https://bgp4all.com.au/pfs/ 2026-04-04T07:38:42+00:00 https://bgp4all.com.au/pfs/ https://bgp4all.com.au/pfs/_media/wiki/dokuwiki.svg text/html 2016-05-24T08:52:35+00:00 Anonymous (anonymous@undisclosed.example.com) https://bgp4all.com.au/pfs/training/itu-ipv6/0-setup?rev=1464079955&do=diff IPv6 Security Lab Objective Using a dual stack topology, this lab investigates securing the router and the routing infrastructure for the network. Lab Topology The initial lab topology sets up 6 autonomous systems, each with four routers. In each AS, one router is the border router (for connecting to transit providers), one router is the core router (representing the rest of the network operator’s core network), one router is a peering router (for connecting to private peers and IXPs), and o… text/html 2016-05-26T01:52:27+00:00 Anonymous (anonymous@undisclosed.example.com) https://bgp4all.com.au/pfs/training/itu-ipv6/1-routing?rev=1464227547&do=diff IPv6 Security Lab - Routing Setting up OSPF ---------- ### Dual stack OSPF in each AS In each AS configure OSPF routing. As we are running a dual stack network, we need to run OSPFv2 for IPv4 routes and OSPFv3 for IPv6 routes. This means setting up the OSPF process, marking text/html 2016-05-24T03:10:45+00:00 Anonymous (anonymous@undisclosed.example.com) https://bgp4all.com.au/pfs/training/itu-ipv6/2-securing-router?rev=1464059445&do=diff IPv6 Security Lab - Securing the Router Basic Best Practice ---------- ### Getting used to IPv6 show commands in IOS Try the following IPv6 show commands: show ipv6 interface show ipv6 neighbors show ipv6 route show ipv6 routers show ipv6 ospf neighbors show ipv6 ospf rib show ipv6 traffic show bgp ipv6 unicast summary show ipv6 ? text/html 2016-05-22T08:58:03+00:00 Anonymous (anonymous@undisclosed.example.com) https://bgp4all.com.au/pfs/training/itu-ipv6/3-traffic-filters?rev=1463907483&do=diff IPv6 Security Lab - Traffic Filters ### Configuring IPv6 Traffic Filters We now configure a traffic filter to only allow traffic from just your address block out of your network (this is BCP38 requirement). Note this configuration goes on the border text/html 2016-05-26T01:53:38+00:00 Anonymous (anonymous@undisclosed.example.com) https://bgp4all.com.au/pfs/training/itu-ipv6/4-routing-security?rev=1464227618&do=diff IPv6 Security Lab - Routing Protocol Security OSPF neighbour authentication ---------- ### Remove the packet filters from the previous examples We need OSPFv3 and BGP to work for the remainder of the lab, so we will remove the packet filters we installed in the previous exercise. Simply go to the interfaces where you defined the “traffic-filter” commands and remove those. Also delete the “ipv6 access-list” configurations for these two traffic filters text/html 2016-05-22T09:10:00+00:00 Anonymous (anonymous@undisclosed.example.com) https://bgp4all.com.au/pfs/training/itu-ipv6/5-netflow?rev=1463908200&do=diff IPv6 Security Lab - Netflow Exploring Netflow ---------- Netflow identifies anomalous and security-related network activity by tracking network flows. NetFlow data can be viewed and analysed via the command line interface (CLI), or the data can be exported to a commercial or freeware NetFlow collector for aggregation and analysis. NetFlow collectors, through long-term trending, can provide network behaviour and usage analysis. NetFlow functions by performing analysis on specific attributes … text/html 2016-05-22T09:13:29+00:00 Anonymous (anonymous@undisclosed.example.com) https://bgp4all.com.au/pfs/training/itu-ipv6/6-rtbh?rev=1463908409&do=diff IPv6 Security Lab - RTBH Exploring Remotely Triggered Black Hole Filtering ---------- ### Background RTBH, as it is known as, is a commonly used technique to assist with the mitigation of Distributed Denial of Service Attacks. Remotely triggered blackhole filtering is a technique that provides the ability to drop undesirable traffic at the ingress into the network. RTBH