[afnog] AfricaCERT Tutorials at the Africa Internet Summit

Wed Sep 6 02:08:32 UTC 2023

Greetings Colleagues,

Kindly find below our Tutorials during the Africa Internet Summit. Registration is open to all.
We are grateful to EGCERT, ICANN, and M3AAWG for the training program
Kindly register at https://2023.internetsummit.africa/ or contact the AIS Secretariat to receive meeting links.

(Note: These tutorials will be online, and registration links differ for EGCERT Training, ICANN Training, and DDOS Training). You must register to each training if you want to attend all of them.

19 - September. EGCERT Training: Incident Response 101.
Time: 9 - 12 AM UTC
Brief Description: During this session, we will learn more about incident response and dive deeper into some artifact types and how to analyze them.

20- September. EGCERT Training: Forensic 101
Time: 9 - 12 AM UTC
Brief Description: In this Workshop, we will analyze the operating systems as Windows forensics and the critical artifacts an investigator can obtain from the investigation process.

21- September: ICANN Training
Time: 9 - 12 AM UTC

Brief Description: DNS Prevention, Detection, Disruption, and Defense (Course for National Incident Response Teams and Security Teams)

The training on DNS: Prevention, Detection, Disruption and Defense offers a comprehensive introduction from a basic to an advanced level on how adversaries abuse and leverage the Domain Name System and domain registration services to carry out different types of attacks.

Looking at both the technical aspect of the domain resolution process to the lifecycle of domain names, with a focus on the vulnerabilities in the processes and systems, participants in the training will gain an understanding on how they can prevent the malicious activity, detect and disrupt it, as well as defend their specific constituencies.

22- September : M3AAWG/AF-AAWG DDOS Workshop
Time: 12:00 PM - 3 PM UTC

• DDoS Resiliency Preparation Mini-Workshop
12:00 UTC to 14:00 UTC / 7:00 AM PDT.  
Barry Raveendran Greene

Abstract:
ALL NETWORKS NEED A ROBUST DDOS SECURITY/RESILENCY ARCHITECTURE!

Most networks do not have a DDoS Security/Resiliency architecture. They do not have a DDoS Incident playbook. They do not have meaningful “DDoS Security Conversations” with their Internet, cloud, IXP, and edge providers. 

When they have a DDoS plan, they do not think of conversations with their supply chain and business partners, opening the side doors of business risk. 

This mini-workshop will use a 9-part DDoS Preparation Playbook to walk through the essentials. We will teach the essential concepts within the framework of a DDoS Preparation Playbook.

Why start with a DDoS Preparation Playbook? The DDoS Preparation Playbook focuses on action and preparation. All participants can use the DDoS Playbook in their organization to start their preparations and be ready for the next DDoS Attack. 

What will be covered? 
The DDoS Preparation Playbook will cover 9 areas that have proven to decrease the business risk of DDoS. These are based on decades of DDoS Incident Response and Architecture work. 

① Anticipate these Single Points of Failure
② Verify your ISP’s DDoS Protection Capability
③ Don’t Overestimate your Infrastructure
④ Identify What you Need to Protect the Business
⑤ Identify Acceptable Time to Mitigation
⑥ Proactively Deploy a DDoS Protection Service 
⑦ Develop a DDoS Response Runbook (Playbook)
⑧ Ensure Operational Readiness
⑨ Collaboration for Impact

•DDoS Detection and Mitigation
14:00 – 15:00 
Rich A Compton (M3AAWG DDOS SIG Chair).

Abstract:
This presentation is about DDoS attacks for engineers working at ISPs, hosting, or similar companies.  The most common and latest types of DDoS attacks will be discussed.  It will describe how engineers can use tools like Netflow to detect and mitigate DDoS attacks.  Best practices will also be discussed, such as preventing DDoS attacks from affecting networks and reducing your customers and infrastructure from being used by attackers for sending out DDoS traffic, using up your resources.

Thanks and Regards.

AfricaCERT Secretariat.