Silk Security Workshop 2004 21-24 ????, 2004 - PowerPoint PPT Presentation

1 / 37
About This Presentation
Title:

Silk Security Workshop 2004 21-24 ????, 2004

Description:

... Reading Room SANS Step-by-Step Guides SANS Security Policy Project ... trial presentation of the course materials to new members ... – PowerPoint PPT presentation

Number of Views:118
Avg rating:3.0/5.0
Slides: 38
Provided by: uazoneOrgd9
Learn more at: http://www.uazone.org
Category:

less

Transcript and Presenter's Notes

Title: Silk Security Workshop 2004 21-24 ????, 2004


1
???????????? ?? ????????? ????????????
???????????????????????, ?????????? ? ???????
  • Silk Security Workshop 2004 21-24 ????, 2004
  • Yuri Demchenko, University of Amsterdam
  • ltdemch_at_science.uva.nlgt

2
??????????
  • ????????? ?????? ???????????? ?? ????????????
    ????????? ???????????? ? ??????????
  • TF-CSIRT ? Trusted Introducer
  • FIRST
  • ??????? TRANSITS, eCSIRT, EISPP
  • CERT/CC
  • SANS ? SecurityFocus
  • ??????????????
  • IETF GRIP, IDMEF, IODEF
  • ??????? CSIRT CERT-NL, JANET-CERT, RU-CERT
  • ??????????? ?????? ?? ??????
  • ????????????? ??????? ?????????? ? ????

3
TF-CSIRT ???????????? ???????
  • ????? ???????? ??????????? CSIRT
  • ??????? ? 90-? ?????? FIRST (Forum for Security
    Incident Response Team)
  • ????? ??? ??????? ?????? FIRST ? ????????????????
    ???????????
  • ??????? ?? ???????? ??????? ? ???????
    ????????????? ???????????? ? ???????? ???????
    ????? CSIRT
  • ????? ??????? ???????????
  • ???????? 90-? ??????? ??????? EuroCERT ???
    ?????????????? ?????
  • ?? ????????? ???? ??? ??????? ?????? ???
    ??????????? ?????????????? ?????
  • 2000 ??????? ??????? ??????? ?????? TF-CSIRT ???
    ????? ??? ??????????? ????? ????????/???????? ?
    ?????? ??????
  • ?????? ???????????? ???????????? ?????????? -
    Terms of Reference
  • ??????? ???????? ???????
  • ??????? ??? ??-?????? TERENA
  • TERENA ???????????? ??????????????? ?????????

4
TF-CSIRT (Task Force for CSIRT Coordination in
Europe) - http//www.terena.nl/tech/task-forces/tf
-csirt/
  • ?????? ????????????? ???????? ??????????????
    ????? CSIRT ? ??????.
  • ????
  • ????? ??? ?????? ???????????, ?????? ?
    ???????????? ????????????? ????????
  • ???????????? ????? ??????? ? ????????? ????????
    ??????? ??? ??????????? CSIRT
  • ????????????? ????????? ????? ?????????? ?
    ???????? ??? ???????????? ?? ?????????
    ???????????? ????????????
  • ????????????? ???????? ????? CSIRT ? ??????????
    ?? ?????????
  • ?????????????? ????????????? ?????????? CSIRT ?
    ????????? ??????? ??????????? ?????? ? ??????????
    ?????????
  • ??????? TF-CSIRT ????? ????
  • ????????????? ??????????? CSIRT ??? ??????????? ?
    ????????? ???????????
  • CSIRT ??????????????? ????? ? ???????????,
    ???????????????, ????????????, ????????-??????????
    ?, ? ????? ???????????? CSIRT
  • ??????????? ? ????????????? ??????????? ? ????,
    ??????? ???????? ? ??????? ????????????
    ???????????? ??????
  • ??????? ? ?????????? ??? ?????? TF-CSIRT,
    ???????????? ??? ?? ???????????

