EGI CSIRT team monthly meeting

Europe/Amsterdam
EVO - EGI CSIRT meeting

EVO - EGI CSIRT meeting

Mingchao Ma (STFC - RAL)
Description
A monthly team meeting to discuss team activities and issues It will be on EVO (http://evo.caltech.edu/evoGate/). Meeting can be found in Universe community, please search EVO meeting with keyword "EGI CSIRT" EVO Phone Bridge Telephone Numbers: --------------- - USA (Caltech, Pasadena, CA) +1 626 395 2112 - Switzerland (CERN, Geneva) +41 22 76 71400 - Slovakia (UPJS, Kosice) +421 55 234 2420 - Italy (INFN, several cities) http://server10.infn.it/video/index.php?page=telephone_numbers Enter '4000' to access the EVO bridge - Germany (DESY, Hamburg) +49 40 8998 1340 - USA (BNL, Upton, NY) +1 631 344 6100 - United Kingdom (University of Manchester) +44 161 306 6802 - Australia (ARCS) +61 Adelaide 08 8463 1011 Brisbane 07 3139 0705 Canberra 02 6112 8742 Hobart 03 623 70281 Melbourne 03 8685 8362 Perth 08 6461 6718 Sydney 02 8212 4591 - Netherlands (Nikhef, Amsterdam) +31 20 7165293 Dial '2' at the prompt - Canada (TRIUMF, Vancouver) +1 604 222 7700 - Czech Republic (CESNET, Prague) +420 95 007 2386 - USA (MIT, Cambridge, MA) +1 617 715 4691 - France (RAP, Paris) +33 144 27 81 50
EGI CSIRT team monthly meeting (17 Jun 2010) Chaired by: Ma, Mingchao Agenda: https://www.egi.eu/indico/conferenceDisplay.py?confId=61 Presents: Croatia NGI: Emir Imamagic Czech NGI: Michal Prochazka Portugal NGI: Nuno Dias Italy NGI: Riccardo Brunetti; Giuseppe Misurelli Sweden NGI: Leif Nixon Poland NGI: Adam Smutnicki Greece NGI: Christos Triantafyllidis The Netherlands NGI: Sven Gabriel Germany NGI: Ursula Epting UK NGI: Mingchao Ma France NGI: Dorine Fouossong Apologises: Switzerland NGI: Serge Droz ================== Minutes taker and Project update ================== EGI CSIRT team was presented as part of SA1 activity. There is a EGI deliverable "operational security procedure" related to EGI-CSIRT activity ; the deadline is the end of july. Operational security procedures are: - Incident response procedure. Leif is preparing a new release. - Vulnerability assessment procedure. was defined by linda; changes will be in order to take in account the new communication channels. France NGI is responsible to make sure that internal reviews are took in account and that this EGI deliverable will be done in time. For more informations on these meetings, you can browse links given below on the agenda. ================== Group activities update and forward planning ================== IRTF As we will no longer be able to use the CERN phone conference system after the end of June, we will need to change our weekly meetings to some other system. This will in all likelihood be EVO. * Monitoring The nagios box for security monitoring is not checking only the EGI sites but all the sites that are registered in GOCDB. And that includes sites in Canada, Australia etc which clearly are not members of EGI. Mingchao said that he has already asked if we need to monitor these sites too but didn't get any reply yet so for now we keep them. Migration of pakiti server from CERN will be done this month. There will be two new features in pakiti. Giussepe asked if we can have notifications from the security nagios box to the NGI security officers (or a mailing list per NGIs that request it) via mail. * Dissemination At the next EGI technical forum, there will be a joint EGI CSIRT and software vulnerability group training session. Sites feedbacks are appreciate to prepare this training. * security drills There is only one site left for the SSC4 launch on Tier1. Sven is going to start the evaluation report. He will also plan a second round challenge for sites liking to have a second go. ================== update from team members ================== Each participant presented himself. ================== EGI technical forum conference planning ================== There will be a F2F meeting at the EGI technical on 13 september 2010 . This will be a good opportunity to meet each other. Feedbacks will be appreciated to help preparing the training event. ================== AOB ================== ** Group calendar There is an IRTF DC rota google calendar. If you didn't received an invitation send a request to dorine.fouossong@clermont.in2p3.fr . ** Next meeting Next date: 15th July, 14:30-15:30 CET on EVO.
