Task #296
closedTask #289: warden-client-1.0.0: uprava README do nove verze baliku warden-client
Doplnit informaci o tom kdo generuje SSL certifikaty
Added by Tomáš Plesník almost 13 years ago. Updated about 12 years ago.
0%
Description
V balicku warden-clietn-1.0.0 chyby informace o tom, kdo uzivateli vygeneruje SSL certifikat a koho ma pozadat o registraci do systemu Warden.
Updated by Pavel Kácha almost 13 years ago
Zdravím,
protože jsme o tom mluvili na schůzce 24. 11. (konkrétní nasazení provozovatelem) a mám to rozpracované, připojuju svůj návrh, zatím jen sem, pokud máte připomínky nebo další nápady, sem s nimi. Snažil jsem se o stejný styl, jako je původní README, pokud ho generujete z jiného výchozího formátu, klidně příslušně upravte.
Vzhledem k tomu, že info přijde zřejmě až do tarballu další minor verze, bude třeba informace o verzi v dokumentu upravit (nebo je z něj vyřadit úplně).
Zahrnul jsem i URL produkčního serveru (v hlavním README je jako příklad warden-dev, tak ať je to zřejmé) a testovací zprávu.
Dokument (pro konzistenci s 1.0.0) ještě nezahrnuje (ne)přijímání vlastních událostí (#293), tagy (#294) a terminologii (#298).
Jako autora uvádím sebe a Honzu Soukala, z jehož intro mailu jsem části vyzobal.
+-------------------------------------+ | README.cesnet - Warden Client 1.0.0 | | CESNET Specifics | +-------------------------------------+ Content A. Overall Information B. Registration C. Configuration D. Testing E. Authors of this document -------------------------------------------------------------------------------- A. Overall Information 1. About CESNET Warden Server Warden is a client-based architecture service designed to share detected security issues (events) among CSIRT and CERT teams in a simple and fast way. CESNET offers Warden server for security events exchange within its networks. 2. Version 1.0.0 (2011-11-16) -------------------------------------------------------------------------------- B. Registration Client attempting to communicate with CESNET Warden server must be registered. Registration is currently provided by Tom Plesnik at address plesnik@ics.muni.cz and following information is needed: * For sender client: - hostname of the machine, where client runs, - name of the detection service (for example 'ScanDetector'), - client type = sender, - CIDR from which client will communicate with Warden server. * For receiver client: - hostname of the machine, where client runs, - client type = receiver, - type of requested events (for example 'portscan', more at https://homeproj.cesnet.cz/projects/warden/wiki/Typy_udalosti), - CIDR from which client will communicate with Warden server. Clients need to have valid certificate to prove their identity to the Warden server. For CESNET network, 'server' type certificate from Terena Certificate Service (provided by Comodo) is needed. Administrator of Warden client must be entitled to obtain this certificate. CESNET TCS request service interface resides at https://tcs.cesnet.cz/ -------------------------------------------------------------------------------- C. Configuration CESNET Warden server resides at URI 'https://warden.cesnet.cz:443/Warden'. -------------------------------------------------------------------------------- D. Testing For testing purposes of sender clients, event type 'test' can be used. These events will end up in server database, but will not be taken further into consideration. -------------------------------------------------------------------------------- E. Authors of this document Pavel Kacha <ph@cesnet.cz> Jan Soukal <soukal@ics.muni.cz> Copyright (C) 2011 Cesnet z.s.p.o
Updated by Pavel Kácha almost 13 years ago
Verze s doplněným vyžadovaným subjectem.
+-------------------------------------+ | README.cesnet - Warden Client 1.0.0 | | CESNET Specifics | +-------------------------------------+ Content A. Overall Information B. Registration C. Configuration D. Testing E. Authors of this document -------------------------------------------------------------------------------- A. Overall Information 1. About CESNET Warden Server Warden is a client-based architecture service designed to share detected security issues (events) among CSIRT and CERT teams in a simple and fast way. CESNET offers Warden server for security events exchange within its networks. 2. Version 1.0.0 (2011-11-16) -------------------------------------------------------------------------------- B. Registration Client attempting to communicate with CESNET Warden server must be registered. Registration is currently provided by Tom Plesnik at address plesnik@ics.muni.cz and following information is needed: * For sender client: - hostname of the machine, where client runs, - name of the detection service (for example 'ScanDetector'), - client type = sender, - CIDR from which client will communicate with Warden server. * For receiver client: - hostname of the machine, where client runs, - client type = receiver, - type of requested events (for example 'portscan', more at https://homeproj.cesnet.cz/projects/warden/wiki/Typy_udalosti), - CIDR from which client will communicate with Warden server. Clients need to have valid certificate to prove their identity to the Warden server. For CESNET network, 'server' type certificate from Terena Certificate Service (provided by Comodo) is needed. Hostname of the machine must correspond with certificate subject, Alternative Name extension is not supported. Administrator of Warden client must be entitled to obtain this certificate. CESNET TCS request service interface resides at https://tcs.cesnet.cz/ -------------------------------------------------------------------------------- C. Configuration CESNET Warden server resides at URI 'https://warden.cesnet.cz:443/Warden'. -------------------------------------------------------------------------------- D. Testing For testing purposes of sender clients, event type 'test' can be used. These events will end up in server database, but will not be taken further into consideration. -------------------------------------------------------------------------------- E. Authors of this document Pavel Kacha <ph@cesnet.cz> Jan Soukal <soukal@ics.muni.cz> Copyright (C) 2011 Cesnet z.s.p.o
Updated by Tomáš Plesník almost 13 years ago
Cau Pavle,
Pavel Kácha wrote:
Verze s doplněným vyžadovaným subjectem.