5
TF-CSIRT ???????? ??????????? ????????????
  • ????????????? ????????????? (Trusted Introducer)
  • ??????? ???????????? ??? IP-??????? (????????? ?
    RIPE NCC)
  • ???????? ??????? ??? ???????? ? ???????????
    ?????????? ???????????? ?? ?????? IODEF (Incident
    Description and Exchange Format)
  • ?????? ??? ???????? ? ?????? ??????????? ??
    ??????????? ? ?????????? (VEDEF - Vulnerability
    and Exploit Description and Exchange Format)
  • ?????????????? ?????????? ??????? ?? ?????????
    ?????????? (CHIHT - Clearinghouse for Incident
    Handling Tools)
  • ??????? ????????? (?????) CSIRT
  • ?????????? ???????? ????? CSIRTs
  • ?????????????? ? ??????? ?? ???????????? ???????
    GN2 (?? ???? GEANT)
  • ?????????? ????? ? ??????????? ?????????
  • ?????????? ????? ? ??????????? ??????? ??????
    ????????????? (European Forum of Abuse Teams)

6
TF-CSIRT ?????????? ? ??????? (1)
  • ??????????? ??????? ? ???????????? ???????
  • ????????????? ????????????? (Trusted Introducer)
    ? ?????????? ??????????? CSIRT
  • ?????? ??? ???????? ? ?????? ??????????? ??
    ?????????? IODEF (Incident Object Description
    and Exchange Format)
  • ??????????? RFC 3067 IODEF Requirements (2001)
  • ??????? ???????????? ??? IP-??????? - RIPE IRT
    Object (2002)
  • ?????????? ??????? ?? ????????? ?????????? (CHIHT
    - Clearinghouse for Incident Handling Tools)
    (2002)
  • ??????? ??????????? ????????? ??? ?????????
    (?????) CSIRT
  • ? ?????? ??????? TRANSITS (2002)

7
TF-CSIRT ?????????? ? ??????? (2)
  • ? ???????? ????????
  • ?????? ??? ???????? ? ?????? ??????????? ??
    ??????????? ? ?????????? (VEDEF - Vulnerability
    and Exploit Description and Exchange Format)
  • ?? ?????? ? ??? ?????????? ???????? ???????
    EISPP
  • ??????? ??????????? ???????? ??? ?????????
    ??????????
  • ???????? ?????? ? ?????????????? ??? ??????
    ??????????? ?? ??????????
  • ?? ?????? ? ??? ?????????? ???????? ???????
    eCSIRT.net

8
Trusted Introducer (1) - http//www.ti.terena.nl/
  • Trusted Introducer (TI, ?????????????
    ?????????????) ????????? ???? ?????????????
    ??????? ???????, ??????? ?????? ????? ??????? ?
    ???? ??????? (web of trust)
  • ??????? ?????? ??????????? ?????? ???? CSIRT
  • ?? ???????????? ???????? TERENA ??? ????? CSIRT
  • ? ????????? ????? ??????????????? 39 CSIRT ??
    ?????? 2 (???? 2004)http//www.ti.terena.nl/teams
    /level2.html
  • ????????? ???????????? 720 EUR ? ???
  • ???????????
  • ? ????????? TI ????????????? ????????????
    Stelvio, ?????????
  • ???????????? ?????????????? ??????? ? ????????
    ?????????????? TERENA, TF-CSIRT ? CSIRT ?????? 2

9
Trusted Introducer (2)
  • ??????????????? ????????? ????????/????????????
    CSIRT ?? ?????? 2http//www.ti.terena.nl/teams/in
    dex.html
  • Level 0 ????????? CSIRT (? ????????? ?????
    ????? 100 ? ??????)
  • Level 1 ?????????
  • Level 2 ????????????????? CSIRT ??? ???????
    ?????????? ? ???? ???????
  • ?????? ??? ???????????????? CSIRT
  • ??????????? ?????????????? ????????? ? ??????????
  • ???????? ? ???????????? IRT-???????? ? ????
    ?????? RIPE NCC
  • ???? TI ? ???????? ???????????? FIRST

10
FIRST - http//www.first.org/
  • FIRST (Forum for Incident Response Security
    Teams)
  • ????? ??? 120 ?????? CSIRT
  • ??? ?????????? ????????? ???????? ? ????? ? ???
    ??????????? ????????? ??? ???????????
    ????????????? ?????????
  • ???????? ?????? ????? 1200 USD
  • ????????? ???????????
  • ??????? ?????? ??? ?????? FIRST ??? ??
    ???????????
  • ? ?????? ?????? 3-? ???
  • ??????????????? ????? ????? 1200 EUR/USD
  • ??????????? ??????????? ??? ???? ? ??? ??????
    ??? ??????
  • ?? ????? ????? ??????????? ?????????, ??
    ??????????? ?????? ?????? ????? ??????? ?????????
    ? ???????????