provides a method for quickly dropping undesirable traffic at the edge of the network, based on either source addresses o… text/html 2016-05-24T08:29:34+00:00 Anonymous (anonymous@undisclosed.example.com) https://bgp4all.com.au/pfs/training/itu-ipv6/address-plan?rev=1464078574&do=diff Address Space Allocation This document describes the IP address plan we will use for this set of workshop exercises. Wherever possible the plan tries to replicate real life as closely as possible. The IPv4 address space used in these exercises is from subnets of 100.64.0.0/10 which is an [IPv4 Shared Address]( text/html 2017-10-12T08:02:22+00:00 Anonymous (anonymous@undisclosed.example.com) https://bgp4all.com.au/pfs/training/itu-ipv6/agenda?rev=1507795342&do=diff Agenda Time Schedule Session 1 09:00 - 10:30 Break 10:30 - 11:00 Session 2 11:00 - 13:00 Lunch 13:00 - 14:00 Session 3 14:00 - 15:30 Break 15:30 - 16:00 Session 4 16:00 - 17:30 Instructors FL First Name Organisation text/html 2016-05-24T07:16:23+00:00 Anonymous (anonymous@undisclosed.example.com) https://bgp4all.com.au/pfs/training/itu-ipv6/lab-access?rev=1464074183&do=diff Lab Access Instructions Introduction ---------- This lab runs on a virtualised environment for Cisco IOS called “Dynamips”. To join the network which the lab environment is on, associate your laptop with the wireless network called NSRC-PFS text/html 2016-05-26T05:40:22+00:00 Anonymous (anonymous@undisclosed.example.com) https://bgp4all.com.au/pfs/training/itu-ipv6/lab-ipsec?rev=1464241222&do=diff IPSec Lab In this lab we will configure IPSec tunnels between pairs of access routers. We will ensure that the traffic for one pair of IPv4 and one pair of IPv6 prefixes is encrypted while traffic between another pair of prefixes is unencrypted. This will allow us to see the difference. text/html 2016-05-15T15:22:59+00:00 Anonymous (anonymous@undisclosed.example.com) https://bgp4all.com.au/pfs/training/itu-ipv6/participants?rev=1463325779&do=diff Participants First Name Last Name Organisation Country MATIS ANGKASUVAN BANGKOK TH Gunadi Anwar Jakarta ID istiaque arif Dhaka BD Buddhi Bahadur Dura Kathmandu NP Kollol Barua Dhaka BD massoud biklaryan TEHRAN IR Allan Burgos text/html 2017-10-12T08:01:20+00:00 Anonymous (anonymous@undisclosed.example.com) https://bgp4all.com.au/pfs/training/itu-ipv6/start?rev=1507795280&do=diff Internet and IPv6 Infrastructure Security Program Workshop Goals This five-day IPv6 Security Workshop, teaching IPv6 Security * Internet and IPv6 Infrastructure Security Target Audience Policy makers, regulators, and technical staff involved in the Internet. text/html 2016-05-25T08:39:29+00:00 Anonymous (anonymous@undisclosed.example.com) https://bgp4all.com.au/pfs/training/itu-ipv6/ttx_script1?rev=1464165569&do=diff Breaking & Exclusive! EXERCISE EXERCISE EXERCISE Security Researchers Discover Treasure Trove of Credit Card Data Independent security researcher Eric Poolen has discovered what appears to be a treasure trove of new credit cards available on the underground black market. The same cybercrime market used in the Target and Home Depot attacks, crdpny[dot]cc, which has sold tens of millions of cards stolen from past breaches of those two companies as well as others, has been releasing batches of c… text/html 2016-05-25T08:39:43+00:00 Anonymous (anonymous@undisclosed.example.com) https://bgp4all.com.au/pfs/training/itu-ipv6/ttx_script2?rev=1464165583&do=diff Breaking & Exclusive! EXERCISE EXERCISE EXERCISE Acme Air Inc. Investigating Credit Card Breach by Cyber Criminals Sources say that Acme Air Inc. has hired an outside investigative firm to look into a possible data breach, potentially involving millions of customer credit and debit card records, and possibly other information as well. The sources indicate that the criminals may have breached systems in November, ahead of Thanksgiving, in anticipation of the busiest travel timeframe of the yea…