Focus on:
All days
11 Jun 2018
12 Jun 2018
All sessions
Plenary 1
Tutorial
Hide Contributions
Indico style
Indico style - inline minutes
Indico style - numbered
Indico style - numbered + minutes
Indico Weeks View
Back to Conference View
Choose Timezone
Use the event/category timezone
Specify a timezone
Africa/Abidjan
Africa/Accra
Africa/Addis_Ababa
Africa/Algiers
Africa/Asmara
Africa/Bamako
Africa/Bangui
Africa/Banjul
Africa/Bissau
Africa/Blantyre
Africa/Brazzaville
Africa/Bujumbura
Africa/Cairo
Africa/Casablanca
Africa/Ceuta
Africa/Conakry
Africa/Dakar
Africa/Dar_es_Salaam
Africa/Djibouti
Africa/Douala
Africa/El_Aaiun
Africa/Freetown
Africa/Gaborone
Africa/Harare
Africa/Johannesburg
Africa/Juba
Africa/Kampala
Africa/Khartoum
Africa/Kigali
Africa/Kinshasa
Africa/Lagos
Africa/Libreville
Africa/Lome
Africa/Luanda
Africa/Lubumbashi
Africa/Lusaka
Africa/Malabo
Africa/Maputo
Africa/Maseru
Africa/Mbabane
Africa/Mogadishu
Africa/Monrovia
Africa/Nairobi
Africa/Ndjamena
Africa/Niamey
Africa/Nouakchott
Africa/Ouagadougou
Africa/Porto-Novo
Africa/Sao_Tome
Africa/Tripoli
Africa/Tunis
Africa/Windhoek
America/Adak
America/Anchorage
America/Anguilla
America/Antigua
America/Araguaina
America/Argentina/Buenos_Aires
America/Argentina/Catamarca
America/Argentina/Cordoba
America/Argentina/Jujuy
America/Argentina/La_Rioja
America/Argentina/Mendoza
America/Argentina/Rio_Gallegos
America/Argentina/Salta
America/Argentina/San_Juan
America/Argentina/San_Luis
America/Argentina/Tucuman
America/Argentina/Ushuaia
America/Aruba
America/Asuncion
America/Atikokan
America/Bahia
America/Bahia_Banderas
America/Barbados
America/Belem
America/Belize
America/Blanc-Sablon
America/Boa_Vista
America/Bogota
America/Boise
America/Cambridge_Bay
America/Campo_Grande
America/Cancun
America/Caracas
America/Cayenne
America/Cayman
America/Chicago
America/Chihuahua
America/Costa_Rica
America/Creston
America/Cuiaba
America/Curacao
America/Danmarkshavn
America/Dawson
America/Dawson_Creek
America/Denver
America/Detroit
America/Dominica
America/Edmonton
America/Eirunepe
America/El_Salvador
America/Fort_Nelson
America/Fortaleza
America/Glace_Bay
America/Goose_Bay
America/Grand_Turk
America/Grenada
America/Guadeloupe
America/Guatemala
America/Guayaquil
America/Guyana
America/Halifax
America/Havana
America/Hermosillo
America/Indiana/Indianapolis
America/Indiana/Knox
America/Indiana/Marengo
America/Indiana/Petersburg
America/Indiana/Tell_City
America/Indiana/Vevay
America/Indiana/Vincennes
America/Indiana/Winamac
America/Inuvik
America/Iqaluit
America/Jamaica
America/Juneau
America/Kentucky/Louisville
America/Kentucky/Monticello
America/Kralendijk
America/La_Paz
America/Lima
America/Los_Angeles
America/Lower_Princes
America/Maceio
America/Managua
America/Manaus
America/Marigot
America/Martinique
America/Matamoros
America/Mazatlan
America/Menominee
America/Merida
America/Metlakatla
America/Mexico_City
America/Miquelon
America/Moncton
America/Monterrey
