NZNOG09 Tutorials
Four tutorials will run in parallel on the Wednesday. Participants will be free to move between tutorials on the day, however if space becomes an issue preference will be given to those attending the tutorial they indicated in their registration.
Tutorial: System Administrators Miniconf Facilitators: Ewen McNeill, Simon Lyall The mini-conference's focus is on "Layer 7" issues to do with network and ISP operations, including providing customer services (email, DNS, etc) The mini-conference's focus is on "Layer 7" issues to do with network and ISP operations, including providing customer services (email, DNS, etc) and provisioning and management topics. A different format will be tried this year and have a few BoF-style sessions on various ISP systems/network management topics, each with a brief introductory talk followed by an extended discussion period (10-30 minutes depending on interest in the topic). To date we have had suggested: - configuration automation (puppet, cfengine, and friends) - scaling network monitoring (eg, distributed nagios) - virtualisation (VMWare ESX, etc) - ENUM
Tutorial: DNS/DNSSEC Deployment Tutors: Bill Manning (ISI), Sam Sargeant, Jonny Martin (PCH) This tutorial will give operators a full picture of the domain name system (DNS), from first principles through to setup of the latest security extensions. Topics covered: - Basic outline of DNS - Setup of an authoritative and recursive name server - Registration of domains - Best-practice recommendations - Troubleshooting tools - Anycast deployment - DNS Security issues - Setup of DNSSEC extensions - DNS and IPv6 - Dynamic DNS Attendees need no prior experience with DNS, although intermediate Unix skills are required.
Tutorial: Security Tutors: APNIC training team / Tean Cymru CSI on the Internet - Anatomy of a network attack, network forensics, network attack and defense. This tutorial will look at the nature and structure of network attacks and the tools, actions and processes that can be used to identify and respond to such attacks. A brief overview examining the anatomy of an attack and the creation of botnets will be presented and the motivation that drives such on-line malicious activity, the type of tools that are used in modern attacks, who is behind these and the impact they have will be discussed. Identifying attack streams and understanding the nature of TCP/IP traffic will be discussed through the use of Wireshark, fprobe, nfsen and nfdump. Darknets and their operation and contribution to combating malicious network activity will be considered. As a practical, hands-on exercises, participants will be able to simulate a network attack and response scenario by trying to penetrate a remote network while at the same time protecting their own network from attack. This will be done using the tools and techniques discussed earlier and by remotely accessing either a virtual network topology or a real network running in the APNIC training lab. All engineers and operators concerned with network security and interested in gaining an understanding of the threats they face and how to mitigate these should attend.
Tutorial: IPv6 Tutors: Nathan Ward (Braintrust), Philip Smith (Cisco) IPv6 in production is taking place now in a number of networks. This full day tutorial will cover off most of the gotchas and give some useful ideas and strategies for deploying IPv6 in to your network. The various stages of deployment will be covered, as well as what you can do right now to improve IPv6 performance for your end users. Topics covered: - History of IPv6 - IPv6 design and addressing - Transition and IPv4/IPv6 - IPv6 and DNS - IPv6 neighbour discovery - IPv6 stateless auto-configuration - Address selection - IPv6 and DNS - Applications - Configuring IPv6 on your machines |
