The document discusses incident reporting and handling procedures for grid computing resources. It outlines the steps involved in reporting a security incident, including informing relevant parties, containing the incident, investigating through forensics, updating affected users and systems, and reporting lessons learned. Examples of specific security incident scenarios are provided to illustrate the process.
The document summarizes Romans 1:18-32, which discusses how all people are guilty before God due to suppressing the truth. It notes that God's attributes can be understood through creation, but people reject this clear evidence. Instead, they pursue sinful acts like idolatry, sexual immorality, and mistreating others. As a result of these sinful behaviors, people are deserving of death and eternal separation from God. The passage concludes by emphasizing that righteousness comes from faith, as stated in Romans 1:16-17.
This document discusses various topics related to media and collective identity. It begins with a discussion of how radio, TV and music like hip hop have helped form generational identities. It then discusses macro level media theories from thinkers like Mill, Plato and Althusser. Several TV shows are analyzed in terms of how they represent working class Britain and issues of race. The document also discusses representations of gender, sexuality, and youth in various media forms. It examines ideas of postmodern identity in newer media like games and social networks. Overall, the document takes a wide view of how media shapes concepts of self and society.
Surface acoustic wave sensors show potential for protein detection by monitoring changes in amplitude and phase shift of the sensor output. As solutions containing proteins like bovine serum albumin dried on the sensor, the output signal became more attenuated, with greater concentrations correlating to increased attenuation. While viscosity and concentration appeared to impact the sensor response, further testing is needed to validate protein detection. Future work aims to miniaturize the sensor instrumentation and determine feasibility for point-of-care antigen-antibody interaction detection.
Study Of The Ten Commandmest (3) - The SabbathDon McClain
The document discusses the biblical Sabbath commandment and its meaning and application. It provides historical context about the Sabbath being given to Israel as a sign of their covenant with God. It also examines whether the Sabbath requirement ceased for Christians based on passages in the New Testament.
Turmeric is a comprehensive SOA platform that was originally developed at eBay and has now been open sourced. It provides a policy-driven architecture and tools for developing, deploying, securing, monitoring, and governing SOA services. The platform includes client and server-side runtimes, quality of service features like authentication and authorization, and Eclipse-based developer tools. Turmeric was tested at a large scale at eBay and is now available to the open source community.
This document describes an educational simulation technology for welding. It supports several welding processes and joints, allows selection of voltage, intensity, polarity and other parameters. It includes augmented reality glasses and diagnostic evaluation. The system has a touch screen computer with Intel Core i7 processor, SSD, 4GB RAM and Windows operating system. It is designed for portability with a transportation box. Adaptations can be made upon customer request.
DRAFT summary of events in 2010 to seed collection of headlines, flyers, photos for full Wall of Wonder to be presented at March 19 Community Wide meeting.
The document summarizes Romans 1:18-32, which discusses how all people are guilty before God due to suppressing the truth. It notes that God's attributes can be understood through creation, but people reject this clear evidence. Instead, they pursue sinful acts like idolatry, sexual immorality, and mistreating others. As a result of these sinful behaviors, people are deserving of death and eternal separation from God. The passage concludes by emphasizing that righteousness comes from faith, as stated in Romans 1:16-17.
This document discusses various topics related to media and collective identity. It begins with a discussion of how radio, TV and music like hip hop have helped form generational identities. It then discusses macro level media theories from thinkers like Mill, Plato and Althusser. Several TV shows are analyzed in terms of how they represent working class Britain and issues of race. The document also discusses representations of gender, sexuality, and youth in various media forms. It examines ideas of postmodern identity in newer media like games and social networks. Overall, the document takes a wide view of how media shapes concepts of self and society.
Surface acoustic wave sensors show potential for protein detection by monitoring changes in amplitude and phase shift of the sensor output. As solutions containing proteins like bovine serum albumin dried on the sensor, the output signal became more attenuated, with greater concentrations correlating to increased attenuation. While viscosity and concentration appeared to impact the sensor response, further testing is needed to validate protein detection. Future work aims to miniaturize the sensor instrumentation and determine feasibility for point-of-care antigen-antibody interaction detection.
