Www.egi.eu EGI-InSPIRE RI-261323 EGI-InSPIRE www.egi.eu EGI-InSPIRE RI-261323 Pakiti.

Slides:

Advertisements

Similar presentations

Advertisements

Overview of local security issues in Campus Grid environments Bruce Beckles University of Cambridge Computing Service.

Chapter 20 Oracle Secure Backup.

©2009 Justin C. Klein Keane PHP Code Auditing Session 3 – Tools of the Trade & Crafting Malicious Input Justin C. Klein Keane

1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.

Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

Security Management IACT 418/918 Autumn 2005 Gene Awyzio SITACS University of Wollongong.

Presented by Mina Haratiannezhadi 1.  publishing, editing and modifying content  maintenance  central interface  manage workflows 2.

Voyager Server Security and Monitoring Best practices and tools.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 7 Configuring File Services in Windows Server 2008.

5205 – IT Service Delivery and Support

1 Network File System. 2 Network Services A Linux system starts some services at boot time and allow other services to be started up when necessary. These.

Securing LAMP: Linux, Apache, MySQL and PHP Track 2 Workshop PacNOG 7 July 1, 2010 Pago Pago, American Samoa.

NovaBACKUP 10 xSP Technical Training By: Nathan Fouarge

A crash course in njit’s Afs

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

This presentation will guide you though the initial stages of installation, through to producing your first report Click your mouse to advance the presentation.

Va-scanCopyright 2002, Marchany Securing Solaris Servers Randy Marchany.

Linux Operations and Administration

Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.

5 Chapter Five Web Servers. 5 Chapter Objectives Learn about the Microsoft Personal Web Server Software Learn how to improve Web site performance Learn.

Microsoft Internet Information Services 5.0 (IIS) By: Edik Magardomyan Fozi Abdurhman Bassem Albaiady Vince Serobyan.

Module 7: Fundamentals of Administering Windows Server 2008.

Module 11: Implementing ISA Server 2004 Enterprise Edition.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI Federated Cloud F2F Security Issues in the cloud Introduction Linda Cornwall,

1 Quick Overview Overview Network –IPTables –Snort Intrusion Detection –Tripwire –AIDE –Samhain Monitoring & Configuration –Beltaine –Lemon –Prelude Conclusions.

12 Steps to Cloud Security A guide to securing your Cloud Deployment Vishnu Vettrivel Principal Engineering Lead,

Training and Dissemination Enabling Grids for E-sciencE Jinny Chien, ASGC 1 Training and Dissemination Jinny Chien Academia Sinica Grid.

Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.

SECURE LOG MANAGEMENT. BalaBit - the company How we do system logging When syslogs are not enough.

1 Linux Security. 2 Linux is not secure No computer system can ever be "completely secure". –make it increasingly difficult for someone to compromise.

1 Panda Perimetral Management Console. 2 Panda Perimetral Management Console Centralized management from the cloud The Perimetral Console, short for Panda.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI Federated Cloud Security - what is needed Linda Cornwall (STFC) and the.

Rob Davidson, Partner Technology Specialist Microsoft Management Servers: Using management to stay secure.

Auditing Project Architecture VERY HIGH LEVEL Tanya Levshina.

VIRTUAL HOSTING WITH PureFTPd And MYSQL (Quota And Bandwidth Management) BY Odoh Kenneth Emeka Sun Yu Patrick Appiah.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI How to integrate portals with the EGI monitoring system Dusan Vudragovic.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Ops Portal New Requirements.

Web Server Security: Protecting Your Pages NOAA OAR WebShop 2001 August 2 nd, 2001 Jeremy Warren.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Mario Reale – GARR NetJobs: Network Monitoring Using Grid Jobs.

Installing VERITAS Cluster Server. Topic 1: Using the VERITAS Product Installer After completing this topic, you will be able to install VCS using the.

EGI-InSPIRE RI EGI Webinar EGI-InSPIRE RI Porting your application to the EGI Federated Cloud 17 Feb

1 BCS 4 th Semester. Step 1: Download SQL Server 2005 Express Edition Version Feature SQL Server 2005 Express Edition SP1 SQL Server 2005 Express Edition.

Aaron Corso COSC Spring What is LAMP?  A ‘solution stack’, or package of an OS and software consisting of:  Linux  Apache  MySQL  PHP.

CACI Proprietary Information | Date 1 PD² SR13 Client Upgrade Name: Semarria Rosemond Title: Systems Analyst, Lead Date: December 8, 2011.

Logging and Monitoring. Motivation Attacks are common (see David's talk) – Sophisticated – hard to reveal, (still) quite limited in our environment –

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Update on Service Availability Monitoring (SAM) Marian Babik, David Collados,

EGI-InSPIRE RI Pakiti Michal Prochazka, (Daniel Kouril)

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI APEL Regional Accounting Alison Packer (STFC) Iván Díaz Álvarez (CESGA) APEL.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Operations Portal OTAG September, 21th 2011 Cyril L’Orphelin – CCIN2P3/CNRS.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI Applications Database Software Releases Alexander Nakos, et al.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI EGI SVG F2F Virtual Machines VM images, software run on VMS. 3 rd March 2015.