11
IRT-??????? ? ???? ?????? RIPE NCC
  • ????? ?????????? ?????????? ?? IP-?????? ????
    ?? ??????????? ????????????/?????????????
    ?????????
  • ???????????? ???? ?????? ????????????
    IP-????????? RIPE NCC, InterNIC, APNIC, LatNIC
  • ?????? ?????????? ?????????? ?? ????????
    ??????-?????????? ??? ???????????, ?????????????
    ???? IP-???????
  • IRT-?????? ? ???? ?????? RIPE NCC ?????????
    ???????? ?????????? ? ???, ? ??? ??????????????
    ?? ???????? ???????????? ??? ? ?????? ?????????
  • ???????? ????????? ?????????? ?????? TF-CSIRT ?
    RIPE NCC Database Group
  • ???? ????? ????????? ???????????? ???
    ????????????? IP-????????? ????????????
  • RIPE NCC document ripe-254 - http//www.ripe.net/r
    ipe/docs/irt-object.html
  • ???????? ??????? ? ???????????? ???????
  • ????? ???????? ??????? ? ?? ??????????? ???,
    ?????????????? ?????? IP-??????? ??? Trusted
    Introducer (TI)
  • ??? CSIRT ?????? 2 - ? ???? ?????? TI
  • ???????? ? ???????????? TI

12
CHIHT (Clearing House for Incident Handling
Tools) - http//chiht.dfn-cert.de/
  • ???? ????????????? CSIRT ? ???????? ???????????
    ??????????? ????
  • ????????????? ?????????? ???????, ??????????? ???
    ???????????? ? ????????????? ??????????
    ????????????, ? ????? ??????????? ? ????????
    ???????????? ???????????? ??????
  • ???????? ????????? ?? ???????????? CSIRT ???
    ???????????? ?? ???????????? ?? ?????? ?? ?????
    ?????? ? ????? ??????????
  • ???????? ?????????
  • Evidence gathering investigation,
  • System recovery,
  • CSIRT operations,
  • Remote access,
  • Proactive tools

13
TRANSITS - http//www.ist-transits.org/
  • ?????? ?????????????? ??????????? ????????? ?
    2002-2004 ?.?.
  • ?????? ????????? ?? ?????????? ??????????? ??????
    ? ?????????? ???????? ????????? CSIRT
  • ????? ???????? ?????? ? ????? ?? ???????
    ??????/??????? ? ??????????
  • ??????????? ????????? ???????????? ?????????????
    ?? ??????? CSIRT
  • ????????????? ??????????? ??????????? ???? ?????
    ?? ???????
  • Operational
  • Legal
  • Technical
  • Organisational
  • Vulnerabilities
  • ???????? ??????? ????????? 6 ??????????? ?????? ?
    ??????? 2-? ???
  • ???????? ???????? ??? ?????? TF-CSIRT ???
    ???????????? ?????????????

14
eCSIRT.net - http//www.ecsirt.net/
  • ?????? ?????????????? ??????????? ????????? ?
    2002-2004 ?.?.
  • ???? ???????? ???? ??? ?????? ??????????? ??
    ?????????? ????? ???????????? CSIRT
  • ? ????? ?????????? ??????????
  • ??? ????????? ?????????? ? ???????
  • ? ????? ??????? ??????????????
  • ?????????? ??????????? ????????? ? ????????
  • ????????????? IDMEF ? IODEF
  • ????????????? ??????????? ???????????
    ????????????/????????
  • ??????????? ??????? ??????? ??? ????????
    ????????????? ???? ?????? ??????????? ??
    ??????????
  • ????????????? ? ????? ????????????? ??????? ?
    ???????
  • ???????? ??????? ?????????? ????? ???????
    ????????????? CSIRT ? ????? ???????? ??????????

