So, after an unfortunate amount of delay, we finally have a tentitive programme for the NZNOG (aka Big Geek Program) '04 conference. Despite our best efforts we still don't have all speakers confirmed but the confirmed speakers, topics and abstracts are all available from: http://www.nznog.org/programme.php Other major developments are the announcement of our primary sponsor and the addition of an extra workshop day to the conference schedule. We are pleased to announce that CityLink will be the conference's primary sponsor. I'm sure we are all already aware of the great work CityLink do for the NZ network scene through the operation of WIX and APE, and we would like to extend our thanks to them for their support of this conference. Also on the sponsorship front, we would like to thank Roger De Salis and FX networks for their sponsorship of a bartab for the night of the conference dinner. I'm sure that there will be plenty of us there to thank him in person on the night ! There are also a number of other sponsors who we don't have space to thank individually here, but we appreciate the support and it all helps us make the conference more enjoyable and informative for all. The conference has now been extended by placing a workshop/tutorial day on Wednesday the 28th, before the conference proper on the 29th and 30th. We have currently two workshops scheduled during the day, a full day APNIC training session and a half day "Wireless workshop". These sessions are available for no extra cost to anyone who registers for the main conference. More details on these workshops as we receive them are available from: http://www.nznog.org/workshops.php Earlybird registrations close on Janurary the 9th, so for many people there is less than two working weeks before the conference fee increases. There is still accomodation available on campus as detailed on the website. There are only a limited number of rooms available with an ethernet Internet connection provided, so if you want one of those, get in quick. As always, the latest and most complete information can be found on the conference website: http://www.nznog.org Any queries or problems relating to any of this can be forwarded to: info(a)nznog.org Cheers Jamie (on behalf of the NZNOG organising committee) ----------------------------------------------------------------------- Jamie Curtis email: jpc2(a)cs.waikato.ac.nz WAND Group Lab G1.03 phone +64 21 392 102 Computer Science Department, University of Waikato, New Zealand -----------------------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello Everyone, For those interesting in SP/ISP/ASP/Big Network Security, here's an FYI on some of the materials several of us have been pulling together for the community. Much of this is a segue to what I mentioned in the July's NZNOG presentation. All materials are public resources - available to anyone. Given that security incidents, worms, DDOS, and other nastiness are facts of networking life, keeping abreast of the latest security techniques and resources are worth the personal investment. All these materials will get updated as new techniques, tricks, and mitigation tools evolve. If you can only track one link, my recommendation would be http://www.cymru.com/. Team CYMRU is really rolling on new tools to track and whack infected/violated systems. Barry ========================================= SP/ISP/ASP/Big Network Security Materials Public On-Line ISP Security Bootcamp - Singapore Summer 2003 - ------------------------------------------------------------ http://www.getitmm.com/bootcampflash/launch.html Sign-On: http://palomar.getitmm.com/bootcamp/ Much of the materials presented in the ISP Security Bootcamp builds on and assumes a basic understanding of the principles in the ISP Essentials materials. This whitepaper is now a book - ISP Essentials which can be purchased through Cisco Press (http://www.ciscopress.com/) or through another on-line book store. The supplements for the book along with the tutorials, workshops, and bootcamps presented by Philip and I are at: ftp://ftp-eng.cisco.com/cons/ or http://www.ispbook.com TEAM CYMRU Templates and Tools - ------------------------------ Team CYMRU provides configuration templates, security templates, and other services to help make the Internet a safer place to network. These can be found at: http://www.cymru.com/ The Original Backscattered Traceback and Customer Triggered Remote Triggered Black Hole Techniques - ------------------------------------------------------------------------------------------------- UUNET Operations Security Team (now MCI) has been extremely generous in their willingness to share with the community