| 12 | | This sections will clearly state what is being verifies. |
| | 12 | The GENI Clearinghouse server is located at the GPO, where it undergoes various GMOC security checks. This page captures an outline of security checks activities executed by the GPO team: |
| | 13 | - GPO monitors vulnerabilities feeds for system level packages and: |
| | 14 | o Evaluates potential vulnerabilities that would apply to Clearinghouse environment. |
| | 15 | o Priorities vulnerabilities to be installed. |
| | 16 | o Verifies that vulnerability fix is being applied in the GENI Community. |
| | 17 | - GPO monitors system for unusual system and services behavior and investigates as needed. |
| | 18 | - GPO periodically checks logs: |
| | 19 | o /var/log/apache2/error.log |
| | 20 | o /var/log/geni-chapi/chapi.log |
| | 21 | o /var/log/apache2/ch_error.log |
| | 22 | o /var/log/apache2/portal_error.log |
| | 23 | |
| | 24 | The first 3 of the above logs are checked with a script (geni-ch/bin/geni-check-errors). If something looks odd in those 3 logs than the following are reviewed: |
| | 25 | o /var/log/apache2/portal_ssl_access.log |
| | 26 | o /var/log/apache2/ch_ssl_access.log |