Study Of The Ten Commandmest (3) - The SabbathDon McClain
The document discusses the biblical Sabbath commandment and its meaning and application. It provides historical context about the Sabbath being given to Israel as a sign of their covenant with God. It also examines whether the Sabbath requirement ceased for Christians based on passages in the New Testament.
Turmeric is a comprehensive SOA platform that was originally developed at eBay and has now been open sourced. It provides a policy-driven architecture and tools for developing, deploying, securing, monitoring, and governing SOA services. The platform includes client and server-side runtimes, quality of service features like authentication and authorization, and Eclipse-based developer tools. Turmeric was tested at a large scale at eBay and is now available to the open source community.
This document describes an educational simulation technology for welding. It supports several welding processes and joints, allows selection of voltage, intensity, polarity and other parameters. It includes augmented reality glasses and diagnostic evaluation. The system has a touch screen computer with Intel Core i7 processor, SSD, 4GB RAM and Windows operating system. It is designed for portability with a transportation box. Adaptations can be made upon customer request.
DRAFT summary of events in 2010 to seed collection of headlines, flyers, photos for full Wall of Wonder to be presented at March 19 Community Wide meeting.
La Web 2.0 ofrece un nuevo mundo de posibilidades de aprendizaje a través de la difusión de ideas, la creación, el aprendizaje interactivo, la exploración, la conexión y la generación de conocimiento colectivo.
Healthy City staff will review the basics of the BHC tool – covering the material presented in the General Overview Webinar PLUS demonstrate the additional functions available to designated BHC Partners who are ‘power/super’ users and TCE BHC Program Managers. This includes learning how to:
• Share Data & Reports
• Upload your data in batches
• Conduct a live mapping session with community partners, members or youth
• Upload images
This document provides final reflections on a course about the future of education. It lists 10 topics covered in the course in descending order of importance, including the power of social networking, need for open and networked learning, and importance of broadening the definition of literacy. The author thanks the instructor, mentors, and classmates for making the course a rich learning experience and looks forward to ongoing connections and learning.
The document analyzes a media product created by the author, a magazine aimed at 15-20 year olds interested in indie, pop punk, and rock music. The author evaluates their use of magazine conventions like headlines, pictures, and double-page spreads. They also discuss representing their target audience, potential distributors like Bauer Media, and lessons learned about design techniques.
AHIV111 - slides for the lecture: "Religion is the opiate of the masses". In this theme we covered the idea that Religion can be ideological in nature.
ZIP Codes? Census tracts? Service Planning Area? What do all of these geographies mean? More importantly, which one should I use for my map?!
This webinar answers all these questions and more. Learn how geographic boundaries are determined, how to choose geographies and how this basic step in map-making will affect the interpretation of your map. Ultimately, you will learn how to make the best map possible to support your case.
Healthy City Hands On Training For Partners 3 26 10Healthy City
Healthy City is an information and action resource that unites rigorous research, community voices, and innovative technologies to solve the root causes of social inequity. It provides data and maps through its online platform HealthyCity.org for research, finding services, and sharing stories. Healthy City partners with various organizations across California to fuel social change and improve communities. The HealthyCity.org website can be used by various stakeholders like case managers, funders, service providers, community organizers, policy advocates, and researchers.
Op 30-10-12 was ik te gast tijdens de IT Innovation Briefing van Systemation. Het onderwerp: de data-gedreven onderneming. In mijn presentatie ging ik vooral in op de mogelijkheden voor ondernemingen om te profiteren van Big Data die onder andere in de online (social) media voor het oprapen liggen.
There are many questions surrounding the subject of baptism. Is it essential? What is involved? What must one know before he is baptized? etc. This lesson deals with a rather personal aspect of baptism - "Why Were You Baptized?"
Reliance HR Services handles recruitment for Anil Dhirubhai Ambani Group companies through a multi-step process. They begin with manpower planning to determine hiring needs. Candidates are sourced internally and externally, through methods like job portals, placement agencies, and campus recruitment. Shortlisted candidates undergo interviews. If approved, a job offer is made. The recruitment process takes 10-15 days on average. Reliance aims to hire qualified candidates with the needed experience and a history of stable employment.