15
EISPP - http//www.eispp.org/
  • European Information Security Promotion Programme
    (EISPP)
  • ???? ?????? ?????? ??????? ? ?????????
    ?????????? ?????????? ?? ????????????, ? ??????
    ???????, ?????????? ?? ??????????? ? ?????????
    ???????
  • ?????? ? ??????????? ?? ???????????? ???????
    ???????????? ????????????, ??????? ?????
    ?????????? ?????? ???????
  • ??????????????? ? ???????????????? ???? ??????
    ???? ???????? ? ???????? ???? ???????????,
    ???????????? ?????????? ? ????????
  • ?????????? ?????? ????? ??? ?????? ??????? ?
    ?????? ???????????? ??????????????
  • ??????????? ???????????? ? ????????? ?????
    ??????-??????????? ? ????? ???????????
  • ????????????? ?????????? ???????
  • ??????????? ?????????? ? ??????? ??? ???????
    ?????????? ?? ???????????? ? ????????????
    ?????????? ? ??????????? ?????????? ???????????
  • ?????????? ?????? ??? ?????????? EISPP Common
    Format v2.0

16
IODEF (Incident Object Description and Exchange
Format)
  • ??????????? ????? ??? ?????????? TF-CSIRT ?
    ??????? ??? ??????????? ???????? ? ?????? ???????
    ?????? INCH WG (Extended Incident Handling) IETF
  • ??????????? RFC3067 IODEF Requirements
  • TF-CSIRT ???????????? ????? ? INCH WG ?
    ???????????? ???????? ?????
  • INCH WG ???????????? ????? ??????? ???????
    ???????????????? ??????
  • ??????????? ?????? ???????? ?????????? ?????????
  • ????????? ????? ??????????? ????? ????????
    ????????????
  • ??????????? ?????? ?????? ? ?????????????
    ?????????? ?? ??????????
  • ??????????? ?????? ??? ????? ?????????? ?
    ???????????? ??????? ???????
  • IODEF ?????????? ??????? ??? ?????? ????????
    ???????? ??????????????? ???????? ? ???????
    ????????????, ????????
  • RID Real-time Internetwork Defense
    (?????????????? US AFC) - IETF
  • ?????? - ?????????? ???????? ????? ? ??????????
    ??? ????????? ??????? ?????
  • VEDEF (Vulnerability and Exploit Description and
    Exchange Format) TF-CSIRT

17
IETF INCH-WG
  • IETF INCH-WG Extended Incident Handling Working
    Group http//www.ietf.org/html.charters/inch-char
    ter.html
  • ???? ?????????? IODEF ????? ?????????? ?????????
    ?????????????? IETF
  • IODEF ???????????? ? ???????? ??????????????
  • ???????? ??????????? ?????? ? ??????????
  • ??????????? ?????????, ????????????
  • ?????????? ? ??????? ???????? ????????? ?? ??????
    IODEF
  • ?????????? ?????? ????????? ? ??????? IODEF
  • ???????????? ?? ?????????
  • ??????????? ??????????? (?????????) ?????????????
    ? ??????????? ?????????? ? IDMEF (Intrusion
    Description and Exchange Format)
  • ?????? ???????? ? ?????????? IODEF ?????????
    ??????????????????? (?????-??????????) ?
    ???????????
  • ????????????? ????????? INCH-WG -
    http//www.cert.org/ietf/inch/inch.html

18
???????????? ???? ????????? IODEF
  • CERT/CC AirCERT Automated Incident Reporting -
    http//www.cert.org/kb/aircert/ ?
    http//aircert.sourceforge.net/
  • JPCERT/CC Internet Scan Data Acquisition System
    (ISDAS) - http//www.jpcert.or.jp/isdas/index-en.h
    tml
  • eCSIRT.net The European CSIRT Network -
    http//www.ecsirt.net

19
IETF IDWG
  • IDWG (Intrusion Detection Working Group)
    ??????????????http//www.ietf.org/html.charters/i
    dwg-charter.html
  • ?????????? IDMEF (Intrusion Detection Message
    Exchange Format) ??? ????????????? ??????
    ??????????? ? IDS (Intrusion Detection Systems)
  • ????????? IDMEF
  • ? ????????-???????????????? IDS Snort
  • ? ?????? ???????? AirCERT, eCSIRT
  • ??????????? ???????? ?????? ??? IODEF ? ?????????
    ?????????????

