The Advanced DNS Training Course continues from where the Intro Course ended. This course is long awaited since the last Advanced course was offered six years ago! In 2023 we will only be offering the Advanced course due to popular demand.
Students will learn about the vulnerabilities of DNS and how to overcome them. Topics include DNS Monitoring Systems, Access Controls, TSIG (DNS Transaction Signatures) and full coverage of the different aspects of DNSSEC. Modern networking environments and use of DNS Forwarding and Split-DNS are also covered.
Note that this training course is very much updated from when Advanced DNS Training was previously taught.
DNSSEC is now a much more mature technology and the course covers all the modern aspects of that, including but not limited to:
DNSSEC configuration via KASP (Key And Signature Policies),
Fully automated key rollovers
Delegation synchronisation via CDS and CSYNC
A brief overview of some of the advanced course topics to be covered:
Walkthrough of the Kaminsky Attack
DNS Transaction Signatures
Shared Secret Security
Securing Transport vs Securing Data
DNS and Firewall Environments
DNS Forwarding and DNS Stub Configs
Validation of DNSSEC Signed Data
Public Key Security
DNSSEC Record Types
DNSSEC For Applications
DNSSEC For Applications
KASP (Key and Signature Policies)
Automated DNSSEC Key Rollovers
Parent Updating via CDS and CSYNC
Original transports UDP + TCP
Each course is presented by Johan Stenstam and Mark Elkins. Lab exercises are conducted using Laptops running X Windows. Students will connect either via PuTTY (for Windows) or via SSH (Secure SHell) to their (virtual) DNS Servers which are running on a BSD (Unix) system. Students are encouraged to use their own Laptops and/or bring USB memory sticks to keep copies of their work.
The intended audience for these courses would be network engineers, network and DNS administrators as well as managers, people working in IT strategy, IT consultants, IT Security or anyone who needs an understanding of DNS and the DNS role on the Internet.
Both the Intro and Advanced courses require fundamental knowledge about the Internet, TCP/IP and Unix/Linux. Experience with a Unix/Linux text editor such as vi or emacs and with the Unix/Linux file systems and basic shell/operating system commands is compulsory.
There is a free and paid course "Learn UNIX from scratch using simple and practical approach" on Udemy which you can use to familiarise yourself with Unix.
The Advanced course requires the student to have completed the Introductory course or to at least provide evidence of adequate experience in managing DNS Systems.
Courses are usually held twice a year, around September and at the beginning of the year, late January to early February. Registration is open a month or so before each course. The courses are usually held in Johannesburg (Midrand) and Cape Town. There is an Intro course and an Advance course which alternate in these locations. In an ideal world, the Intro course is the first course of any training session, followed by the Advance Course.
Johan Stenstam has a degree in Engineering Physics from the Royal Institute of Technology in Stockholm, Sweden. He has been providing consulting and professional training services, primarily in the areas of DNS, DNS Security, DHCP, systems design, name and address space management for the past 25-years. Johan was previously the DNS Product Owner at Netnod and is currently employed as a DNS Expert at the .SE ccTLD Registry.
Mark Elkins was born and educated in the UK, where he attended Queen Mary College (London University) from 1979 to 1983. Mark has been working on Unix based computer systems for over 30-years and he moved to South Africa in 1984, where he later co-founded Domain Name Services (Pty) Ltd. Mark has been involved in local DNS training for over 10-years and he is a certified CCIE (Cisco Engineer).
Applications are subject to a R2000.00 refundable deposit on attendance. Applications will only be confirmed on receipt of the deposit. Applications will be closed once the total number of deposits have been received. Deposits of delegates that do not attend will be forfeited, and in turn donated to the ISPA Teachers Training Program.
We can only accept up to two people from any one organisation
Deposits may be paid by direct transfer into the DNS ZA bank account using the Booking Reference number as a reference.
Account Holder: Domain Name Services (Pty) Ltd
Current Account: 4075011418
Branch code: 632005
Please email proof of payment to email@example.com.
The training course starts at 09h00 and finishes at 17h00.
Documentation, refreshments and lunch will be provided.