The student worked on cutting panels to support the top of their design project. They measured and marked the wood using a tri-square and pencil, then cut the panels using a tenon saw and pull saw. The student was able to cut 4 panels in 10-15 minutes, which was faster than previous cuts. Measuring and marking took thought and brain power. Photos showed the tools used to cut and measure the panels.
Using Maps in Community-Based Research (3/12/15)Healthy City
Through this webinar you will:
• Explore Healthy City's community-based research approach
• Hear case studies of how others have used community mapping
• Learn how to create your own maps on HealthyCity.org
Healthy City Hands-on Advanced TrainingHealthy City
This document provides information about Healthy City, a project that unites research, community voices, and technology to address social inequity. It offers mapping and data resources for community groups, foundations, governments, and others. Users can access over 30,000 service locations, population data, and community indicators. The website allows customizing maps, analyzing data through charts and rankings, creating user accounts to save work and start groups, and telling stories combining maps, media, and other resources. The goal is to fuel social change by empowering users with information and tools.
The Gospel Demands A Godly Attitude- Chapter 12Don McClain
The document provides an overview of Romans 12:1-15:13, which discusses practical Christian living based on the gospel. It first reviews the key points about the gospel made in Romans 1-11. Romans 12 then instructs Christians to dedicate their bodies as living sacrifices to God, renew their minds, be humble and use their spiritual gifts to serve others. It also teaches Christians to love genuinely, pursue good works, bless persecutors, rejoice with others and live peaceably. The goal is to overcome evil with good.
La Web 2.0 ofrece un nuevo mundo de posibilidades de aprendizaje a través de la difusión de ideas, la creación, el aprendizaje interactivo, la exploración, la conexión y la generación de conocimiento colectivo.
Healthy City staff will review the basics of the BHC tool – covering the material presented in the General Overview Webinar PLUS demonstrate the additional functions available to designated BHC Partners who are ‘power/super’ users and TCE BHC Program Managers. This includes learning how to:
• Share Data & Reports
• Upload your data in batches
• Conduct a live mapping session with community partners, members or youth
• Upload images
This document provides final reflections on a course about the future of education. It lists 10 topics covered in the course in descending order of importance, including the power of social networking, need for open and networked learning, and importance of broadening the definition of literacy. The author thanks the instructor, mentors, and classmates for making the course a rich learning experience and looks forward to ongoing connections and learning.
The document analyzes a media product created by the author, a magazine aimed at 15-20 year olds interested in indie, pop punk, and rock music. The author evaluates their use of magazine conventions like headlines, pictures, and double-page spreads. They also discuss representing their target audience, potential distributors like Bauer Media, and lessons learned about design techniques.
AHIV111 - slides for the lecture: "Religion is the opiate of the masses". In this theme we covered the idea that Religion can be ideological in nature.
ZIP Codes? Census tracts? Service Planning Area? What do all of these geographies mean? More importantly, which one should I use for my map?!
This webinar answers all these questions and more. Learn how geographic boundaries are determined, how to choose geographies and how this basic step in map-making will affect the interpretation of your map. Ultimately, you will learn how to make the best map possible to support your case.
Healthy City Hands On Training For Partners 3 26 10Healthy City
Healthy City is an information and action resource that unites rigorous research, community voices, and innovative technologies to solve the root causes of social inequity. It provides data and maps through its online platform HealthyCity.org for research, finding services, and sharing stories. Healthy City partners with various organizations across California to fuel social change and improve communities. The HealthyCity.org website can be used by various stakeholders like case managers, funders, service providers, community organizers, policy advocates, and researchers.
Op 30-10-12 was ik te gast tijdens de IT Innovation Briefing van Systemation. Het onderwerp: de data-gedreven onderneming. In mijn presentatie ging ik vooral in op de mogelijkheden voor ondernemingen om te profiteren van Big Data die onder andere in de online (social) media voor het oprapen liggen.
There are many questions surrounding the subject of baptism. Is it essential? What is involved? What must one know before he is baptized? etc. This lesson deals with a rather personal aspect of baptism - "Why Were You Baptized?"
Reliance HR Services handles recruitment for Anil Dhirubhai Ambani Group companies through a multi-step process. They begin with manpower planning to determine hiring needs. Candidates are sourced internally and externally, through methods like job portals, placement agencies, and campus recruitment. Shortlisted candidates undergo interviews. If approved, a job offer is made. The recruitment process takes 10-15 days on average. Reliance aims to hire qualified candidates with the needed experience and a history of stable employment.