20
IETF GRIP (1998-2001)
  • RFC 2196 - Site Security Handbook (?? ??????
    RFC1244)
  • ??????????? ?? ??????????? ???????? ????????????
    ? ?????????????? ??????? ??? ??????, ????????????
    ? ????????
  • RFC 2350 - Expectation for Security Incident
    Response Teams
  • ????????????? ???????? ??? ???????????? ?????
    ???????????? ?? ???????????? ?????????
    ???????????? (CSIRT - Computer Security Incident
    Response Team) ? ??????? ????????? ????????
    ????????????, ???????? ???????????? ?? ?????????
    ????????????, ? ??????
  • RFC2505 - Users' Security Handbook
  • ??????????? ????????????? ?? ???????????
    ???????????? ??????????, ??????, ?
    ????????????????
  • RFC3013 - Recommended Internet Service Provider
    Security Services and Procedures
  • ????????? ? ????? ?????????????, ??? ????????????
    ???????? ????? ??????? (? ?????????) ?? ????????
    ??????- ???????????
  • RFC3227 - Guidelines for Evidence Collection and
    Archiving
  • ???????????? ?? ????? ? ???????? ???? ? ??????
    ??????????, ????????? ? ????????????? ???????????
    ????????????
  • RFC 2828 - Internet Security Glossary
  • ???????? ??????????? ?????? ???????? ??
    ???????????? ??? ?? ??????? ???????????? ?
    ???????????? ?? ???????????? ?????????
    ????????????, ??? ? ?? ??????? ??????????
    ???????????? ?????? ? ??????????

21
CERT/CC - http//www.cert.org/
CERT/CC (CERT Coordination Center) ????????? ?
Carnegie Mellon University ? ?????????, ???
?????? ??? ????????? Defense Advanced Research
Projects Agency (DARPA) ????? ????????? ? ??????
?????? (Morris worm), ??????? ? 1988 ???????????
?????? ????? 10 ????????
22
CERT/CC ?????????
  • CERT/CC ?????? ??? ?????? ? ???????? ???????????
    ? ????? ????????? ? ?????????? ????????????
    ?????????? ????????????, ? ????? ????????? ???
    ??? ?????????????? ??????? ??????????. ?
    ?????????, ?????? CERT/CC ??????? ? ?????????
  • ??????????? ????????, ?????????????,
    ??????????????, ?????? ????? ??? ????????? ?
    ?????? ???????????? ????????
  • ????????????? ???????????? ??????????????
    ????????? ? ????? ?????????? ??????? ????????????
  • ????????? ???? ?????? ??? ????????????? ?
    ????????? ??????????? ? ???????????? ????????
  • ???????????? ?????? ????? ? ?????????????????
    ???????? ? ????????? ???????????? ? ?????
    ????????? ???????????? ???????????? ??????
  • ???????????? ???????????????? ???? ? ????
    ?????????? ??????????????? ? ????????? ????????
    ???????????? ?????????????-???????????????????
    ?????? ? ????? ????????????? ? ??????-???????????

23
CERT/CC ??????????? ????????????
  • ?????? ?????????? ? ???????? ??????????
  • ???????? ?????????? ?????????? ??????????
    ?????????????-???????????????????? ??????, ?
    ?????????, Survivable Enterprise Management
  • ??????????? ????? ??? ????????????? ? ??????????
    ??????????? ? ??? ? ????? ?????? ???????????
    ???????? ? ??????, ???? ?????????
    ??????????????????? ????????????? ? ???????
  • ??????????? ? ???????
  • ??????????/Alerts
  • ?????? ?????????????? ?????? ?? ??????????
  • ??????????????? ??????????
  • ??????????
  • ???????????
  • ????????? ? ???????
  • ??????? ? ??????????? ? ????????????, ???????
    ???? ? ????????? ????????????

