Title: s ap 13th Annual FIRST Conference a 4th
1 ???µ???s? ap? 13th Annual FIRST Conference ?a?
4th 5th TF-CSIRT meetings
S????t?s? ?µ?da? ??d???? ???t??? ???µ??
???? ?????sa ???ed??s?e???, ??? ????a, 17-05-2002
- St?fa??? ?a?????????
- ????? t?? ?? t?? GRNET-CERT
- ?a?ep?st?µ?? ???a???
2What is FIRST ? The Forum of Incident Response
and Security Teams
- ?? ?e?d?s??p??? ep??e???s?, µe ?d?a t??
?a??f????a t?? ?.?.? - ?d?????e t? 1990 ap? 11 a????? µ???
- ?? 2002, ta µ??? ?ep??asa? ta 100 se ??? t??
??sµ? - ???? t?? FIRST e??a? ?? p?? as??????ta? µe ??µata
asf??e?a? ap? ??? t?? ??sµ?
St???? t?? FIRST e??a? ? s??e??as?a ?a? ?
s??t???sµ?? t?? ?µ?d?? CERT ??a t?? ?a??te??
a?t?µet?p?s?, p?????? ?a? d?asp??? eµpe???a? ?a?
???s?? sta µ??? t?? ?????t?ta? se ??µata
asf??e?a?.
3FIRST membership
- ?a?t??? µ???? p??pe? ?a p??te??e? t? ?p???f??
µ???? - ?? ta?t??? µ???? ep?pte?e? t?? d?ad??as?a
- ?? ta?t??? µ???? e????e? ?a? a??????e? t?
?p???f?? µ???? - ?t?s?? ??st?? S??d??µ?? 550.00
- ??a??a??? p???p?????sµ?? s?µµet???? sta s???d??a
- Note ??? ta?t??? µ??? (ARNES SI-CERT ?a? DK
CERT) d?????a? ?a p??te????? t? GRNET-CERT.
S??e??a??µaste ste?? µe t?? Goratz Bozic ap? t?
ARNES SI-CERT.
413th Annual FIRST Computer Security Incident
Handling Conference, June 2001, France
- Topics of major interest presented
- Creating a computer Security Incident Response
Team - Incident Organization and Security Incident
Handling - What to do During DDoS attacks
- Collaboration of European CSIRTs
- The CSIRT model in the real world
- Human factor in firm security policy
- Securing web-based applications
- 300 s?µµet????
514th Annual FIRST Computer Security Incident
Handling Conference, June 2002, USA
- Topics to be presented of major interest
- Legal Issues in CSIRT Training and operation
- Analysis of DoS attack traffic data
- Security at the Speed of E-business Protecting
Web Applications - Design, Processing and Implementation of a
Network Security Policy - Identification of Security Holes in Router
Configurations - Intrusion Detection Utilizing Ethereal
6What is TF-CSIRT ?CSIRT Coordination for Europe
- ?? EuroCERT pilot Incident Co-ordination Service
d?a??e? 5/98 9/99 - ?? TERENA a?a?aµß??e? st?? s????e?a d?µ???????ta?
t? Task Force - ?? st???? t?? Task Force ep??e?t?????ta? sta
????pa??? CSIRTs ?a? - p??te????? s??e??as?a ?a? a?ta??a?? ???s?? ?a?
eµpe???a? - d?µ???????? d??f??e? p???t???? ?p??es?e? ??a ta
????pa??? CSIRTs - p??????? ????? standards ep????????a? ?a?
a?t?µet?p?s?? pe??stat???? asf??e?a? - ?a??d????? st?? d?µ??????a ???? CSIRTs ?a?
e?pa?de???? t? a?a??a?? p??s?p??? - ???s?µe???? sa? ????? µ?s? ep????????a? t??
????pa???? CSIRT µe t?? ????pa??? ?????t?ta ?a?
?????? ???a??sµ??? ?a????sµ?? p???t????
7TF-CSIRT meetingsEvery 4 months (the September
2002 scheduled in Greece)
- Topics of interest presented at the 4th and 5th
meetings - Trusted Introducer Pilot Service Status
Report - Training Workshops for new CSIRTs
- Relations with CEC and funding possibilities
- Update on FIRST
- Building better awareness of network security
issues - National High Tech Crime Unit
- Demonstration of Remedy and Magic TSD based
Incident Handling Systems - 50 s?µµet????
8Next TF-CSIRT meeting (May 23-24, 2002, in
Denmark)
- Topics of interest to be presented at the 6th
meeting - Current Practice in CSIRTs
- Europols position in relation to IT crimes
- CAIF Common Advisory Interchange Format, a
proposal for a standard writing, interchanging,
processing, and presenting security advisories - EC funded/accepted projects
- Update on FIRST
9In conclusion
- ? ??ta?? t?? GRNET-CERT t?? ???? sa? µ???? t??
FIRST p???p???te? e?e??? s?µµet??? sta s???d??a
t?? FIRST (et?s??), ?a??? ?a? st?? s??a?t?se??
p?? d????a???e? t? TF-CSIRT (a?? tet??µ???). - ? p??s?p??? epaf? µe ?t?µa t?? s???e???µ????
?????, ? a?ta??a?? ap??e?? ?a? ? eµpe???a ?a?
???s? p?? ap???µ??eta? e??a? a?a??a?a ??a t??
s?st? ?e?t?????a ?a? e?????? t?? ?p??es?a? t??
GRNET-CERT t?? ????. - ???a??st?