The student worked on cutting panels to support the top of their design project. They measured and marked the wood using a tri-square and pencil, then cut the panels using a tenon saw and pull saw. The student was able to cut 4 panels in 10-15 minutes, which was faster than previous cuts. Measuring and marking took thought and brain power. Photos showed the tools used to cut and measure the panels.
Using Maps in Community-Based Research (3/12/15)Healthy City
Through this webinar you will:
• Explore Healthy City's community-based research approach
• Hear case studies of how others have used community mapping
• Learn how to create your own maps on HealthyCity.org
Healthy City Hands-on Advanced TrainingHealthy City
This document provides information about Healthy City, a project that unites research, community voices, and technology to address social inequity. It offers mapping and data resources for community groups, foundations, governments, and others. Users can access over 30,000 service locations, population data, and community indicators. The website allows customizing maps, analyzing data through charts and rankings, creating user accounts to save work and start groups, and telling stories combining maps, media, and other resources. The goal is to fuel social change by empowering users with information and tools.
The Gospel Demands A Godly Attitude- Chapter 12Don McClain
The document provides an overview of Romans 12:1-15:13, which discusses practical Christian living based on the gospel. It first reviews the key points about the gospel made in Romans 1-11. Romans 12 then instructs Christians to dedicate their bodies as living sacrifices to God, renew their minds, be humble and use their spiritual gifts to serve others. It also teaches Christians to love genuinely, pursue good works, bless persecutors, rejoice with others and live peaceably. The goal is to overcome evil with good.
Stefan Freitag presented on the D-Grid infrastructure in Germany. D-Grid supported multiple middleware platforms like gLite, UNICORE, and Globus Toolkit across over 30,000 CPU cores and 5 petabytes of storage. A reference system was created to help resources install software stacks consistently. A cloud computing prototype was also developed using OpenNebula to utilize idle resources and attract new users. Lessons learned included a lack of adoption of the reference system and legal issues around dual-use technologies and liability in virtual organizations. Future challenges include merging with the German NGI initiative to avoid duplication and better integrating services.
The document discusses the integration of cloud computing into the D-Grid infrastructure in Germany. It provides background on D-Grid, including its goals and projects. It then describes the setup of cloud computing at the Dortmund Computing Center, including the use of OpenNebula software to create a private cloud. Key challenges of integrating clouds into D-Grid are identified as user management, authorization, accounting, monitoring, and legal issues regarding virtual organizations. Overall, the document analyzes initial efforts to deploy cloud technologies in D-Grid and important open questions around full-scale integration.
The document outlines an agenda for a gLite administration workshop. It will cover installing and configuring core gLite services including the site BDII, batch system, and CREAM Compute Element. Attendees will work in teams to set up a basic grid site infrastructure on provided machines following the presented order of services. Support will be provided to assist any teams experiencing issues.
Integration of Cloud and Grid Middleware at DGRZRStefan Freitag
This document discusses integrating cloud middleware into the existing grid middleware stack at DGRZR. It describes how OpenNebula has been installed to manage virtual machines on DGRZR resources. Future plans include addressing open issues in user management, authorization, accounting and information systems when combining grid and cloud. The goal is to establish cloud middleware as a new pillar of the D-Grid software stack and expand cloud resources across allied universities.
Main Java[All of the Base Concepts}.docxadhitya5119
This is part 1 of my Java Learning Journey. This Contains Custom methods, classes, constructors, packages, multithreading , try- catch block, finally block and more.
This presentation was provided by Steph Pollock of The American Psychological Association’s Journals Program, and Damita Snow, of The American Society of Civil Engineers (ASCE), for the initial session of NISO's 2024 Training Series "DEIA in the Scholarly Landscape." Session One: 'Setting Expectations: a DEIA Primer,' was held June 6, 2024.
How to Build a Module in Odoo 17 Using the Scaffold MethodCeline George
Odoo provides an option for creating a module by using a single line command. By using this command the user can make a whole structure of a module. It is very easy for a beginner to make a module. There is no need to make each file manually. This slide will show how to create a module using the scaffold method.