America/Montevideo
America/Montserrat
America/Nassau
America/New_York
America/Nipigon
America/Nome
America/Noronha
America/North_Dakota/Beulah
America/North_Dakota/Center
America/North_Dakota/New_Salem
America/Nuuk
America/Ojinaga
America/Panama
America/Pangnirtung
America/Paramaribo
America/Phoenix
America/Port-au-Prince
America/Port_of_Spain
America/Porto_Velho
America/Puerto_Rico
America/Punta_Arenas
America/Rainy_River
America/Rankin_Inlet
America/Recife
America/Regina
America/Resolute
America/Rio_Branco
America/Santarem
America/Santiago
America/Santo_Domingo
America/Sao_Paulo
America/Scoresbysund
America/Sitka
America/St_Barthelemy
America/St_Johns
America/St_Kitts
America/St_Lucia
America/St_Thomas
America/St_Vincent
America/Swift_Current
America/Tegucigalpa
America/Thule
America/Thunder_Bay
America/Tijuana
America/Toronto
America/Tortola
America/Vancouver
America/Whitehorse
America/Winnipeg
America/Yakutat
America/Yellowknife
Antarctica/Casey
Antarctica/Davis
Antarctica/DumontDUrville
Antarctica/Macquarie
Antarctica/Mawson
Antarctica/McMurdo
Antarctica/Palmer
Antarctica/Rothera
Antarctica/Syowa
Antarctica/Troll
Antarctica/Vostok
Arctic/Longyearbyen
Asia/Aden
Asia/Almaty
Asia/Amman
Asia/Anadyr
Asia/Aqtau
Asia/Aqtobe
Asia/Ashgabat
Asia/Atyrau
Asia/Baghdad
Asia/Bahrain
Asia/Baku
Asia/Bangkok
Asia/Barnaul
Asia/Beirut
Asia/Bishkek
Asia/Brunei
Asia/Chita
Asia/Choibalsan
Asia/Colombo
Asia/Damascus
Asia/Dhaka
Asia/Dili
Asia/Dubai
Asia/Dushanbe
Asia/Famagusta
Asia/Gaza
Asia/Hebron
Asia/Ho_Chi_Minh
Asia/Hong_Kong
Asia/Hovd
Asia/Irkutsk
Asia/Jakarta
Asia/Jayapura
Asia/Jerusalem
Asia/Kabul
Asia/Kamchatka
Asia/Karachi
Asia/Kathmandu
Asia/Khandyga
Asia/Kolkata
Asia/Krasnoyarsk
Asia/Kuala_Lumpur
Asia/Kuching
Asia/Kuwait
Asia/Macau
Asia/Magadan
Asia/Makassar
Asia/Manila
Asia/Muscat
Asia/Nicosia
Asia/Novokuznetsk
Asia/Novosibirsk
Asia/Omsk
Asia/Oral
Asia/Phnom_Penh
Asia/Pontianak
Asia/Pyongyang
Asia/Qatar
Asia/Qostanay
Asia/Qyzylorda
Asia/Riyadh
Asia/Sakhalin
Asia/Samarkand
Asia/Seoul
Asia/Shanghai
Asia/Singapore
Asia/Srednekolymsk
Asia/Taipei
Asia/Tashkent
Asia/Tbilisi
Asia/Tehran
Asia/Thimphu
Asia/Tokyo
Asia/Tomsk
Asia/Ulaanbaatar
Asia/Urumqi
Asia/Ust-Nera
Asia/Vientiane
Asia/Vladivostok
Asia/Yakutsk
Asia/Yangon
Asia/Yekaterinburg
Asia/Yerevan
Atlantic/Azores
Atlantic/Bermuda
Atlantic/Canary
Atlantic/Cape_Verde
Atlantic/Faroe
Atlantic/Madeira
Atlantic/Reykjavik
Atlantic/South_Georgia
Atlantic/St_Helena
Atlantic/Stanley
Australia/Adelaide
Australia/Brisbane
Australia/Broken_Hill
Australia/Darwin
Australia/Eucla
Australia/Hobart
Australia/Lindeman
Australia/Lord_Howe
Australia/Melbourne
Australia/Perth
Australia/Sydney
Canada/Atlantic
Canada/Central
Canada/Eastern
Canada/Mountain
Canada/Newfoundland
Canada/Pacific
Europe/Amsterdam
Europe/Andorra
Europe/Astrakhan
Europe/Athens
Europe/Belgrade
Europe/Berlin
Europe/Bratislava
Europe/Brussels
Europe/Bucharest
Europe/Budapest
Europe/Busingen
Europe/Chisinau
