Fermilab Computer Security Network flows

1
Fermilab Computer Security Network flows

• Eleonora Figueroa
• August 9, 2005

2
Computer Security Team
Joe Klemencic
Mark Leininger

• Computing Division
• Laboratory Computer Security Program
• Expertise
• Information
• Resources

Randy Reitz
Frank Nagy
3
My Projects

• Node Registration Page and show_sys() method
• Graph block/unblock request time
• Sending digitally signed emails
• Write network flow filters

4
Node Registration Page
5
Creating the webpage

• Show_sys()
• Python method
• MySQL Database
• Returns array of information
• Supporting web-page
• Zope/DTML

6
(No Transcript)
7
G r a p h b l o c k / u n b l o c k r e q u e s
t t i m e
8
(No Transcript)
9

• Vulnerabilities looked for
• Weak passwords
• Missing patches
• Unprotected information
• Graph data with python script
• Administrative purposes ?efficiency

10
Digitally signed emails

• Python script ? Unix shell
• Why?
• Validity Authentication
• Added security
• Future
• Automated signing of emails

11

12
Netflow.pl

• Background
• Network routers ?flows
• Problems
• Software ?CISCO Format ? Vendor specific
• Want to change to Standard Format
• Two-fold process
• Long learning curve

13
(No Transcript)
14
Netflow.pl

• Features
• Automatic time/day
• Specific error messages missing flags, wrong
  format
• Runtime manual
• Change the save location of filters for future
  reference
• Negate parameters

15
(No Transcript)
16
(No Transcript)
17
(No Transcript)
18
Contrast
19
Netflow.pl Results

• Implemented by members of the Computer Security
  Team
• In the process of being implemented by Fermilab
  Incidence response Team and Fermilab Networking
  Team
• Released back to open source community

20
Conclusions

• Important tools
• Writing filters to analyse information
• Graphing wanted data
• Wrapping disjointed tools
• Basics of growing security trend
• Satisfaction of having my programs implemented
  and offered to the community
• Digitally signing emails ?documentation
• Netflow.pl ?Repository to open source of netflow
  tool

21
Acknowledgment

• Computer Security Team Joe Klemencic, Mark
  Leininger, Randy Reitz, and Frank Nagy
• Igor Mandrichenko
• Mentors Cosmore Sylvester, Jamieson Olsen
• SIST administrative staff Dianne Engram, Elliot
  McCrory, Dr. Davenport

22
Questions?