememnt is in the delivery of our web and mail services. The significant advances in networking which have occurred in your country specifically because of your knowledge and effort --------------------------------------------------------------------------------------- From collaborations so far, from within the University of Jos there is a great deal of improvement in our services like remote access to local resources. A wide range of people now have on their systems different flavours of Linux and windows installed on their PCs doing business at home and at work and, especially among the students. So there is actually some little but gradual shift from the traditional OS to the Open Source OS. This I believe is a result of the little work we do and share experiences in different fora that is propelling the wind of change across boundaries and will help in strengthening networking approaches. FINANCIAL INFORMATION ====================== Are you are requesting financial aid from the AfNOG Workshop for attending the workshop and meetings, or for travel costs?* ------------------------------------------------------------------------------ No financial assistance requested. REFEREES ======== First Referee* -------------- Mr. Silas Vem Director, ICT Directorate, University of Jos vemsj@unijos.edu.ng +2348037031274 Second Referee* --------------- Mr. Ishaku Anaobi Serer Team(Team Leader), Network and Internet Services ICT Directorate, University of Jos anaobii@unijos.edu.ng +2348037008529 END OF APPLICATION