OWG Meeting 23-Sep-2015

From GlueXWiki
Jump to: navigation, search

Location and Time

Room: Hall-D Conference Room Note room change!!

Time: 1:30pm-2:30pm

Connection

You can connect using BlueJeans Video conferencing (ID: 120390084). (Click "Expand" to the right for details -->):

(if problems, call phone in conference room: 757-269-6460)

  1. To join via Polycom room system go to the IP Address: 199.48.152.152 (bjn.vc) and enter the meeting ID: 120390084.
  2. To join via a Web Browser, go to the page https://bluejeans.com/120390084.
  3. To join via phone, use one of the following numbers and the Conference ID: 120390084
    • US or Canada: +1 408 740 7256 or
    • US or Canada: +1 888 240 2560
  4. More information on connecting to bluejeans is available.


Previous Meeting

Agenda

  1. Announcements
  2. GlueX Collaboration Meeting October 8-10
  3. Cyber Security
    • Network Scanning (see below)
    • Operations Accounts Password
  4. DAQ system development
  5. ROL modifications
    • SYNC events
  6. L3/Event Tagging development
  7. AOT


Network Scanning (click "Expand" -->) 

David,

As POC for computing services in Hall D, I am contacting you in order to
start a conversation regarding a computer security enhancement across
the lab. Given the results of the last several independent computer
security audits performed here at Jefferson Lab, we have been directed
to intensify our network vulnerability scanning so as to detect problems
before they cause security issues. Lab management would like to have a
plan in place within the next couple of weeks to address this shortcoming.

Please note that this is not an exercise where the results are be shared
with lab or DOE management, only with you and your team. The aim is to
mitigate all vulnerabilities detected in a timely fashion without
incurring work slowdown.

In order to fulfill this mission, we would like to do two types of
scanning on a regular basis. Both are network based and the intent is to
cause as little disruption as possible while still achieving a measure
of success.

1. Weekly Nessus and Netsparker scanning of the webservers, both
internal and external. The testing will include any systems on the
129.57.64.x subnet, along with other webservers identified by the
security team residing on subnets: 129.57.26.0/23, 129.57.135.0/24,
129.57.172.0/22, and 129.57.194.0/24.

2. Occasional Nessus vulnerability scanning of the entire Hall D network
address space. This will be coordinated to occur during the summer and
winter down periods. All results will be shared with the hall leaders,
especially when security issues have been noticed. The scanning will
include all systems located on subnets: 129.57.26.0/23, 129.57.135.0/24,
129.57.172.0/22, and 129.57.194.0/24.

These scans have to potential to cause performance problems on the
system being scanned, so coordination between both hall and security
personnel is essential. In order to start the ball rolling on
implementing a scanning schedule, I would like to initially propose the
following:

Website scanning on Tuesday starting at about 10 am. We expect this to
take 2-4 hours.

Full Nessus scan during the next winter down period. Depending upon the
number of devices, we expect this to take approximately 8 hours.

Please let me know if you have any questions.

Thanks,

Greg Nowicki<br>
Computer Security Manager


Minutes

TBD

Retrieved from "https://halldweb.jlab.org/wiki/index.php?title=OWG_Meeting_23-Sep-2015&oldid=80847"