Tue. Sep 17th, 2024

LEARN Elevating Network Security Expertise in Sri Lanka Alongside APNIC and TEIN*CC 

The Lanka Education and Research Network (LEARN), working alongside its regional partners, recently co-organised a comprehensive Workshop on Network Security to enhance the skills and knowledge of professionals in network engineering. Over 50 participants from several LEARN member institutions graced the event for five days of learning and awareness on best practices; and seized the opportunity to foster collaboration amongst each other. The workshop took place from the 13th to the 17th of May at the Information Technology Center, University of Peradeniya. 

The workshop was organised collaboratively with expert trainers from the Asia Pacific Network Information Center (APNIC). These expert trainers were Senior Network Analyst / Technical Trainer at APNIC, Warren Finch, alongside Manager – IT Converged Charging at Dialog Axiata PLC and Community Trainer at APNIC, Subhashini Kadurugasyaya. For the unfamiliar, APNIC is an integral organisation to the global operation of the internet. As part of the Number Resource Organization, it manages and allocates IP addresses and AS numbers in the Asia-Pacific region. APNIC is also one of the world’s five Regional Internet Registries (RIRs) and helps ensure the stability and security of the Internet through training programmes and resources. 

The workshop was also sponsored by TEIN*CC, a not-for-profit entity supporting the management of the regional Research and Education Network TEIN and other related activities under the Asi@Connect project. It aims to drive the development of dedicated high-capacity internet connectivity for academic institutions across the region. Through the combined efforts of these different entities, LEARN was able to enhance the skills of the professionals responsible for ensuring the security of critical networks that academics across Sri Lanka rely on daily to advance their research. 

Overview of the Insights Gathered from the Workshop

Daily proceedings of the workshop were composed of 3 or 4 sessions, focused on a single aspect related to Network Security. Some of the sessions were also combined to provide the participants with greater engagement with the comprehensive information being delivered. Each session included practical tasks from available online resources to enhance the workshop series. 

Day 1: Introducing Network Security, LINUX OS, and Device Security

Warren Finch – Senior Network Analyst / Technical Trainer at APNIC, conducting a session at the Network Security Workshop

The first day of the event took the participants through an overview of information security basics; covering risks, security layers, and system defence protocols. This session also included insights on some of the common attacks against the CIA through Denial of Services (DoS) and Distributed Denial of Services (DDoS), as well as countermeasure mechanisms via confidentiality, integrity, and availability of data. Later in the day, the fundamentals of Linux operating systems were presented, with an emphasis on directory structure, users and groups, as well as ownerships and permissions of the system. The technicalities of bash scripts, CRON task schedules, and the use of manual pages were also covered in this introductory session. Finally, the inaugural day concluded with a session on device security, exploring device access control, management plane filters, and best practices for secure access. Filtering is also a key aspect of security, as covered comprehensively through the delivery of filtering deployment considerations, recommendations, and ingress filtering techniques during the final session for the day.

Day 2: Introduction to Penetration Testing and Packet Analysis

Vulnerability assessment, penetration testing, and packet analysis were the key themes of the second day of the workshop. During the first session, participants were taken through the legal frameworks of penetration testing, post-pentest reports, attack life cycles, and the security tools and measures deployed during the testing. Following this, an overview of the protocols used in packet analysis, along with its tools and strategies, as well as introductions to packet capturing and encrypted traffic, were shared during the second session of the day. The session also included a virtual lab session on signature and session analysis and exercises that followed on Wireshark to ensure participants were fluent with the content presented at the session.

Day 3: Intrusion Detection Systems and Packet Analysis for Network Security

Subhashini Kadurugasyaya Manager – IT Converged Charging at Dialog Axiata PLC and Community Trainer at APNIC and Warren supporting the participants of the Network Security Workshop

The third day started with Intrusion Detection Sessions (IDS), involving an overview of the types of detection schemes before diving deeper into SNORT and Suricata systems. The session shed light on the rules and rule actions before taking the class through example rules made available to participants via GitHub. The second session for the day demonstrated packet analysis for network security. This comprised topics covering attack frameworks, detection analysis techniques, and available open-source software (FOSS) and ended with an overview of the security onion and demos on Squert, Sguil, Wireshark, and Netminer. 

Day 4: Security Monitoring, Wazuh Vuln, and Honeypots

The fourth day of the workshop consisted almost entirely of security monitoring and analysis exercises and familiarisation with Wazuh Vuln scan offline and other commands. Out of the 4 planned sessions for the day, participants spent the first 3 engaged in these hands-on activities for vulnerability detection. The last session of the day introduced honeypots, which are resources whose values lie in the unauthorised or illicit use of the resource. Detection and Deception of Honeypots were the two key themes of the presentation, with an insight into the APNIC Community Honeypot project towards the latter stage. 

Day 5: Log Management, Capture the Flag, and Closing 

Following the conclusion of the workshop, participants were presented with certificates of participation

On the final day of the workshop, the first session presented various aspects of log management – the process, centralised management, syslog ports, and logging levels and facilities. Moreover, details on common centralised syslog servers such as Syslog-ng, Rsyslog, Graylog, and others were shared as part of the session before being followed by lab modules on the same. The third and fourth sessions of the day were a Capture the Flag challenge and Q&A discussions, respectively. As the final item on the workshop’s agenda, the fourth session also included the final closing of a successful 5 days of learning and engagement. 

The Importance of Advancing Cybersecurity Knowledge

The LEARN team alongside the APNIC trainers following the successful conclusion of the network security workshop

The Workshop on Network Security, organised by LEARN in collaboration with APNIC and partly sponsored by TEIN*CC, showcases their commitment to ensuring the security of critical academic networking infrastructure by investing in the professional development of the IT professionals who manage these networks. By facilitating such opportunities, LEARN enables IT professionals at its member institutes to stay ahead of emerging threats and effectively implement robust network security measures. Moreover, the collaboration with APNIC supported by TEIN*CC allowed this opportunity to benefit a large pool of participants while bringing diverse international perspectives from international trainers. Thus ensuring the continued safety of critical networking infrastructure that connects Sri Lankan academics with the world. 

By Arteculate

Arteculate is your guide to the Asian tech industry. We give you unparalleled insights, accurate, local tech news, thoughtful features and sometimes scathing opinions on where things are headed. Stay tuned for the best of Asia!

Related Post