Physiology and chemistry of skin and pigmentation, hairs, scalp, lips and nail, Cleansing cream, Lotions, Face powders, Face packs, Lipsticks, Bath products, soaps and baby product,
Preparation and standardization of the following : Tonic, Bleaches, Dentifrices and Mouth washes & Tooth Pastes, Cosmetics for Nails.
How to Add Chatter in the odoo 17 ERP ModuleCeline George
In Odoo, the chatter is like a chat tool that helps you work together on records. You can leave notes and track things, making it easier to talk with your team and partners. Inside chatter, all communication history, activity, and changes will be displayed.
A review of the growth of the Israel Genealogy Research Association Database Collection for the last 12 months. Our collection is now passed the 3 million mark and still growing. See which archives have contributed the most. See the different types of records we have, and which years have had records added. You can also see what we have for the future.
How to Manage Your Lost Opportunities in Odoo 17 CRMCeline George
Odoo 17 CRM allows us to track why we lose sales opportunities with "Lost Reasons." This helps analyze our sales process and identify areas for improvement. Here's how to configure lost reasons in Odoo 17 CRM
A Strategic Approach: GenAI in EducationPeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
How to Fix the Import Error in the Odoo 17Celine George
An import error occurs when a program fails to import a module or library, disrupting its execution. In languages like Python, this issue arises when the specified module cannot be found or accessed, hindering the program's functionality. Resolving import errors is crucial for maintaining smooth software operation and uninterrupted development processes.
The simplified electron and muon model, Oscillating Spacetime: The Foundation...RitikBhardwaj56
Discover the Simplified Electron and Muon Model: A New Wave-Based Approach to Understanding Particles delves into a groundbreaking theory that presents electrons and muons as rotating soliton waves within oscillating spacetime. Geared towards students, researchers, and science buffs, this book breaks down complex ideas into simple explanations. It covers topics such as electron waves, temporal dynamics, and the implications of this model on particle physics. With clear illustrations and easy-to-follow explanations, readers will gain a new outlook on the universe's fundamental nature.
বাংলাদেশের অর্থনৈতিক সমীক্ষা ২০২৪ [Bangladesh Economic Review 2024 Bangla.pdf] কম্পিউটার , ট্যাব ও স্মার্ট ফোন ভার্সন সহ সম্পূর্ণ বাংলা ই-বুক বা pdf বই " সুচিপত্র ...বুকমার্ক মেনু 🔖 ও হাইপার লিংক মেনু 📝👆 যুক্ত ..
আমাদের সবার জন্য খুব খুব গুরুত্বপূর্ণ একটি বই ..বিসিএস, ব্যাংক, ইউনিভার্সিটি ভর্তি ও যে কোন প্রতিযোগিতা মূলক পরীক্ষার জন্য এর খুব ইম্পরট্যান্ট একটি বিষয় ...তাছাড়া বাংলাদেশের সাম্প্রতিক যে কোন ডাটা বা তথ্য এই বইতে পাবেন ...
তাই একজন নাগরিক হিসাবে এই তথ্য গুলো আপনার জানা প্রয়োজন ...।
বিসিএস ও ব্যাংক এর লিখিত পরীক্ষা ...+এছাড়া মাধ্যমিক ও উচ্চমাধ্যমিকের স্টুডেন্টদের জন্য অনেক কাজে আসবে ...
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
Talk at the Security Workshop, GridKA Summerschool 2010
1. Incident
reporting
S. Freitag, F.
Feldhaus
Incident reporting
Before you
report GridKa Summer School 2010
Incident
Scenarios
Incident
handling Stefan Freitag, Florian Feldhaus
Robotics Research Institute
TU Dortmund
September 10, 2010
2. Contents
Incident
reporting
S. Freitag, F.
Feldhaus
Before you
report 1 Before you report
Incident
Scenarios
Incident
handling
2 Incident Scenarios
3 Incident handling
3. Do you know....?
Incident
reporting
Security Incident Response Policy1
S. Freitag, F.
Feldhaus
objective: ensure that all incidents are investigated as fully
Before you
report as possible and that sites promptly report intrusions.
