1 / 22

Fermilab Computer Security Network flows

Eleonora Figueroa August 9, 2005. Fermi National Acceleration Laboratory. The University of Texas at San Antonio. Fermilab Computer Security Network flows. Computer Security Team. Joe Klemencic. Mark Leininger. Computing Division Laboratory Computer Security Program Expertise

Télécharger la présentation

Fermilab Computer Security Network flows

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.


Presentation Transcript

  1. Eleonora Figueroa August 9, 2005 Fermi National Acceleration Laboratory The University of Texas at San Antonio Fermilab Computer SecurityNetwork flows

  2. Computer Security Team Joe Klemencic Mark Leininger • Computing Division • Laboratory Computer Security Program • Expertise • Information • Resources Randy Reitz Frank Nagy

  3. My Projects • Node Registration Page and show_sys() method • Graph block/unblock request time • Sending digitally signed emails • Write network flow filters

  4. Node Registration Page

  5. Creating the webpage • Show_sys() • Python method • MySQL Database • Returns array of information • Supporting web-page • Zope/DTML

  6. G r a p h b l o c k / u n b l o c k r e q u e s t t i m e

  7. Vulnerabilities looked for • Weak passwords • Missing patches • Unprotected information • Graph data with python script • Administrative purposes efficiency

  8. Digitally signed emails Python script  Unix shell Why? Validity Authentication Added security Future: Automated signing of emails

  9. Netflow.pl Background: Network routers flows Problems: Software CISCO Format  Vendor specific Want to change to Standard Format Two-fold process Long learning curve

  10. Netflow.pl Features: Automatic time/day Specific error messages: missing flags, wrong format Runtime manual Change the save location of filters for future reference Negate parameters

  11. Contrast Before After - CISCO format - Manually make filters - Two-fold process - Long learning curve - Open format - Enter parameters - Program gets information looked for - Easy to use

  12. Netflow.pl Results Implemented by members of the Computer Security Team In the process of being implemented by Fermilab Incidence response Team and Fermilab Networking Team Released back to open source community

  13. Conclusions Important tools: Writing filters to analyse information Graphing wanted data Wrapping disjointed tools Basics of growing security trend Satisfaction of having my programs implemented and offered to the community: Digitally signing emails documentation Netflow.pl Repository to open source of netflow tool

  14. Acknowledgment Computer Security Team Joe Klemencic, Mark Leininger, Randy Reitz, and Frank Nagy Igor Mandrichenko Mentors: Cosmore Sylvester, Jamieson Olsen SIST administrative staff: Dianne Engram, Elliot McCrory, Dr. Davenport

  15. Questions?

More Related