Changes between Version 3 and Version 4 of GENIOperationsTrial/GENISecurityCheckClearinghouse
- Timestamp:
- 07/02/15 07:45:27 (9 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
GENIOperationsTrial/GENISecurityCheckClearinghouse
v3 v4 12 12 The GENI Clearinghouse server is located at the GPO, where it undergoes various GMOC security checks. This page captures an outline of security checks activities executed by the GPO team: 13 13 - GPO monitors vulnerabilities feeds for system level packages and: 14 oEvaluates potential vulnerabilities that would apply to Clearinghouse environment.15 oPriorities vulnerabilities to be installed.16 oVerifies that vulnerability fix is being applied in the GENI Community.14 * Evaluates potential vulnerabilities that would apply to Clearinghouse environment. 15 * Priorities vulnerabilities to be installed. 16 * Verifies that vulnerability fix is being applied in the GENI Community. 17 17 - GPO monitors system for unusual system and services behavior and investigates as needed. 18 18 - GPO periodically checks logs: 19 o/var/log/apache2/error.log20 o/var/log/geni-chapi/chapi.log21 o/var/log/apache2/ch_error.log22 o/var/log/apache2/portal_error.log19 * /var/log/apache2/error.log 20 * /var/log/geni-chapi/chapi.log 21 * /var/log/apache2/ch_error.log 22 * /var/log/apache2/portal_error.log 23 23 24 24 The first 3 of the above logs are checked with a script (geni-ch/bin/geni-check-errors). If something looks odd in those 3 logs than the following are reviewed: 25 o/var/log/apache2/portal_ssl_access.log26 o/var/log/apache2/ch_ssl_access.log25 * /var/log/apache2/portal_ssl_access.log 26 * /var/log/apache2/ch_ssl_access.log 27 27 28 28 == 1.2 Steps for GENI Clearinghouse Security Check ==