Incident
Scenarios
As a grid participant, you agree to
Incident
report suspected security incidents that have impact or
handling relationship to grid resources, services, or identities
respond to and investigate incident reports regarding
resources, services, or identities for which you are
responsible
perform appropriate investigations and forensics and share
the results with the incident coordinator
follow the incident response procedure
Next question: what is the incident response procedure?
1
https://edms.cern.ch/document/428035/7
4. EGEE incident response procedure2
Incident
reporting
S. Freitag, F.
Feldhaus
Audience
Before you
report
grid site security officers and site administrators
Incident
Scenarios
Incident Definition of security incident
handling
The act of violating an explicit or implied security policy
Definition of actions for the case of a security incident
More on this in a few minutes . . .
2
https://edms.cern.ch/document/867454
5. Security incident - scenario A (2009)
Incident
reporting
S. Freitag, F. Some grid sites allow gsissh-based access to VoBoxes (e.g.
Feldhaus
for VO software managers)
Before you
report On a VoBox Grid users are mapped to local accounts
Incident
Scenarios
Initial step for an attacker
Incident
handling
gain access to user credentials (certificate or proxy)
What happens next ?
Connect to VoBox using stolen credentials
Running e.g. a kernel exploit to gain root privileges
6. Security incident - scenario A (2009)
Incident
reporting
S. Freitag, F.
Feldhaus
# s h −x w u n d e r b a r e m p o r i u m . s h
Before you
report [...]
Incident
[+] got r i n g 0 !
Scenarios [+] d e t e c t e d 2.6 s t y l e 4k s t a c k s
Incident [ + ] D i s a b l e d s e c u r i t y o f : n o t h i n g , what an
handling
i n s e c u r e machine !
[ + ] Got r o o t !
sh −3.00# i d
u i d =0( r o o t ) g i d =0( r o o t ) g r o u p s =64004( hepcg )
c o n t e x t=u s e r u : s y s t e m r : i n i t r c t
7. Security incident - scenario B (2010)
Incident
reporting
Department A The Grid
S. Freitag, F.
Feldhaus
Before you
report
Incident
Scenarios
Incident
handling
8. Security incident - scenario B (2010)
Incident
reporting
Department A The Grid
S. Freitag, F.
Feldhaus
CERTIFICATE
X.509
Before you
report
CERTIFICATE
Incident X.509
Scenarios
Incident
handling
9. Security incident - scenario B (2010)
Incident
reporting
S. Freitag, F.
Department A The Grid
Feldhaus
CERTIFICATE
Before you X.509
report
Incident
Scenarios CERTIFICATE
X.509
Incident
handling
Alien
attacker
10. Security incident - scenario B (2010)
Incident
reporting
S. Freitag, F.
Feldhaus The Grid
Before you
report
Incident
Scenarios
stolen
Incident CERTIFICATE
X.509
handling
Alien
attacker
11. Incident handling
Incident
reporting
S. Freitag, F.
Feldhaus For the next slides please keep in mind:
Before you
report
Incident The red block describes actions required by the EGEE Incident
Scenarios
Response Procedure document
Incident
handling
The blue block contains information about actions carried out
during a security incident at the Grid resource in Dortmund
Down here you will find additional information, e.g. max.
response times
12. Incident handling
Incident
reporting
First action
S. Freitag, F.
Feldhaus Inform immediately your local security team and your ROC
Before you Security Contact
report
Incident
Scenarios Action
Incident
handling Sent E-Mail to Ursula Epting
Read Incident response procedure
Informed 2nd site security officer and local security team
max. 4 hours or
13. Incident handling
Incident
reporting
S. Freitag, F.
Feldhaus
Before you Response procedure
report
Incident In case no support is shortly available [...] try to contain the
Scenarios
incident. For instance by unplugging the network cable
Incident
handling connected to the host. Do NOT reboot or power off the host.
Action
Disconnected affected workernodes from network
14. Incident handling
Incident
reporting Response procedure
S. Freitag, F.
Feldhaus Assist your local security team and your ROC Security Contact
to confirm and investigate the incident. Announce the incident
Before you
report to all the sites.
