Pending Actions (deadline: 19/06/2007)

Below is a list of actions on the ROC Security Contacts from the OSCT-2 meeting, which are expected to be completed before the OSCT-3 meeting.

  • All ROCs:
    • Update the (coming) private OSCT Website with their ROC Security Contact details
    • Perform a Security Service Challenge 2 against (all?) sites in their region and give a short debriefing presentation at the next OSCT meeting
    • Provide feedback on the upcoming ISSeG threat list and questionnaire, as a preparation to the joint training session at EGEE-07
  • CERN:
    • [Completed] Investigate possibility of hosting a private website for the OSCT on the CERN central service
    • [In progress] Produce a short "Incident Response procedure" for the sites
    • [Completed] Check with the CERN mail team if it is possible to:
      • Use/check email signature on the incident lists
      • Use email encryption on the incident lists
      • Ensure that posters to the CSIRT list are member of the CONTACT list or else moderate the post
      • Change the Reply-to field of the CSIRT list
    • [Completed] (but announcement on hold) Create a new incident discussion list populated with the CSIRTS details (same recipients list, but different "FROM" field)
    • [Background activity] Maintain Pakiti (http://pakiti.sf.net)
    • [Completed] Produce packages for lcg-fw and the tool enabling Grid host to know what remote hosts are part of our Grid
    • [Completed] Clarify and document OSCT-DC activities on the (coming) OCST private website
    • [Completed] Gather and share OSCT Jabber IDs
    • [Completed] Schedule one or more (max 1/month) meeting using Instant Messaging
    • [Completed] Produce a list of wished features for RTIR to be (possibly) useful for the OSCT
    • [In progress] Check with GGUS if appropriate features for incident handling could be implemented
    • [In progress] Coordinate the development of security plugins for common monitoring tools (ex: SAM, Nagios)
    • Coordinate between CERN, UKI, SEE ROCs to prepare a joint training session with ISSeG
    • [Completed] Check with release/deployment team if it is possible to add the content of the RSS feed on the gLite installation pages for EGEE admins
    • Put involvement of VOs in IR process at least on agenda for next meeting
  • RUSSIA:
    • [Background activity] Manage and maintain the content of the OSCT Websites (public and private)
  • Asia Pacific (could not attend the meeting): NONE
  • FRANCE: NONE
  • UKI:
    • Investigate security plugins for Nagios, Lemon, Ganglia
    • [Completed] Host a repository of security plugins for common monitoring tools
    • [Background activity] Provide (and update) security best-practice documentation for the RSS feed
    • Coordinate between CERN, UKI, SEE ROCs to prepare a joint training session with ISSeG
  • DECH:
    • Investigate security plugins for Nagios
  • ITALY: NONE
  • CE:
    • Produce one or more SAM security tests
    • Document the process that can be followed by other developers to produce more SAM security tests.
  • NE:
    • [In progress] Test and provide feedback on RTIR
    • Test and provide feedback on the firewall management tool(s) (status: currently awaiting for CERN)
  • SEE:
    • Produce (and update) security best-practice documentation for the RSS feed
    • Contribute to the "Incident Response procedure" for the sites (in collaboration with CERN ROC)
    • [Background activity]Follow-up monthly with sites providing no or incorrect CSIRTs details
    • Coordinate between CERN, UKI, SEE ROCs to prepare a joint training session with ISSeG
  • SWE:
    • [In progress] Investigate (and possibly implement) new features in RTIR
    • [In progress] Provide RTIR training for OSCT according to ROC Security Contacts' availability and interest
    • [Completed] Investigate the possibility providing OSCT with Jabber IDs
    • [Completed] Investigate the possibility of hosting a (secure?) Jabber conference room for OSCT

-- Romain Wartel - 26 Feb 2007

Edit | Attach | Watch | Print version | History: r1 | Backlinks | Raw View | WYSIWYG | More topic actions
Topic revision: r1 - 2007-06-25 - RomainWartel
 
    • Cern Search Icon Cern Search
    • TWiki Search Icon TWiki Search
    • Google Search Icon Google Search

    LCG All webs login

This site is powered by the TWiki collaboration platform Powered by PerlCopyright & 2008-2019 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback