NZNOG Conference 2007

Brought to you by InternetNZ and WIC

• Welcome
• Important Info
• Streaming
• About NZNOG
• About NZNOG 08
• Sponsors
• Register Now
• Conference Speakers
• Tutorials
• Programme
• Accommodation
• Fellowships
• Contact

 

NZNOG 08 Wednesday Options

The following options are available on the tutorial day.  Spaces in some rooms is limited so be sure to book early to ensure you will be able to attend your preference of tutorials.  The registration page will be updated as tutorials start to fill up.

 

BGP

Philip Smith, Cisco.  Intermediate to advanced BGP and multihoming

slides

This part of the tutorial will look at intermediate to advanced BGP and multihoming techniques.  Philip has a wealth of BGP experience and material, the exact topics covered will in large part depend on the composition of attendees and what they specifically want to see.

Topics that will be covered will include:

• Techniques for design, set-up, and operation of a metropolitan, regional, or national ISP backbone network. This includes advanced BGP4 and complex network configurations.
• Techniques for the design, set-up, and operation of Internet Exchange Points.
• Techniques for multiple connections to the Internet (multihoming), including connections to IXPs, other ISPs and to Internet Transit providers.
• Techniques to achieve optimal performance and configuration from a Cisco backbone router.  This includes routing scalability, network design, and configuration tips.
  

Jamie Baddeley, FX Networks.  Constructing industrial strength ISP routing policy

This part of the tutorial will cover the construction of ISP routing policy. It focuses on how you can you use route maps and BGP community attributes to give you far greater control over your import and export peering policies as well as your IGP. This is an intermediate to advanced level tutorial, and assumes attendees are familiar with BGP.

It covers:

• Implementing a BGP remote triggered blackholing system to mitigate the impact of DoS attacks.
• Leveraging your routing policy to enable your multi-homed customers to implement global load sharing using BGP.
• Enabling your customers to implement differentiated shaping polices (i.e local/national/international) using BGP community attributes as an input to that.
• Using BGP community attributes as a management tool.
• Using BGP to turn your routers into an Indian Takeaway on Thursday Night if you miss curry.

Jamie is General Manager of Internet Services at FX Networks. Prior to that he worked for 6 years at BCL (now Kordia) and 6 years at Tait Electronics. He is also President of the Internet Service Providers Association of NZ, is also a councillor for InternetNZ and chairs their Technical Policy Committee. His lucky number is 3.

 

 

IPv6 Deployment

Nathan Ward, Braintrust Ltd.

slides

IPv6 in production is rapidly approaching, and in many places it's already there. This full day tutorial will cover off most of the gotchas and give some useful ideas and strategies for deploying IPv6 in to your network. We'll talk about various stages you can chose to go through, and we'll also talk about what you can do right now to improve IPv6 performance for your end users.

Nathan Ward has worked in the NZ Internet and IT industry for a number of years. He was worked for several NZ ISPs, one NZ telco by proxy, and one NZ network security box vendor. He has also done some time with a couple of small ISPs and VoIP providers in Africa.  He is active in the IPv6 community, and has been using IPv6 in anger for 4 or so years.

 

Security

APNIC and Team Cymru

Network Security tutorial:
CSI on the Internet
(Anatomy of a network attack,  network forensics, network attack and defense.)

This tutorial will look at the nature and structure of network attacks and the tools, actions and processes that can be used to identify and respond to such attacks.

A brief overview examining the anatomy of an attack and the creation of botnets will be presented and the motivation that drives such on-line malicious activity, the type of tools that are used in modern attacks, who is behind these and the impact they  have will be discussed.

Identifying attack streams and understanding the nature of TCP/IP traffic will be discussed through the use of Wireshark, fprobe, nfsen and nfdump. Darknets and their operation and contribution to combating malicious network activity will be considered.

As a practical, hands-on exercises, participants will be able to simulate a network attack and response scenario by trying to penetrate a remote network while at the same time protecting their own network from attack. This will be done using the tools and techniques discussed earlier and by remotely accessing either a virtual network topology or a real network running in the APNIC training lab.

All engineers and operators concerned with network security and interested in gaining an understanding of the threats they face and how to mitigate these should attend.

Ryan Connolly, Team Cymru

Since his initial forays into networking and software development in the early 1990's, most of Ryan Connolly's professional work has been focused on making computer and network systems more secure.  Over the years, Ryan's areas of concentration have included network security analysis, computer and network forensics, and software engineering for both large companies, such as Cisco Systems, and a wide variety of smaller ones. Most recently, Ryan has focused on providing security training, spreading awareness, and assisting with collaborative efforts in the service provider security community.  Ryan has worked for Team Cymru since 2005 and obtained a computer science degree from the University of Illinois at Urbana/Champaign in 2001.

Cecil Goldstein, APNIC

Cecil Goldstein is the Training Manager for APNIC.   Prior to this, Cecil was a lecturer in the Faculty of Information Technology at the Queensland University of Technology, focussing particularly on internetworking subjects.  He has been involved in Internet training and support from the initial AARNET days.

Cecil is responsible the development and management of APNIC’s training and education activities

 

Sysadmin Miniconf

As per NZNOG 2007, the Sysadmin Miniconf will again take place. 

The mini-conference's focus is on "Layer 7" issues to do with network and ISP operations, including providing customer services (email, DNS, etc) The mini-conference's focus is on "Layer 7" issues to do with network and ISP operations, including providing customer services (email, DNS, etc) and provisioning and management topics.

Possible Topics to be covered are:

• Email servers and spam filtering techniques
• DNS servers, registry systems
• server security and best sysadmin practices in an Internet provider environment
• VoIP servers
• network management / monitoring tools
• RADIUS/TACACS/LDAP
• Netflow, routing, and traffic analysis tools
• server tuning for high performance networking
• provisioning tools
• honeypots and other security techniques
• network based storage
• high availability and disaster recovery for network services
• virtual machine technology for network services
• *nix based routing and fire-walling
• tools you need that you may not know about

More details are available at the Miniconf site at http://nznog.miniconf.org/

 

 

---

---