Europe/Copenhagen
Europe/Dublin
Europe/Gibraltar
Europe/Guernsey
Europe/Helsinki
Europe/Isle_of_Man
Europe/Istanbul
Europe/Jersey
Europe/Kaliningrad
Europe/Kiev
Europe/Kirov
Europe/Lisbon
Europe/Ljubljana
Europe/London
Europe/Luxembourg
Europe/Madrid
Europe/Malta
Europe/Mariehamn
Europe/Minsk
Europe/Monaco
Europe/Moscow
Europe/Oslo
Europe/Paris
Europe/Podgorica
Europe/Prague
Europe/Riga
Europe/Rome
Europe/Samara
Europe/San_Marino
Europe/Sarajevo
Europe/Saratov
Europe/Simferopol
Europe/Skopje
Europe/Sofia
Europe/Stockholm
Europe/Tallinn
Europe/Tirane
Europe/Ulyanovsk
Europe/Uzhgorod
Europe/Vaduz
Europe/Vatican
Europe/Vienna
Europe/Vilnius
Europe/Volgograd
Europe/Warsaw
Europe/Zagreb
Europe/Zaporozhye
Europe/Zurich
GMT
Indian/Antananarivo
Indian/Chagos
Indian/Christmas
Indian/Cocos
Indian/Comoro
Indian/Kerguelen
Indian/Mahe
Indian/Maldives
Indian/Mauritius
Indian/Mayotte
Indian/Reunion
Pacific/Apia
Pacific/Auckland
Pacific/Bougainville
Pacific/Chatham
Pacific/Chuuk
Pacific/Easter
Pacific/Efate
Pacific/Fakaofo
Pacific/Fiji
Pacific/Funafuti
Pacific/Galapagos
Pacific/Gambier
Pacific/Guadalcanal
Pacific/Guam
Pacific/Honolulu
Pacific/Kanton
Pacific/Kiritimati
Pacific/Kosrae
Pacific/Kwajalein
Pacific/Majuro
Pacific/Marquesas
Pacific/Midway
Pacific/Nauru
Pacific/Niue
Pacific/Norfolk
Pacific/Noumea
Pacific/Pago_Pago
Pacific/Palau
Pacific/Pitcairn
Pacific/Pohnpei
Pacific/Port_Moresby
Pacific/Rarotonga
Pacific/Saipan
Pacific/Tahiti
Pacific/Tarawa
Pacific/Tongatapu
Pacific/Wake
Pacific/Wallis
US/Alaska
US/Arizona
US/Central
US/Eastern
US/Hawaii
US/Mountain
US/Pacific
UTC
Save
Europe/Prague
English (United Kingdom)
English (United Kingdom)
English (United States)
Español (España)
Français (France)
Polski (Polska)
Português (Brasil)
Türkçe (Türkiye)
Монгол (Монгол)
Українська (Україна)
中文 (中国)
Login
CSNOG 2018
from
Monday, 11 June 2018 (09:00)
to
Tuesday, 12 June 2018 (17:45)
Monday, 11 June 2018
09:00
Registration and coffee
Registration and coffee
09:00 - 09:30
Room: Congress Hall
09:30
DDoS Beasts and How to Fight Them
DDoS Beasts and How to Fight Them
(CSNOG1)
09:30 - 11:00
Room: Congress Hall
DDoS threat has been rapidly evolving recently, up to the point when it started to be a community-wide problem. Numerous IoT-related working groups were spawned throughout the last 2 years mostly due to the infamous 1,1Tbps IoT DDoS attack in autumn 2016. Fast-forward 1,5 years, and we see attacks even more disastrous. This workshop aims at dissecting the DDoS threat. It goes over the ISO/OSI layers, offering a mutually exclusive and collectively exhaustive classification of denial-of-service attacks, a description of what makes them possible, and a set of possible ways to mitigate attacks of any kind, from an ISP perspective. The workshop is based on a personal experience. It is vendor-agnostic and doesn't cover or promote any solutions available on the market, an attendee is welcome to use this as a guide to build their own.