There are minutes attached to this event. Show them.
    • 14:30 14:35
      Minutes taker and Project update 5m
      News and updates from the project etc. - EGI InSPIRE SA1 meeting on 3rd June: https://www.egi.eu/indico/conferenceDisplay.py?confId=43 - EGI-InSPIRE task leaders meeting on 10th June https://www.egi.eu/indico/conferenceDisplay.py?confId=41 Project milestone and deliverable: MS405 Operational Security Procedures, due by the end of July The template for all deliverables and milestones is now available: https://documents.egi.eu/document/26 . SA1 Deliverables: https://wiki.egi.eu/wiki/SA1_Deliverables . SA1 Milestones: https://wiki.egi.eu/wiki/SA1_Milestones
      EGI CSIRT team was presented as part of SA1 activity. There is a EGI deliverable "operational security procedure" related to EGI-CSIRT activity ; the deadline is the end of july. Operational security procedures are: - Incident response procedure. Leif is preparing a new release. - Vulnerability assessment procedure. was defined by linda; changes will be in order to take in account the new communication channels. France NGI is responsible to make sure that internal reviews are took in account and that this EGI deliverable will be done in time. For more informations on these meetings, you can browse links given below on the agenda.
    • 14:35 15:05
      Group activities update and forward planning 30m
      Update from group coordinators: --IRTF ---Incident handling procedure ---Conference system change --Security monitoring --Security drill --Security training & dissemination
      IRTF As we will no longer be able to use the CERN phone conference system after the end of June, we will need to change our weekly meetings to some other system. This will in all likelihood be EVO. * Monitoring The nagios box for security monitoring is not checking only the EGI sites but all the sites that are registered in GOCDB. And that includes sites in Canada, Australia etc which clearly are not members of EGI. Mingchao said that he has already asked if we need to monitor these sites too but didn't get any reply yet so for now we keep them. Migration of pakiti server from CERN will be done this month. There will be two new features in pakiti. Giussepe asked if we can have notifications from the security nagios box to the NGI security officers (or a mailing list per NGIs that request it) via mail. * Dissemination At the next EGI technical forum, there will be a joint EGI CSIRT and software vulnerability group training session. Sites feedbacks are appreciate to prepare this training. * security drills There is only one site left for the SSC4 launch on Tier1. Sven is going to start the evaluation report. He will also plan a second round challenge for sites liking to have a second go.
    • 15:05 15:15
      update from team members 10m
      any update from any team member
      Each participant presented himself.
    • 15:15 15:25
      EGI technical forum conference planning 10m
      13/09/2010-17/09/2010, at Amesterdam, -- EGI CSIRT f2f meeting -- security training session (possible a joint training session with middleware people) -- Suggestions on training topics? * security monitoring * security incident response procedure
      There will be a F2F meeting at the EGI technical on 13 september 2010 . This will be a good opportunity to meet each other. Feedbacks will be appreciated to help preparing the training event.
    • 15:25 15:30
      AOB 5m
      -- Group calendars -- monthly team meeting Suggestion: every thursday of the third week of the month, 14:30-15:30 CET List of Actions can be found at: https://wiki.egi.eu/csirt/index.php/Pending_actions, please login with your SSO account
      ** Group calendar There is an IRTF DC rota google calendar. If you didn't received an invitation send a request to dorine.fouossong@clermont.in2p3.fr . ** Next meeting Next date: 15th July, 14:30-15:30 CET on EVO.