Presentation is loading. Please wait.

Presentation is loading. Please wait.

Daniel Kouril, EGI CSIRT meeting,

Published byDwight Brown Modified over 7 years ago

Similar presentations

Presentation on theme: "Daniel Kouril, EGI CSIRT meeting,"— Presentation transcript:

1 Daniel Kouril, EGI CSIRT meeting, 9.9.2016
RT report Daniel Kouril, EGI CSIRT meeting,

2 Current status Upgrade finished RTIR more invasive then expected
DB retained (history, ticket numbers, etc.) Several artifacts, nothing serious Massticket adapted to use the new API RTIR more invasive then expected Dictates/expects workflows, handling tickets, etc. (bulk operations, naming of functions, …) Creating tickets improved (to be enabled) Adding of Site and NGI contacts from GOC DB Should allow for controlling access as discussed earlier Reporting – Sven?

3 Daniel Kouril, EGI CSIRT meeting, 9.9.2016
Security monitoring Daniel Kouril, EGI CSIRT meeting,

4 Components Nagios – secmon Pakiti Security Dashboard
Operated by GRNET (NGI_GR), security core task Pakiti Operated by CESNET (NGI_CZ), security core task Security Dashboard Operated by NGI_FRANCE, core task on operations portal Coordination – CESNET

5 Secmon status Issues with current instance
Information from Pakiti not kept by Pakiti probe Failures of the submission system : - : 64 : 129 (expired certificate) : 165 : 169 : 146 (ARC CE issues, certificate again?)

6 Secmon status Service based on SAM, not supported anymore
Transition to ARGO difficult WN framework not supported on SL6 Implications on dashboard not clear atm No effort for development from GRNET Until a solution a find we can stick with current instance (based on SL5!)

7 Certification of sites
Supporting infrastructure is gone BDII, WMS, registration portal We can’t send monitoring jobs to non-production sites anymore (we were the only ones) Suggested to join security tests with normal certification ones and use the same procedure NGI will make sure tests are performed Sites is put into production, with immediate downtime declared (3 days) If no issue appears, it’s in production NGIs are complaining about the manual work, EGI to find a solution

8 Leftovers IanN: wants more compact view
Sophie: more query options/ views Toby: feature request for pakiti.egi.eu -redirect to https! Sven: change "Pakiti-Check" test name to the CVE Dashboards send notifications now Reports can be generated regularly

9 Secant – VM assessment Pilot ready, sandboxed environment prepared
Verified on CESNET cloud Testing of EGI VA’s pending VM catcher development Manual tests of couple AppDB Vas Majority closed, only external tests possible To be investigated

10 <. xml version="1. 0" encoding="UTF-8"
<?xml version="1.0" encoding="UTF-8"?> <SECANT> <NMAP_TEST status="OK"><ports><extraports state="closed" count="999"> <extrareasons reason="resets" count="999"/> </extraports> <port protocol="tcp" portid="22"><state state="open" reason="syn-ack" reason_ttl="64"/><service name="ssh" method="table" conf="3"/></port> </ports> </NMAP_TEST> <NTP_AMPLIFICATION_TEST status="FAIL"/> <SSH_AUTH_TEST status="OK">SSH password authentication is not allowed</SSH_AUTH_TEST> <LYNIS_TEST status="OK"> <WARNINGS> <LYNIS>Version of Lynis is very old and should be updated </LYNIS> <AUTH-9228>pwck found one or more errors/warnings in the password file </AUTH-9228> <PKGS-7390>apt-get check returned a non successful exit code. </PKGS-7390> <NETW-2705>Couldn't find 2 responsive nameservers </NETW-2705> </WARNINGS> <SUGGESTIONS> <BOOT-5122>Set a password on GRUB bootloader to prevent altering boot configuration (e.g. boot in single user mode without password) </BOOT-5122> …… </SUGGESTIONS> </LYNIS_TEST> <PAKITI_TEST status="OK">No vulnerable packages.</PAKITI_TEST> </SECANT>

Download ppt "Daniel Kouril, EGI CSIRT meeting,"

Similar presentations

LCG WLCG Operations John Gordon, CCLRC GridPP18 Glasgow 21 March 2007.

LCG WLCG Operations John Gordon, CCLRC GridPP18 Glasgow 21 March 2007.
Mardi 30 mars 2010 Lavoisier : a way to integrate heteregeneous monitoring systems. Cyril LOrphelin IN2P3/CNRS Computing Centre, Lyon, France.

Mardi 30 mars 2010 Lavoisier : a way to integrate heteregeneous monitoring systems. Cyril LOrphelin IN2P3/CNRS Computing Centre, Lyon, France.
Canonical Producer CP API User Code CP Servlet Files CreateTable, Port, Protocol, Security, SQL Support, Multiple Query Support Security Insert Query Port.

