Distributed Denial of Service (DDoS) Protection (Operational network security) – new for 2021 – virtual learning with experts
Distributed Denial of Service (DDoS) Protection – module overview
This is the forth module of the “Operational network security” training programme delivered by GEANT WP8 Task 1.
Distributed Denial of Service (DDoS) attacks have been the scourge of the Internet over the past 20 years. Although the media attention has waned, they continue to evolve and grow in power, with botnet clients becoming easier to deploy and ever more services being exploited as multipliers for packet floods.
This course will take the participants from an overview of DDoS through details of the most common attacks and concludes with outlining the ways to detect and mitigate them.
Eligibility
The training is open to all GÉANT members and their member organisations.
Who will benefit from attending this training programme?
- System/network administrators at NRENs or NREN member organisations
- System administrators at computing centres or NOCs
- Broader categories of professionals with the interest in these subjects
Pre-requisites
Basic administration knowledge about operating systems and networking should be present.
Distributed Denial of Service (DDoS) Protection – sessions (live online) schedule
All sessions will be recorded and added to the existing playlist, to access the playlist please click here.
| Session title | Date/time | Presenter |
| Introduction to DDoS Attacks – An overview of motivation and modus operandi of attackers Click here to access the session recording. Click here to access the copy of the presentation. DDoS attacks have been around for more than 20 years now, and over this time, they have gained in power, reaching now several terrabits in bandwidth, enough to knock of ISPs. While the actual DDoS attacks have changed very little, the orchestration of the attacks, the deployment of their components and the motives of attackers have evolved. This course will give the participants an overview of the attacks, the attackers, their motivation and modus operandi. | 08/02/2021 2 pm CET | Tobias Dussa |
| Details of selected DDoS Attacks – How the attacks work from a technical perspective Click here to access the session recording Click here to access the copy of the presentation. While DDoS attacks have become more powerful and easier to start for attackers, the technical details of DDoS attacks have been remarkably consistent over the last 20 years. This course will provide the participants with an in-depth view of the technical details of the most common DDoS mechanisms: amplification and reflection and the services being exploited for them. | 10/02/2021 2 pm CET | Klaus Moller |
| DDoS Detection – How to know if you are under attack or partake in an attack Click here to access the session recording. Click here to access the copy of the presentation The questions of how DDoS Detection works sounds simple: when your can’t access your systems, you’re under attack. But this may also happen due to technical problems and misconfigurations. And what if you want to detect attacks without being a victim of one? The course will show participants the various ways of how DDoS attacks are detected on the internet. | 15/02/2021 2 pm CET | Klaus Moller |
| DDoS Mitigation – What you can do against them? Click here to access the session recording. Click here to access the copy of the presentation Mitigating a DDoS attack, especially the bigger ones, seems a daunting task, especially so with a determined attacker and when other sites are also affected. This course will show some simple, but proven techniques to combat DDoS attacks and also to avoid unintentionally partaking in one. | 17/02/2021 2 pm CET | Tobias Dussa |
Meet the experts
The training programme is delivered by a team of experts in the field:
Klaus Möller, DFN-CERT – Klaus has been working with DFN-CERT since 1999 as an incident responder, advisory writer, and security consultant. He has developed and carried out numerous trainings in network security.
Stefan Kelm, DFN-CERT – Stefan has been working in the field of computer security all his professional life, starting back in the early 1990s. He currently is involved in forensics, malware analysis, threat intelligence, and log file analysis.
Tobias (Toby) Dussa, DFN-CERT – Toby has been involved with IT security during his whole entire career. After fifteen years at KIT, managing KIT-CERT and taking on IT security issues of all kinds, he has joined DFN-CERT in 2020.
The DFN-CERT is the security provider for the German National Research and Education Network, DFN
If you just joined us the section below provides the information about the training programme, its outline and the listing of the next two modules.
Training programme Overview
There is no need to stress the importance of security, and as a more recent addition: privacy, in NREN networks. But while the importance of security and privacy is widely recognized, training in these areas has often been aimed at the security personell tasked with handling incidents, while the system and network administration seems to have been neglected.
The “Operational network security” training programme has been created as a result of collating experiences and conducting discussions with security offices and network operators.
Its aim is to address a number of common security risks that NRENs face in their day-to-day operations: authentication, logging, audit, privacy, 1st Hop security, DNS security and protection from Distributed Denial-of-Service attack.
Programme outline
The training programme consists of a number of live online, instructor-led sessions covering a wide range of subjects (sub-modules):
| Sub-module title | Dates |
| 1. Operating system privacy and security | 03 to 13 August 2020 – completed. To access session recordings and accompanying presentations click here. |
| 2. Client Privacy and Security | 21 September to 30 September 2020 To access the playlist of all recorded sessions please click here. |
| 3. Domain Name System (DNS) protection | 30 November to 11 December 2020 To access the playlist of all the recorded sessions please click here. Copies of presentations are available here |
| 4. Distributed Denial of Service (DDoS) protection | 08 February to 19 February 2021 Monday 08 February 2021 Introduction to DDoS Attacks Wednesday 10 February 2021 Details of selected DDoS Attacks Monday 15 February 2021 DDoS Detection Wednesday 17 February 2021 DDoS Mitigation All sessions have been added to the existing playlist. |
The team behind this training programme is working on more training sessions to be delivered later on this year.
In the meantime if you have any queries about this training programme or upcoming events please contact glad@geant.org
Stay safe and well and we look forward to seeing you again!
