Introduction To Secure Registry Operations for ccTLDs Hervey Allen Chris Evans Phil Regnauld...
-
Upload
lewis-jenkins -
Category
Documents
-
view
218 -
download
1
Transcript of Introduction To Secure Registry Operations for ccTLDs Hervey Allen Chris Evans Phil Regnauld...
Introduction ToSecure Registry Operations for ccTLDs
Hervey AllenChris Evans
Phil Regnauld
September 3 – 4, 2009Santiago, Chile
Welcome
Thank you!• LACTLD, NIC-Chile, NSRC, ISOC & ICANN• Mr. Erick Iriarte-Ahon• Mr. Fermin Uribe-Echevarria
2
Who we are …
3
• Chris Evans, CEHDelta Risk, [email protected]
Contingency Planning & Risk Assessment
Plan Reviews
Technical Training
Exercise Planning & Execution
Who we are …
4
Hervey AllenNetwork Startup Resource Center (NSRC)[email protected]
A non-profit activity:…that has worked since the late 1980s to help develop and deploy networking technology in various projects throughout Asia/Pacific, Africa, Latin America and the Caribbean, the Middle East, and the New Independent States
A non-profit activity:…that has worked since the late 1980s to help develop and deploy networking technology in various projects throughout Asia/Pacific, Africa, Latin America and the Caribbean, the Middle East, and the New Independent States
Some main focus areas:•Develop/deploy Internet infrastructure in R&E nets • Provide tech information & tools to network operators •Provide direct network engineering & design assistance •Help organize regional training workshops and centers •Coordinate donations and shipments of networking books and equipment •Help develop Internet eXchange points •Help build wireless networks •Maintain a historical archive of Internet connectivity
Some main focus areas:•Develop/deploy Internet infrastructure in R&E nets • Provide tech information & tools to network operators •Provide direct network engineering & design assistance •Help organize regional training workshops and centers •Coordinate donations and shipments of networking books and equipment •Help develop Internet eXchange points •Help build wireless networks •Maintain a historical archive of Internet connectivity
Who we are …
5
• Phil RegnauldNSRC, bluepipe A/[email protected]
A Small Company Specializing in:• Core Network Services• Network Monitoring
www.bluepipe.dk
Introductions
• Name?• Where are you from?• Organization or activity?• Duties or responsibilities?• Any experiences with security operations?
6
Administrivia
• Ensure you:– Update your contact information on the roster– Provide feedback on the course
• During the course:– Ask questions when you have them – no need to wait– Your experiences are valuable – please share them– Schedule is mostly flexible
• Course Materials– Available electronically on the course wiki (192.168.75.20)
• Course Support Network– You should be wired in and ready to go!
7
Course Agenda
• September 3, 200909:00 – 18:30– 09:00 Welcome & Introduction– 09:30 Block I: Introduction to Course Architecture– 10:45 Coffee Break– 11:00 Block II: Secure Operations Framework – 12:00 Lunch– 13:00 Block III: Cyber Attack Scenario Overview– 13:30 Monitor, Detect, Analyze, Respond, Recover #1 & #2– 15:30 Tea Break– 16:30 Monitor, Detect, Analyze, Respond, Recover #3– 18:30 Questions, Discussions, End of Day Wrap-up
8
Course Agenda
• September 4, 200909:00 – 18:30– 09:00 NAGIOS Monitoring Framework– 10:30 Coffee Break– 12:00 Lunch– 13:00 Monitor, Detect, Analyze, Respond, Recover #5 & #6– 15:45 Tea Break– 16:00 Mitigation Strategies– 18:00 Questions, Discussions, End of Course Wrap-up– 18:30 Course Critique
9
Course Agenda
• Some Thoughts Before We Begin:– This course is ambitious in what we hope to cover– We can re-arrange the schedule as needed, but
we only have two days!
10
This course …
• Is an Introduction to Secure Operations• Will be expanded into a three day course• Will be integrated into a three course
program to train ccTLD registry operators
11
Initial
Registry
Operation
s
Advanced
Registry
Operation
s
Secure
Registry
Operation
s
Philosophy…
• This course attempts to inform you about securing your operations through monitoring and effective response.
• You operate highly visible services, and you will likely see some sort of attack on your operation, but not necessarily the ones demonstrated here.
• The attacks and concepts described herein may sound like the “Sky is Falling”, but it not intended to be FUD, but promote awareness!
• Reality Check – YOU must determine the biggest threats to your operations and YOU must determine how you will respond to those threats. YOU are the only one that can make that risk decision– See the Attack and Contingency Response Planning Workshop for Assistance
12
FUD – Fear, Uncertainty, Doubt
© Disney
Please tell us …
• Course– Is this helpful?– How can we make it better?
• What would you like to see more of?• What would you like to see less of?
– There is a feedback form on the wiki!
• Security Issues or Concerns
13
QUESTIONS BEFORE WE BEGIN…?
14
?