Incident
Scenarios
Actions
Incident
handling
Send a heads-up e-mail (template: next slide)
Arranged meeting with local security team
Network guys were asked to check logs
max. 4 hours (Announcement)
15. Heads-up E-mail
Incident
reporting
S. Freitag, F.
Feldhaus
Before you
report
** PLEASE DO NOT REDISTRIBUTE ** EGEE-<DATE> (ex: EGEE-20090531)
Incident ** This message is sent to the EGEE CSIRTs and must NOT be publicly archived **
Scenarios Dear CSIRTs,
It seems a security incident has been detected at <your site>.
Incident Summary of the information available so far:
handling
Ex: A malicious SSH connection was detected from XXXXX. The extent of the
incident is unclear for now, and more information will be published in the coming
hours as forensics are progressing at our site. However, all sites should check for
successful SSH connection from XXXXX as a precautionary measure.
16. Incident handling
Incident
reporting Response procedure
S. Freitag, F.
Feldhaus Report a downtime for the affected hosts on the GOCDB
Before you
report
→ Send an EGEE broadcast announcing the downtime for
Incident
the affected hosts Use ”Security operations in progress” as
Scenarios the reason with no additional detail both for the broadcast
Incident
handling
and the GOCDB.
Actions
Created downtime for possibly affected hosts udo-ce01/
udo-dcache01
max. 1 day after discovery
17. Incident handling
Incident
reporting
S. Freitag, F. Response procedure
Feldhaus
Perform appropriate forensics and take necessary actions to
Before you
report prevent further damage
Incident
Scenarios
Identify and kill suspicious process(es) as appropriate, but
Incident
aim at preserving the information they could have
handling
generated
If it is suspected that some grid credentials have been
abused or compromised, you MUST ensure the relevant
accounts become suspended
If it is suspected that some grid credentials have been
abused, you MUST ensure that the relevant VO
manager(s) have been informed.
18. Incident handling
Incident
reporting
S. Freitag, F.
Feldhaus
Before you
Response procedure
report
Incident
Perform appropriate forensics and take necessary actions to
Scenarios prevent further damage
Incident
handling If it is suspected that some grid credentials have been
compromised, you MUST ensure that the relevant
certification authority gets informed.
If needed, seek for help from your local security team or
from your ROC Security Contact
19. Incident handling
Incident
reporting
S. Freitag, F.
Feldhaus
Before you
report Action
Incident
Scenarios Banned affected users on our compute elements by adding
Incident their DN to the blacklist in
handling
/opt/glite/etc/lcas/ban users.db
E-Mail to VO manager regarding compromised user
Contacted the certification authority
20. Incident handling
Incident
reporting
S. Freitag, F. Response procedure
Feldhaus
As part of the security incident resolution process, sites are
Before you
report expected to report the following information:
Incident
Scenarios affected hosts and hosts used as entry point to the site
Incident remote IP address(es) of the attacker
handling
evidence of the compromise, including timestamps
what was lost, details of the attack
list of other sites possibly affected (if available)
possible vulnerabilities exploited by the attacker (if
available)
actions taken to resolve the incident
21. Incident handling
Incident
reporting
S. Freitag, F.
Feldhaus
Before you
Response procedure
report
Incident
Scenarios
Tracked down the UI that was used by the attacker for job
Incident
submission (checking logs of batchsystem, Compute
handling Element, . . . )
Analyzed netflow to/fro affected workernode
Analyzed executables deployed by the attacker
Updated incident report regularly
22. Incident handling
Incident
reporting
S. Freitag, F.
Feldhaus Response procedure
Before you Coordinate with your local security team and your ROC
report
Security Contact to send an incident closure report including
Incident
Scenarios lessons learnt and measures taken to prevent future incidents.
Incident
handling
Actions
Preparation and submission of final report
max. 1 months
23. Incident handling
Incident
reporting
S. Freitag, F.
Feldhaus
Response procedure
Before you
report
Restore the service, and if needed, send an EGEE broadcast,
Incident
Scenarios update the GOCDB, service documentation and procedures to
Incident prevent recurrence as necessary
handling
Actions
Re-installation of affected workernode
Safety tuning
24. Incident
reporting
S. Freitag, F.
Feldhaus
Before you
report
Incident
Scenarios
Incident
handling
Thanks for your attention!