Cyber Security Workshop (DNS Focused)

Price  30,000 THB
Duration 3 Days

Date :   8-10 May 2019
Time :  9:00-17:30

Course Fee :

  • Standard: THB 30,000
  • Early bird: THB 25,000

Early-bird registration fees must be paid before or on 8 April 2019 where as Standard registration fees must be paid before or on 8 May 2019 by cheque or wire transfer payment. 

Group rate: please contact

Venue :  Novotel Bangkok Sukhumvit 20

Local Information: Accommodation, Local Transportation, Medical Care, and Visa

Paul Vixie, Farsight Security
Willem Toorop, NLnet Labs
Ralph Dolmans, NLnet Labs

Course Duration : 3 days

Maximum Class Size:  The workshop can accommodate up to 28 participants.


This technical workshop consists of lectures and hands-on labs to teach DNS, DNS Security Extensions and DNS Security Analysis targeted at operators who are responsible for the security and DNS services in their organization.


Workshop Topics

  • NS concepts
  • BIND (DNS server) and Resolver (DNS client)
  • DNS debugging tools, troubleshooting, and techniques Reverse DNS
  • RNDC
  • Access control lists
  • TSIG
  • DNS security extensions (DNSSEC)
  • DNS and IPv6
  • Secure DNS dynamic updates
  • DNS DDoS prevention with response rate limiting
  • DoT/DoH tradeoffs
  • DNS firewalls with RPZ
  • Passive DNS
  • DNS Security Analysis
  • Threat Detection using passive DNS

Target Audience

Network/systems administrators and engineers from ISP/REN/Universities or corporations, who are responsible for security, DNS service, and operating authoritative and/or recursive DNS.


Medium to good knowledge of the UNIX/Linux command line environment Basic understanding of DNS (this course is not an introduction)
Basic knowledge of TCP/IP networking
participants are required to bring a laptop

Biography of Instructor
Paul Vixie, Farsight Security
Paul Vixie was responsible for BIND from 1989 to 1999, and is the author of a dozen or so IETF RFC documents about DNS.  He also started the first anti-spam company (MAPS) where he co-invented the DNS RBL (Realtime Blackhole List) that now protects all e-mail planet-wide, and was the founder and later president of the first U.S.-based commercial Internet Exchange (PAIX).
Today he serves as CEO of Farsight Security, home of the Security Information Exchange (SIE) and the world’s leading Passive DNS database (DNSDB). He managed the F-root DNS server from 1996 to 2012, and wrote the Cron software used on all UNIX-type computers today.  He is also co-inventor of the DNS Response Rate Limiting (RRL) and Response Policy Zone (RPZ) feature-sets now in wide use to protect the operational Internet Domain Name System against online attacks. He received his Ph.D. from Keio University in 2011, and was inducted into the Internet Hall of Fame in 2014.
Willem Toorop, NLnet
Willem is a software developer and researcher at NLnet Labs.  NLnet Labs is a non-profit research lab dedicated to the development of Open Source software and open standards for the benefit of the Internet.  NLnet Labs mission is to provide globally recognized innovations and expertise for those technologies that turn a network of networks into an Open Internet for All.At NLnet Labs, Willem’s topics of interest are end-user security and privacy.
Willem has actively researched how DNSSEC may be hampered for end-users and looked into strategies to overcome such roadblocks. The results of this research are incorporated in the getdns resolver library and its associates stub resolver Stubby. Besides his work on getdns and Stubby, Willem is also the primary maintainer and developer of the other NLnet Labs DNS libraries: ldns and Net::DNS.
Ralph Dolmans, NLnet
Ralph is software developer at NLnet Labs and one of the core developers of Unbound and the Internet standards compliance test website (DNS, DNSSEC, DANE, IPv6, TLS, DMARC/DKIM/SPF).Ralph completed his MSc study System and Network Engineering at the University of Amsterdam. After his study, he started as a system and software engineer at NLnet Labs. At NLnet Labs his tasks are various, including writing code (implement RFCs) and reviewing Internet Drafts.Ralph is programme committee member for DNS-OARC and member of expert groups on usage of TLS and secure email (national and international fora)


Certificate of participation, training materials, lunch and refreshments will be provided.

Please note that the places are limited and the registration will be on a “first come – first served” basis. If you have any further queries, please contact Ms. Glaziel Kae Tagamolila email: training at


Organized By


Supported by


Fellowship Sponsor