11:00
Coffee Break
Coffee Break
11:00 - 11:30
Room: Congress Hall
11:30
Opening plenary
Opening plenary
11:30 - 11:45
Room: Congress Hall
11:45
RIPE NCC presentation
RIPE NCC presentation
11:45 - 12:05
Room: Congress Hall
12:05
Network Fault Isolation
Network Fault Isolation
(CSNOG1)
12:05 - 12:30
Room: Congress Hall
NFI (Network Fault Isolation) - Active network monitoring Most network monitoring relies in the individual network devices themselves telling you that they are healthy or unhealthy via syslog messages, SNMP data, etc. In a Facebook scale network we just can’t trust the network devices to accurately report health in all the possible failure cases that may exist. In addition to the standard network monitoring tools, we also actively probe our network with test traffic to ensure it’s behaving exactly as we expect. We can now find the network devices that don’t even know they are dropping packets even when they exist several layers deep inside the network.
12:30
Lunch
Lunch
12:30 - 13:30
Room: Congress Hall
13:30
Open-source smerovač na bežne dostupnom hardvéri
Open-source smerovač na bežne dostupnom hardvéri
(CSNOG1)
13:30 - 13:55
Room: Congress Hall
Témou prednášky bude predstavenie možností postavenia vlastného smerovača na bežne dostupnom hardvéri pomocou open-source softvéru. Aké sú limity dnešných CPU, sieťových kariet a je možné smerovať line-rate n*10Gbps v Linuxe?
13:55
BIRD 2.0.x
BIRD 2.0.x
(CSNOG1)
13:55 - 14:20
Room: Congress Hall
[BIRD Internet Routing Daemon][1] is currently the most deployed daemon for router server in IXP environment. It's current stable branch is called 1.6.x. This version has several limitation in AFI/SAFI handling. This talk will introduce the new version branch 2.0.x and show practical differences between those two branches [1]: http://bird.network.cz
14:20
Budoucí nároky videa na sítě
Budoucí nároky videa na sítě
(CSNOG1)
14:20 - 14:45
Room: Congress Hall
Dominantní objem videa konzumovaného diváky se dnes odehrává mimo IP sítě (DVB, satelit, digitální kabelová TV). S fragmentací trhu s videem a s příchodem nových technologií jako je HbbTV nebo ATSC 3.0 můžeme čekat postupné stahování konzumentů videa do IP sítí. Budou naše sítě připravené na milion TV přijímačů připojených na Internet? Máme k dispozici tipy, triky či černou magii, která nám odloží potřebu masivních investic? Mohou v tom nějak pomoci propojovací centra? A pokud zbyde čas - vnese masivní distribuce videa skrz IP sítě novou dynamiku do vztahů mezi ISP a jejich propojování.
14:45
LT: Bude vaše doména fungovat i v roce 2019?
LT: Bude vaše doména fungovat i v roce 2019?
(CSNOG1)
14:45 - 14:52
Room: Congress Hall
Na den 1. února 2019 je naplánována změna v DNS software. Jste na ni připraveni? Bude vaše doména spolehlivě fungovat i po tomto datu?
14:52
LT: Internetová cenzura v ČR: začatek, skutečný stav a možná evoluce
LT: Internetová cenzura v ČR: začatek, skutečný stav a možná evoluce
(CSNOG1)
14:52 - 15:00
Room: Congress Hall
- Legislation in CZ about gambling-related blocking - Blacklist evolution - from v1 to v7. Gambling with internet Casino. Using PDF as "machine-readable" format. - Atlas probes on restricted domains. Blacklisting status. - Possible next steps in CZ. Internet freedom or country-wide Intranet?
15:00
Coffee Break
Coffee Break
15:00 - 15:30
Room: Congress Hall
15:30
Vývoj a fungování peeringu v IXP
Vývoj a fungování peeringu v IXP
(CSNOG1)
15:30 - 15:55
Room: Congress Hall
Pohled do minulosti, současnosti a budoucnosti způsobu navazování peeringových relací v prostředí IXP. Možnosti jejich zabezpečení, automatizace, signalizace a kontroly vyměňovaných informací pomocí route serverů a dostupných databází.
15:55
Routing Security Toolset
Routing Security Toolset
(CSNOG1)
15:55 - 16:20
Room: Congress Hall
In this presentation Andrzej will discuss the tools RIPE NCC maintains for routing security: IRR and RPKI. Network operators face challenges in routing security and we will explain the pros and cons of both tools, their data quality and what the RIPE NCC is doing to optimise the user experience.
16:20
BGP transport security – do you care?
