EGI CSIRT team monthly meeting
Thursday, 21 July 2011 -
14:00
Monday, 18 July 2011
Tuesday, 19 July 2011
Wednesday, 20 July 2011
Thursday, 21 July 2011
14:00
Agree on agenda and review minutes
Agree on agenda and review minutes
14:00 - 14:05
- Any question/comment on last meeting's minutes? https://wiki.egi.eu/csirt/index.php/Monthly_Meeting_Minutes_23-6-2011 - Minutes taker - DC of the week or the backup -Agree on agenda iteam Minutes template was updated to include action items https://wiki.egi.eu/csirt/index.php/Minutes_Template Please upload minutes and action list to: https://wiki.egi.eu/csirt/index.php/EGI_CSIRT_monthly_meeting#Monthly_Meeting_Minutes
14:05
EGI TF & f2f meeting
EGI TF & f2f meeting
14:05 - 14:10
Registration (early birth due on 5th Aug.) http://go.egi.eu/tf11-registration timetable https://www.egi.eu/indico/conferenceTimeTable.py?confId=452#all EGI CSIRT face to face meeting 3 hours on Monday 19th Sep 2011 https://www.egi.eu/indico/sessionDisplay.py?sessionId=45&confId=452#all update from group coorindate, 30 minutes each - Incident Response Task Force - Security Monitoring Group - Security Drill Grop - Security Training and Dissemination Group Some discussion - Security Dashboard - SSC framework/plan of ssc4 NGI run
14:10
Milestone MS412 - Operational Security Procedures
Milestone MS412 - Operational Security Procedures
14:10 - 14:15
MS412 is due 31st July 2011 SA1 internal review started, comment is still accepted https://documents.egi.eu/secure/ShowDocument?docid=649 https://wiki.egi.eu/wiki/SA1_Milestones Review timetable https://wiki.egi.eu/wiki/Milestone_review_timetable Review process https://wiki.egi.eu/wiki/Review_process
14:15
RTIR update
RTIR update
14:15 - 14:30
- Status of RTIR - Deployment plan - Document of RTIR (how to, guildline etc) - Any outstanding issue
14:30
Update from group coordinator
Update from group coordinator
14:30 - 15:30
IRTF ==== - the ongoing security incident - security incident handling procedure update Security monitoring =================== - Security Dashboard discussion https://operations-portal.egi.eu/test/frontend_test.php/csiDashboard/csiDashboard - Any new development of Pakit and Nagios? Pakiti 3.0? - proposal of deploying security monitoring client at sites Security drill ============== - Current status of SSC5 - Development of SSC5 framework and plan of SSC4 NGI run Security training & dissemination ================================= Security training at technical forum -- middleware SESSION MW-1 - glexec: deployment issue, recommandation for configuration. (Oscar) - Communication between argus and glexec: architecture. - setting up argus server (Can this be Valery/Andrea? Repeat?) SESSION MW-2 - advanced security tutorial for cream ce: secure configuration, user banning. (Someone from CREAM for this? Or Argus?) - EMI security architecture. ( No talk, discussions ). SESSION OPS-1 – Incident workflow and forensic tools. [ Speaker: Leif ] – Linux rootkit and TTY hijacking [Speaker: Antonio ] - Vulnerability handling (what to do if you find a vulnerability and How are they handled) [Linda] SESSION OPS-2 – Advanced pakiti tutorial: what configuration if you want to monitor all hosts of the site? Dealing with scalability issues. [ Speaker: Daniel? Michal? Christos? ] – SSC5 case study - Malware analysis [Speaker: Oscar] – Using the security challenge framework. [ Speaker: Aram]
15:30
Action review
Action review
15:30 - 15:45
https://wiki.egi.eu/csirt/index.php/Pending_actions
15:45
AOB
AOB
15:45 - 15:50
Monthly meeting shcedule: normally the second last Thursday of each month the proposed meetings as following: 18th August 19th September <== face to face at EGI TF in Lyon 20th October