Metrics data published Via different methods Monitoring Server

Wataru Takase, Tomoaki Nakamura, Yoshiyuki Watase, Takashi Sasaki

Centralised logging using RSYSLog

Working at a Small-to-Medium Business or ISP – Chapter 8

COP 4343 Unix System Administration

CONTENT MANAGEMENT SYSTEM CSIR-NISCAIR, New Delhi

Securing the Network Perimeter with ISA 2004

5.0 : Windows Operating System

TYPES OF SERVER. TYPES OF SERVER What is a server.

CompTIA Server+ Certification (Exam SK0-004)

What Is Sharepoint? Mohsen Ashkboos

IS3440 Linux Security Unit 9 Linux System Logging and Monitoring

Configuring Internet-related services

SAP R/3 Installation on WIN NT-ORACLE

AD RMS Back Up and Restore

The ELK stack - get to know logs

Presentation transcript:

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Pakiti

EGI-InSPIRE RI Pakiti Overview Patch monitoring Unpatched vulnerabilities present severe security threat Client - server architecture In production use by EGI CSIRT Nagios probe against WNs Development by EGI CSIRT

EGI-InSPIRE RI Utilization in EGI

EGI-InSPIRE RI Excerise Install your own Pakiti server Collect report from a node Identify unpatched vulnerabilities

EGI-InSPIRE RI Installation steps Installation of server package Configuration of Apache Configuration of MySQL Configuration of Pakiti server Using Pakiti client

EGI-InSPIRE RI Server package RPM from EGI AppDB 1.rpm --import ch=0x930D2233A28C25A6 2.wget -O /etc/yum.repos.d/pakiti.repo pakiti/pakiti2/releases/repofiles/sl-6- i386.repo 3.yum update 4.yum install pakiti2-server

EGI-InSPIRE RI Apache Configuration Enable https and Pakiti virtual host 1.Remove default https virtual host /etc/httpd/conf.d/ssl.conf 2.Copy Pakiti definition cp /usr/share/doc/pakiti2-server /pakiti2.apache2 /etc/httpd/conf.d/pakiti2.conf 3.Adapt to your preferred authN system 4.Check firewall configuration

EGI-InSPIRE RI MySQL Create Pakiti database and MySQL user: 1.CREATE DATABASE pakiti; 2.CREATE USER IDENTIFIED BY 'really_random_password'; 3.GRANT ALL PRIVILEGES ON pakiti.* to ; 4.FLUSH PRIVILEGES; Create schema: 1.cd /usr/share/doc/pakiti2-server-2.1.6/ 2.mysql -D pakiti -u pakiti -p < pakiti2.sql

EGI-InSPIRE RI Pakiti server Update mysql password/username: 1./etc/pakiti2/pakiti2-server.conf Browse to and adapt Settings (top right) 1. m.redhat.rhsa-2014.xmlhttp:// m.redhat.rhsa-2014.xml 2.Release 4,5,6

EGI-InSPIRE RI Server configuration

EGI-InSPIRE RI Putting it together Install Pakiti client 1.yum install pakiti2-client-manual Configure the client /usr/share/doc/pakiti2-client-manual /pakiti2-client 1.SERVERS="localhost:443“ 2.#CA_PATH="/etc/ssl/certs/" Run the client and check the results

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Central Log Collecting

EGI-InSPIRE RI Motivation Logs can point to an attack and vector Attackers wipe logs once they have root access Having logs stored locally doesn’t scale A single point where to analyse data Local logs are not trustworthy

EGI-InSPIRE RI Solutions syslog, former default logging system replaced by rsyslog (syslog clients can send to rsyslog) syslog-ng (OSE and Premium Edition, additional plugins under proprietary license) Commercial solutions splunk (volume based licensing/can get expensive)

EGI-InSPIRE RI Rsyslog Server Decide whether secure channel is required TLS is supported Decide what directory structure is needed Make sure you have free space on storage Enable monitoring of the server Rsyslog is well documented

EGI-InSPIRE RI Rsyslog client Decide what message to send out Find out security requirements 1.$DefaultNetstreamDriverCAFile /etc/ssl/certs/AddTrust_External_Root.pem 2.$DefaultNetstreamDriver gtls 3.$ActionSendStreamDriverMode 1 4.$ActionSendStreamDriverAuthMode x509/certvalid # server is NOT authenticated 5.*.*

EGI-InSPIRE RI Processing Collected Data Usual tools like grep, etc. Files are available from /var/log/remote-hosts More volumes data needs advanced tools Indexing, filtering ElasticSearch, Kibana Processing logs using cloud tools

EGI-InSPIRE RI Kibana

EGI-InSPIRE RI Excercise Configure your client to log remotely is provided as a VO server Check the log contents Files ssh /var/log/remote-hosts Kibana: board/file/logstashesb.json