new techniques that they are using to mitigate various flavors of attacks. The following links are from the 'source.' http://www.secsup.org/Tracking/ http://www.secsup.org/CustomerBlackHole/ What is a BOTNET? - ----------------- One of the best write ups is from a freeware tool gone commercial (I guess so they can scale). http://swatit.org/bots/index.html BGP 'Attack Tree' - Realities of BGP Security - ------------------------------------------- Cisco's CIAG Team moves beyond the armchair hypothesizing of BGP Security Risk and runs test again the industry's multiple implementations of BGP http://www.blackhat.com/presentations/bh-usa-03/bh-us-03-convery-franz.pdf NANOG ISP Security Seminars and Talks - ------------------------------------- The NANOG Coordination Committee actively works to product sessions and seminars to help foster security on the Internet. All sessions are taped and converted to VOD for all to use for their personal education. Over time, this effort has generated a valuable On-Line Tutorial for engineers and organizations seeking to learn more about running a more secure network. The core link to bookmark is: http://www.nanog.org/ispsecurity.html Details of the NANOG Security Tutorial Series include: Tutorial: Implementing a Secure Network Infrastructure (Part I) http://www.nanog.org/mtg-0310/kaeo.html Tutorial: ISP Security - Real World Techniques I - Remote Triggered Black Hole Filtering and Backscatter Traceback. http://www.nanog.org/mtg-0110/greene.html Tutorial: ISP Security - Real World Techniques II - Secure the CPE Edge http://www.nanog.org/mtg-0210/ispsecure.html Tutorial: ISP Security: Deploying and Using Sinkholes http://www.nanog.org/mtg-0306/sink.html Tutorial: Deploying IP Anycast http://www.nanog.org/mtg-0310/miller.html NANOG Security Sessions Watching Your Router Configurations and Detecting Those Exciting Little Changes http://www.nanog.org/mtg-0310/rancid.html Building a Web of Trust http://www.nanog.org/mtg-0310/abley.html The Relationship Between Network Security and Spam http://www.nanog.org/mtg-0310/spam.html Simple Router Security, What Every ISP Router Engineer Should Know and Practice http://www.nanog.org/mtg-0310/routersec.html Flawed Routers Flood University of Wisconsin Internet Time Server http://www.nanog.org/mtg-0310/plonka.html Trends in Denial of Service Attack Technology http://www.nanog.org/mtg-0110/cert.html Recent Internet Worms: Who Are the Victims, and How Good Are We at Getting the Word Out? ` http://www.nanog.org/mtg-0110/moore.html DoS Attacks in the Real World http://www.nanog.org/mtg-0110/irc.html Diversion & Sieving Techniques to Defeat DDoS http://www.nanog.org/mtg-0110/afek.html DNS Damage - Measurements at a Root Server http://www.nanog.org/mtg-0202/evi.html Protecting the BGP Routes to Top Level DNS Servers http://www.nanog.org/mtg-0206/bush.html BGP Security Update http://www.nanog.org/mtg-0206/barry.html Industry/Government Infrastructure Vulnerability Assessment: Background and Recommendations http://www.nanog.org/mtg-0206/avi.html A National Strategy to Secure Cyberspace http://www.nanog.org/mtg-0210/sachs.html How to 0wn the Internet in Your Spare Time http://www.nanog.org/mtg-0210/vern.html ISP Security BOF I http://www.nanog.org/mtg-0210/securebof.html The Spread of the Sapphire/Slammer Worm http://www.nanog.org/mtg-0302/weaver.html ISP Security BOF II http://www.nanog.org/mtg-0302/securebof.html The BGP TTL Security Hack http://www.nanog.org/mtg-0302/hack.html Security Considerations for Network Architecture http://www.nanog.org/mtg-0302/avi.html Lack of Priority Queuing on Route Processors Considered Harmful http://www.nanog.org/mtg-0302/gill.html Interception Technology: The Good, The Bad, and The Ugly! http://www.nanog.org/mtg-0306/schiller.html The NIAC Vulnerability Disclosure Framework and What It Might Mean to the ISP Community http://www.nanog.org/mtg-0306/duncan.html Inter-Provider Coordination for Real-Time Tracebacks http://www.nanog.org/mtg-0306/moriarity.html ISP Security BOF III http://www.nanog.org/mtg-0306/securitybof.html S-BGP/soBGP Panel: What Do We Really Need and How Do We Architect a Compromise to Get It? http://www.nanog.org/mtg-0306/sbgp.html BGP Vulnerability Testing: Separating Fact from FUD http://www.nanog.org/mtg-0306/franz.html BGP Attack Trees - Real World Examples http://www.nanog.org/mtg-0306/hares.html NRIC Best Practices for ISP Security http://www.nanog.org/mtg-0306/callon.html -----BEGIN PGP SIGNATURE----- Version: PGP 8.0 iQA/AwUBP+hzFr/UEA/xivvmEQK2bQCfcmaB2t3w4QnBsbR2QH4C10X0TnsAoJMe SQ1EmHYDr6gK6O+AUGlFpLTF =zbTP -----END PGP SIGNATURE-----
participants (2)
-
Barry Greene (bgreene) -
Jamie Curtis