BGP transport security – do you care?
(CSNOG1)
16:20 - 16:45
Room: Congress Hall
MD5 is insecure. BGP uses MD5 for session authentication therefore BGP is insecure. The internet is broken. Panic! How many of you use MD5 for BGP sessions? And for what purpose? Isn’t MD5 authentication really just a longer form of peer identifier – to avoid accidentally establishing a session with a wrong peer? Does MD5 help in preventing route leaks and hijacks? Does your network allow access to internal BGP speaking nodes from outside of the perimeter? How do you distribute MD5 secrets to your peers? How do you change MD5 secrets without tearing down the BGP session? TCP Authentication Option has been around for a while. Is anyone aware of TCP-AO? Do any major vendors implement it? Does anyone care? Why not to run BGP over TLS? Or BGP over IPsec? Or BGP over QUIC? Or why not invent a new secure transport for BGP? Sure, that sounds to be a lot of fun, let’s do that. Control plane security has been a special kind of security for a long time. Indeed there are specialty aspects to it as of the layers above relying significantly on the proper operation of the control plane, and often transports used for control planes are not too common ones. IETF has been working on control plane security for a noticeable period of time, there was a dedicated KARP working group and protocol-specific working groups had their individual initiatives on security aspects. However the world still uses MD5 for BGP. KARP WG got shutdown after a long struggle to produce anything. Is this the question of education, or the lack of it to be precise? Is the problem of peer authentication solved in some other way? Is there a problem at all? Do we need to spend time on spreading the word on what control plane security is and why it is important? Is there a problem at all – given sufficient network operational hygiene and proper network design, do we need control plane security as a separate entity as such? Is there a need for having inbuilt transport security mechanisms into BGP protocol itself? IETF would like to hear the feedback of operators’ community on these topics.
16:45
LT: 400G - don’t get confused with this transceiver generation
LT: 400G - don’t get confused with this transceiver generation
(CSNOG1)
16:45 - 17:00
Room: Congress Hall
abstract: Transmission speed of 400G is becoming reality and new challenges for optical and electrical components for high speed systems are emerging as well. PAM4 modulation is one key component for 400G transmission with transceivers. Insights of PAM4 are explained and shown. Packed with this knowledge the new introduced formfactors OSFP, QSFP-DD, SFP56-DD and µQSFP are easier to understand. This will help you to design / build new kind of applications or connections with your networking gear in the field. Avoid pitfalls when designing your racks. Be aware that power consumption and new plugs will also be part of the world of 400G transceivers.
17:00
Break
Break
17:00 - 17:30
Room: Congress Hall
17:30
Zvyšujeme bezpečnost provozu .CZ DNS
Zvyšujeme bezpečnost provozu .CZ DNS
(CSNOG1)
17:30 - 17:55
Room: Congress Hall
Stav upgradu infrastruktury .CZ DNS anycastu a možnosti zapojení ISP do tohoto projektu.
17:55
Vizualizace výsledků měření pokrytí
Vizualizace výsledků měření pokrytí
(CSNOG1)
17:55 - 18:20
Room: Congress Hall
Prezentace by se týkala popisu a ukázky nového nástroje, který ČTÚ vyvíjí (testuje) pro účely zpracování a následné vizualizace (i na web. stránkách) naměřených výsledků pokrytí (nejen rádiových parametrů, ale také QoS).
18:20
Hromadný sběr anonymizovaných dat pomocí Kolektoru
Hromadný sběr anonymizovaných dat pomocí Kolektoru
18:20 - 18:40
Room: Congress Hall
Vytvoření vlastního Kolektoru pro hromadný sběr dat, úskalí a výzvy, cesty kterými jsme se vydali. Co takový sběr obnáší, jaká data jsou sbírána, jak je s nimi poté zacházeno, příklady konkrétního využití.
18:40
Sponsor's Invitation To Social Event
Sponsor's Invitation To Social Event
18:40 - 18:50
Room: Congress Hall
Tuesday, 12 June 2018
09:00
Registration
Registration
09:00 - 09:30
Room: Congress Hall
09:30
Architektura připojení pro kritické služby
Architektura připojení pro kritické služby
(CSNOG1)
09:30 - 10:00
Room: Congress Hall
Trvalá dostupnost kritických služeb s širokým uživatelským dosahem nezávisí pouze na kvalitě implementace koncových aplikací. Zabýváme se dostatečně celou architekturou připojení těchto služeb k síti? Dokážeme udržet jejich dosažitelnost i v případě významných DoS útoků? Obsahem přednášky je zamyšlení se nad řetězcem související síťové architektury a základními aspekty, kterým je vhodné věnovat pozornost.
