BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//CERN//INDICO//EN
BEGIN:VEVENT
SUMMARY:Using Nagios for intrusion detection
DTSTART;VALUE=DATE-TIME:20040929T124000Z
DTEND;VALUE=DATE-TIME:20040929T130000Z
DTSTAMP;VALUE=DATE-TIME:20130619T100957Z
UID:indico-contribution-164@cern.ch
DESCRIPTION:Speakers: CARDENAS MONTES\, M. (CIEMAT)\nImplementing strategi
 es for secured access to widely accessible\nclusters is a basic requiremen
 t of these services\, in particular if\nGRID integration is sought for. Th
 is issue has two complementary \nlines to be considered: security perimete
 r and intrusion detection\nsystems. In this paper we address aspects of th
 e second one.\n\nCompared to classical intrusion detection mechanisms\, cl
 ose monitoring of\ncomputer services can substantially help to detect intr
 usion signs. \nHaving alarms indicating the presence of an intrusion into 
 the system\,\nallows system administrators to take fast actions to minimiz
 e damages \nand stop diffusion towards other critical systems.\n\nOne poss
 ible monitoring tool is Nagios (www.nagios.org)\, a powerful GNU tool\nwit
 h capacity to observe and collect information about a variety of\nservices
 \, and trigger alerts.  \n\nIn this paper we present the work done at CIEM
 AT\, where we have applied\nthese directives to our local cluster.We have 
 implemented a system\nto monitor the hardware and system sensitive informa
 tion. \nWe describe the process and show through different simulated secur
 ity \nthreads how does our implementation respond to it.\n\nhttp://indico.
 cern.ch/contributionDisplay.py?contribId=164&sessionId=12&confId=0
LOCATION:Interlaken\, Switzerland Brunig 3
URL:http://indico.cern.ch/contributionDisplay.py?contribId=164&sessionId=1
 2&confId=0
END:VEVENT
END:VCALENDAR