Canonical Producer CP API User Code CP Servlet Files CreateTable, Port, Protocol, Security, SQL Support, Multiple Query Support Security Insert Query Port.
EGI: SA1 Operations John Gordon EGEE09 Barcelona September 2009.

EGI: SA1 Operations John Gordon EGEE09 Barcelona September 2009.
HPDC 2007 / Grid Infrastructure Monitoring System Based on Nagios Grid Infrastructure Monitoring System Based on Nagios E. Imamagic, D. Dobrenic SRCE HPDC.

HPDC 2007 / Grid Infrastructure Monitoring System Based on Nagios Grid Infrastructure Monitoring System Based on Nagios E. Imamagic, D. Dobrenic SRCE HPDC.
EGEE-III INFSO-RI-222667 Enabling Grids for E-sciencE www.eu-egee.org EGEE and gLite are registered trademarks GStat 2.0 Joanna Huang (ASGC) Laurence Field.

EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks GStat 2.0 Joanna Huang (ASGC) Laurence Field.
MW Readiness Verification Status Andrea Manzi IT/SDC 21/01/2015 21/01/15 2.

MW Readiness Verification Status Andrea Manzi IT/SDC 21/01/ /01/15 2.
Www.egi.euEGI-InSPIRE RI-261323 www.egi.eu EGI-InSPIRE RI-261323 EGI Future activities Peter Solagna – EGI.eu.

RI EGI-InSPIRE RI EGI Future activities Peter Solagna – EGI.eu.
EGEE-III INFSO-RI-222667 Enabling Grids for E-sciencE www.eu-egee.org EGEE and gLite are registered trademarks EGEE-EGI Grid Operations Transition Maite.

EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks EGEE-EGI Grid Operations Transition Maite.
8 th CIC on Duty meeting Krakow 16-18 05/2006 Enabling Grids for E-sciencE Feedback from SEE first COD shift Emanoil Atanassov Todor Gurov.

8 th CIC on Duty meeting Krakow /2006 Enabling Grids for E-sciencE Feedback from SEE first COD shift Emanoil Atanassov Todor Gurov.
INFSO-RI-508833 Enabling Grids for E-sciencE www.eu-egee.org ARDA Experiment Dashboard Ricardo Rocha (ARDA – CERN) on behalf of the Dashboard Team.

INFSO-RI Enabling Grids for E-sciencE ARDA Experiment Dashboard Ricardo Rocha (ARDA – CERN) on behalf of the Dashboard Team.
SAM Sensors & Tests Judit Novak CERN IT/GD SAM Review I. 21. May 2007, CERN.

SAM Sensors & Tests Judit Novak CERN IT/GD SAM Review I. 21. May 2007, CERN.
Update of SAM Implementation ALICE TF Meeting 18/10/07.

Update of SAM Implementation ALICE TF Meeting 18/10/07.
Www.egi.eu EGI-InSPIRE RI-261323 EGI-InSPIRE www.egi.eu EGI-InSPIRE RI-261323 How to integrate portals with the EGI monitoring system Dusan Vudragovic.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI How to integrate portals with the EGI monitoring system Dusan Vudragovic.
Www.egi.eu EGI-InSPIRE RI-261323 EGI-InSPIRE www.egi.eu EGI-InSPIRE RI-261323 Ops Portal New Requirements.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Ops Portal New Requirements.
Why a Commercial Provider should Join the Academic Cloud Federation David Blundell Managing Director 100 Percent IT Ltd Simple, Flexible, Reliable.

Why a Commercial Provider should Join the Academic Cloud Federation David Blundell Managing Director 100 Percent IT Ltd Simple, Flexible, Reliable.
The GridPP DIRAC project DIRAC for non-LHC communities.

The GridPP DIRAC project DIRAC for non-LHC communities.
SAM Status Update Piotr Nyczyk LCG Management Board CERN, 5 June 2007.

SAM Status Update Piotr Nyczyk LCG Management Board CERN, 5 June 2007.
Www.egi.eu EGI-InSPIRE RI-261323 EGI-InSPIRE EGI-InSPIRE RI-261323 www.egi.eu Operations Portal Development Update on Requirements Cyril L'Orphelin IN2P3/CNRS.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Operations Portal Development Update on Requirements Cyril L'Orphelin IN2P3/CNRS.
Www.egi.eu EGI-InSPIRE RI-261323 EGI-InSPIRE www.egi.eu EGI-InSPIRE RI-261323 Security Monitoring Daniel Kouřil EGI-TF 2011.

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Security Monitoring Daniel Kouřil EGI-TF 2011.

Similar presentations

Ads by Google