10:00
Wi-Fi roaming and open source
Wi-Fi roaming and open source
(CSNOG1)
10:00 - 10:20
Room: Congress Hall
Wi-Fi is now the most common way of connecting to the Internet from user devices. Some of them even use it as the only way to access networks. Because of this it became more important to provide reliable and stable Wi-Fi coverage. In this talk we will be focusing on hostapd, an open source daemon implementing wireless authentication, and its usage in area coverage. Specifically we will be talking about 802.11r and related standards (also known as Wi-Fi roaming).
10:20
Community infrastructure with vpsFree.cz
Community infrastructure with vpsFree.cz
(CSNOG1)
10:20 - 10:30
Room: Congress Hall
vpsFree.cz is a non-profit association founded in 2008 to host virtual private servers (VPS) for its members. The form of non-profit association means that every member has the right to participate and influence how it is run. Who we are? What we can offer and do for internet community?
10:30
Coffee Break
Coffee Break
10:30 - 11:00
Room: Congress Hall
11:00
Měřící infrastruktura pro měření základních parametrů služeb elektronických komunikací
Měřící infrastruktura pro měření základních parametrů služeb elektronických komunikací
(CSNOG1)
11:00 - 11:25
Room: Congress Hall
Český telekomunikační úřad buduje v rámci projektu „Měřící systém elektronických komunikací“ měřící infrastrukturu pro účely kontroly a ověřování vybraných parametrů datových služeb elektronických komunikací poskytovaných koncovým účastníkům v mobilních a pevných sítích. Měřící systém bude disponovat, jak veřejně dostupným nástrojem pro měření aktuální kvality služeb přístupu k síti Internet, tak certifikovanou technologií pro měření. Zároveň budou do infrastruktury implementovány prvky pro zajištění kybernetické bezpečnosti.
11:25
WPAD a bezpecnost v DNS
WPAD a bezpecnost v DNS
(CSNOG1)
11:25 - 11:50
Room: Congress Hall
Chteli bychom sitovou verejnost upozornit na rizika moznosti zneuziti domen ( podvrzeni DNS odpovedi, registrace expirovanych, atd.), upozornit na "default domain name" v konfiguraci routeru a doplit statistikami a grafy ohledne rizik v CZ&SK a nejen tam.
11:50
Ochrana proti random subdomain útokům pomocí technologie DNSSEC
Ochrana proti random subdomain útokům pomocí technologie DNSSEC
(CSNOG1)
11:50 - 12:15
Room: Congress Hall
Od roku 2018 mají open-source DNS resolvery novou funkci zvanou agresivní cache (RFC 8198), která efektivně brání některým typům útoků proti autoritativním i rekurzivním DNS serverům. Během přednášky vyhodnotíme rozvdíl v dopadu random subdomain útoku na DNS zóny, které jsou a nejsou zabezpečeny pomocí technologie DNSSEC. Na datech z měření bude vysvětleno, že pro opetrátory autoritativních serverů je výhodné podepsat zónu pomocí DNSSEC, a že pro operátory resolverů je výhodné provádět DNSSEC validaci.
12:15
Útok skrz (ne)známou vlastnost síťových prvků
Útok skrz (ne)známou vlastnost síťových prvků
(CSNOG1)
12:15 - 12:30
Room: Congress Hall
Současné operační systémy síťových prvků nabízejí obrovské množství funkcionality a komunikují skrz širokou škálu protokolů. Přes veškeré jejich přínosy se může někdy stát, že nová funkce se proti nám obrátí a způsobí nám potíže - zejména, je-li takováto vlastnost ve výchozí konfiguraci aktivní. Přednáška pojednává o jedné takové zkušenosti, kdy správcem neznámou a nevyužívanou vlastnost zná a zneužije útočník.