[...]
jeste jsem si vsiml, ze u odesilajiciho klienta (* For sender client:) chyby description tags viz vypis napovedy registracniho skriptu:
registerSender.pl [-h -n <hostname> -r <requestor> -s <service> -d <description_tags> -i <ip_net_client>] -h print this text and exit -n hostname of sender -r client registration requestor -s service of send events -d description tags of send events -i CIDR of sender
a u prijimajiciho (* For receiver client:) zase polozka zdali chce uzivatel prijimat sve vlastni udalosti:
registerReceiver.pl [-h -o -n <hostname> -r <requestor> -t <type> -i <ip_net_client>] -h print this text and exit -n hostname of receiver -r client registration requestor -t type of receive events -o enable receive of own events -i CIDR of receiver
Tom
Updated by Pavel Kácha almost 13 years ago
Updated by Tomáš Plesník almost 13 years ago
Pavel Kácha wrote:
Vím, #294, a taky #293, viz moje první poznámka tady. Už je to aktuální, mám obojí doplnit?
Aha, tak tu jsem prehledl. Nicmene tyto informace muzes do textu doplnit a ja pak preklopim dany dokument do souboru REGISTRATION a ulozim do GITu. Dale me pak napadlo, ze muzeme sekci Registration vymazat z README aby se nam informace nedublovali. V registracni casti README bude stacit pouze odkaz na soubor REGISTRATION.
Co ty nato?
Updated by Tomáš Plesník almost 13 years ago
Tomáš Plesník wrote:
Pavel Kácha wrote:
Vím, #294, a taky #293, viz moje první poznámka tady. Už je to aktuální, mám obojí doplnit?
Aha, tak tu jsem prehledl. Nicmene tyto informace muzes do textu doplnit a ja pak preklopim dany dokument do souboru REGISTRATION a ulozim do GITu. Dale me pak napadlo, ze muzeme sekci Registration vymazat z README aby se nam informace nedublovali. V registracni casti README bude stacit pouze odkaz na soubor REGISTRATION.
Co ty nato?
Mnou navrhovana verze je tedy nasledujici:
+-------------------------------------+ | REGISTRATION - Warden Client 1.0.0 | +-------------------------------------+ Content A. Overall Information B. Registration C. Configuration D. Testing E. Authors of this document -------------------------------------------------------------------------------- A. Overall Information 1. About CESNET Warden Server Warden is a client-based architecture service designed to share detected security issues (events) among CSIRT and CERT teams in a simple and fast way. CESNET offers Warden server for security events exchange within its networks. 2. Version 1.0.0 (2011-11-16) -------------------------------------------------------------------------------- B. Registration Client attempting to communicate with CESNET Warden server must be registered. Registration is currently provided by Tomas Plesnik at address plesnik@ics.muni.cz and following information is needed: * For sender client: - hostname of the machine, where client runs, - name of the detection service (for example 'ScanDetector'), - client type = sender, - description tags of sent events (more at https://homeproj.cesnet.cz/projects/warden/wiki/Typy_udalosti), - CIDR from which client will communicate with Warden server. * For receiver client: - hostname of the machine, where client runs, - client type = receiver, - type of requested events (for example 'portscan', more at https://homeproj.cesnet.cz/projects/warden/wiki/Typy_udalosti), - receiving of sent events from my organization = yes/no (organizations are separated based on the top-level and second-level domain), - CIDR from which client will communicate with Warden server. Clients need to have valid certificate to prove their identity to the Warden server. For CESNET network, 'server' type certificate from Terena Certificate Service (provided by Comodo) is needed. Hostname of the machine must correspond with certificate subject, Alternative Name extension is not supported. Administrator of Warden client must be entitled to obtain this certificate. CESNET TCS request service interface resides at https://tcs.cesnet.cz/ -------------------------------------------------------------------------------- C. Configuration CESNET Warden server resides at URI 'https://warden.cesnet.cz:443/Warden'. -------------------------------------------------------------------------------- D. Testing For testing purposes of sender clients, event type 'test' can be used. These events will end up in server database, but will not be taken further into consideration. -------------------------------------------------------------------------------- E. Authors of this document Pavel Kacha <ph@cesnet.cz> Jan Soukal <soukal@ics.muni.cz> Copyright (C) 2011 Cesnet z.s.p.o
Updated by Pavel Kácha almost 13 years ago
Díky, ještě jsem se k tomu nedostal.
Oki, vlastní události souhlas.
Tagy viz #294, ať jsme pod správným úkolem.
Updated by Tomáš Plesník almost 13 years ago
Pavel Kácha wrote:
Díky, ještě jsem se k tomu nedostal.
Oki, vlastní události souhlas.
Tagy viz #294, ať jsme pod správným úkolem.
Ahoj, tak jsem pretavil README.cesnet tahane po redminu do textoveho souboru v GITu. README.cesnet naleznete na https://homeproj.cesnet.cz/projects/warden/repository/revisions/master/changes/src/warden-client/doc/README.cesnet dalsi upravy prosim delejte do nej.
Updated by Tomáš Plesník almost 13 years ago
- Status changed from New to Closed
Informace o tom, kdo v ramci Cesnet Warden serveru generuje SSL certifikaty byla doplnena do README.cesnet. Ticket tedy uzaviram.