Security tutorial

4 September 2006


Understanding security threats and implementing effective security measures are key factors in ensuring network infrastructure reliability and integrity. Such measures need to be implemented on both an individual device level (server or host) and as part of the network design, configuration and implementation.

This tutorial will consider the latest threats and discuss best current practices for addressing many of these risks. Specific attention will be given to securing network infrastructure devices, common filtering practices, effective logging practices, routing protocol security issues, and mechanisms to mitigate damage from Distributed Denial of Service (DDoS) attacks.

Intended audience

The tutorial is targeted at network administrators and engineers responsible for implementing network security within an organisation, as well as anyone with an interest in system security implementation strategy.

Morning: Sessions 1 & 2 (180min)

Speaker: Gaurab Raj Upadhaya and Merike Kaeo

Presentation Session 1 [pdf], Session 2 [pdf]

Host-based security

  • FreeBSD as an OS for ISPs
  • Securing FreeBSD installations
  • Network monitoring tools such as
    • tcpdump, ntop, nmap, nessus, netflow
  • Building Firewalls using IPFW
  • Snort IDS
  • IPSEC in FreeBSD
  • Web server security
  • Using Tacacs for authentication and authorization of network devices
  • Using OpenLDAP for system authentication

Afternoon: Sessions 3 & 4 (180min)

Speaker: Merike Kaeo

Presentation [pdf]

Network-based security

This session will focus on current ISP security best practice and will discuss the current methods used by various large ISPs to secure their infrastructures. Devices with new capabilities used to provide additional protection against intrusions and/or malicious behaviour will also be considered.

Topics covered will include:

  • Physical security
  • In-band/out-of-band management
  • Data traffic
  • Routing control plane
  • Software upgrades/configuration integrity
  • Logging considerations
  • Filtering considerations
  • DoS tracking/tracing