12:30
Lunch
Lunch
12:30 - 13:30
Room: Congress Hall
13:30
Fighting malware during the DNS resolution
Fighting malware during the DNS resolution
(CSNOG1)
13:30 - 14:00
Room: Congress Hall
Most of the malware lifecycle could be observed and even prevented in the DNS traffic. DNS resolver is the ideal place to look for the behavior and eventually act against malicious requests. The presentation will focus on different types of malware requests that can be seen and will discuss experience with fighting malware in a network with approximately hundred thousand of different households in the beginning of 2018. Summary of individual incidents and methods of detection will be presented along with downsides (e.g. application of external Indicators of Compromise) of such approach. The aim is to give the audience an idea about the number of threats seen in a standard home network and to share experience with challenges in DNS resolution filtering like false positive mitigation. The main presentation structure will follow the malware lifecycle and will present real-life examples, statistics and describe approaches used to solve particular problems.
14:00
BIND 9 Past, Present, and Future
BIND 9 Past, Present, and Future
(CSNOG1)
14:00 - 14:30
Room: Congress Hall
BIND 9 is now 17 years old, the latest stable version 9.12.1 was released in March 2018 and the BIND 9 Team has adopted changes to adapt to the ever changing Internet landscape to be a truly open open-source software.
14:30
Building 100G DDoS mitigation device with FPGA technology
Building 100G DDoS mitigation device with FPGA technology
(CSNOG1)
14:30 - 15:00
Room: Congress Hall
The volume of DDoS attacks and their variety grows every year. Since 2016 the largest attacks reached 1 Tbps, effectively disconnecting even well provisioned services from the Internet. CESNET dediced to exploit its expertise in building hardware-accelerated network probes to build its own active device with mitigation capabilities. The device consists of 100 Gbps FPGA network card and a commodity server. The presentation will introduce the FPGA technology in network processing domain as well as outline the concept of the mitigation device. The presentation will also summarize lessons learned during the deployment phase. The rest of the presentation will elaborate on selected mitigation heuristics designed to mitigate volumetric DDoS attacks.
15:00
Coffee Break
Coffee Break
15:00 - 15:30
Room: Congress Hall
15:30
Internetworking security
Internetworking security
(CSNOG1)
15:30 - 15:50
Room: Congress Hall
I při propojování sítí je třeba řešit bezpečnost GTSM BFD BGP FlowSpec uRPFv3 bezpečnostní nástroje a projekty sdružení NIX.CZ
15:50
ROV impact simulation & analysis
ROV impact simulation & analysis
(CSNOG1)
15:50 - 16:10
Room: Congress Hall
Recent work shows that RPKI deployment, currently the most important security extension to the inter-domain routing protocols and amendment of the Internet operation procedures, is severely obstructed by inaccuracies, errors and outdated records in published ROAs. Measurements proved deployment of ROA validation in the Internet is almost non-existing despite the fact that RPKI brings major improvement of Internet routing security without need for large scale and costly hardware upgrades. Attempts to explain reasons that caused slow adoption of the RPKI mechanism describe fear of disconnecting legitimate networks because of erroneous ROA as the leading factor. We utilize NetfFlow data from a real network to simulate ROV and subsequently quantify and analyze traffic that would have been dropped by ROV enforcement. Moreover, we explore methods to distinguish malicious traffic from legitimate one in the stream that would have been lost due to ROV to measure resulting impact of ROV.
16:10
LT: Network Security Monitoring with Flow Data
LT: Network Security Monitoring with Flow Data
(CSNOG1)
16:10 - 16:17
Room: Congress Hall
This pitch presentation will highlight how you can leverage flow data (NetFlow/IPFIX/etc.) for anomaly detection & DDoS protection in backbone networks.
16:17
LT: Quad9DNS : A public benefit service
LT: Quad9DNS : A public benefit service
(CSNOG1)
16:17 - 16:25
Room: Congress Hall
Public recursive resolvers are not new. This presentation walks you through what makes Quad9DNS different, and, of true public benefit.
16:25
LT: Pět kroků k elipse
LT: Pět kroků k elipse
16:25 - 16:40
Room: Congress Hall
Prezentace rekapituluje výměnu KSK klíče v doméně .CZ s přechodem na algoritmus ECDSA založený na eliptických křivkách.
16:40
Closing Plenary, Farewell
Closing Plenary, Farewell
16:40 - 16:55
Room: Congress Hall
