Tutorial: Advancing security in federated clouds

chaired by Sven Gabriel (FOM), David Groep (FOM), Daniel Kouril (CESNET), Dennis van Dok (FOM)
Monday, 19 May 2014 from to (Europe/Helsinki)
at Helsinki University, Main Building ( Room 7 )
Description

This tutorial is part of the EGI Community Forum 2014 (Helsinki, 19-23 May)

Overview
Abstract of the tutorial.
In the cloud world many of the system administration tasks have moved away from experts managing the infrastructure to other entities, which are then responsible to provide securely configured and patched services (Cloud-VMs).

This training will provide VM-Endorsers/Operators/Users and VO security responsible with hands-on exercises to set-up and configure Cloud resources with basic security features.

In the first part we're kicking off with an introduction to ssh, and immediately get hands-on with logging into the prepared training systems and hardening the security setup.
The participants will learn some useful tricks that will make day-to-day use of ssh safer and more pleasant, as well as the best practices with setting up a firewall with iptables and fail2ban.

The second part focuses on security monitoring and logging.
After an introduction to the patch-status monitoring tool PAKITI (http://pakiti.sourceforge.net/ ) and a central syslog service, the participants will set-up and configure these services in a training environment.
 

Who should attend?
This tutorial is particular interesting for:
- VM Endorsers
- Cloud Users
- VO Security Officers
- Cloud service provides

Prerequisites (what should I know beforehand?)
generate a ssh key (if needed)
copy your *ssh public key* in the "Address Field" of the registration form

What do I need to bring?
Laptop

Participants Mischa Salle
Material:
Go to day