24
AirCERT - http//www.cert.org/kb/aircert/
  • Automated Incident Reporting (AirCERT) ????????
    ?????????????? ???????? ?????? ??????? ? ????????
    ???????????? ????? ????????????????? ????????
  • ?????? ??????????? ? ?????????? CERT/CC
  • ???? ???????? ??????? ??????????? ???????
    ?????????? ?????????????? ?? ?????? ???????????
    ?????????? ? ??????????? ????? ??????????
  • ??????? ???????????? ????? ???????? ??
    ?????????????? ?????????? IDS ?? ?????????? ??
    ??????????, ?????????? ?? ???????????
    ????????????
  • ?????????? ??????????? ???????
  • IDMEF - ??? ?????????? ?? IDS
  • IODEF - ??? ?????????? ?? ??????????
  • SNML - ??? ???????? ??????? ??????????? ?
    ?????????? ? ??????? ????????
  • ???????? ???????????????? ?? ?? ?????? C, Perl,
    PHP
  • http//aircert.sourceforge.net/

25
SANS - http//www.sans.org/
  • SANS (SysAdmin, Audit, Network, Security)
    Institute ??? ??????? ? 1989 ???
    ??????????????-????????????????? ??????????
  • ?????????????, ???????????? ? ??????????????
    ????????? ?????????????? ?????????????? ?
    ??????????????? ????????? ?? ????????
    ????????????
  • ????????????? ?????? ???????? ? ????????????
    ????????????
  • ???????????? ???????? ???? (165,000) ????????????
    ? ????????? ? ??????? ????????????
  • ?????????????? ??????
  • Internet Storm Center ??????? ???????
    ?????????????? ? ????????
  • Weekly vulnerability digest (_at_RISK)
  • Weekly news digest (NewsBites)
  • ?????????? ???????????? ??????, ???????
    ????????????, ???????????? ????????????

26
??????? ? ????????? ? SANS
  • Information Security Training - ????? ??? 400
    ???????????? ?????? ? 90 ?????? ?? ???? ????
  • The GIAC Certification Program - ???
    ????????????
  • Consensus Security Awareness Training ???
    ?????????????
  • SANS Weekly Bulletins and Alerts ??????
    ???????? ? ???????? ? ??????? ???????????? ? ??
    ???????????
  • SANS Information Security Reading Room ? SANS
    Step-by-Step Guides
  • SANS Security Policy Project ???????? ?????????
    ??????? ????????? ???????? ????????????,
    ????????????? ?? ?????? ????????? ?????
  • Internet Storm Center ??????? ???????
    ??????????
  • SCORE ????? ??? ???????????? ? ???????????? ??
    ? ??
  • SANS/FBI Annual Top Twenty Internet Security
    Vulnerabilities List
  • Information Security Glossary - ?????, ????????,
    ? ??????
  • Intrusion Detection FAQ ????? ??????????
    ??????? ?? ??????????? ?????????

27
SecurityFocus - http//www.securityfocus.com/
  • ????????? ?????????????? ????? ?? ???????? ?????
    ???????? ??????????? ????????????
  • ???????? ?????? ??? ?????????? ? ??????????
    ??????? ?????????? ? ???????? ??????? -
    http//www.securityfocus.com/incidents
  • ????? ????????? ?????? ? ???????????? ? ?????????
    ???? ? ??????????
  • ???????? ????????????? ?????????? ?? ?????????
    ???????? ???????????? ? ?????? ??????? ????????
  • ??????? ?? ???????????? ????????, ??????? ??????
    ???????? BugTraq ??? Windows ??????
  • ?????? ? ????-???????? ??????
  • ????? ??????? ??? ?????? ? ??????????? ? ??????
    ???????????? ?????? - http//www.securityfocus.com
    /tools
  • ??????????? ??????????? ????????? ??????? ?
    ??????????? ? ?????????
  • ???????? ???????????? ????????

28
CVE - http//www.cve.mitre.org/
  • ???? ?????????? CVE (Common Vulnerabilities and
    Exposures) - ??????????????? ???????? ????
    ????????? ??????????? ? ?????????
  • ?????? ??????????? ? ?????????? ?????????????????
    ??????? ??????????? ??? ????? ?????????????, ???
    ?????????? ????????????? ?????????? ???
    ??????????? ??????? ??????
  • ??????????? ???????? ?????????? ? ???????????
    ?????? CVE-Compatible Products and Services
  • "CVE-compatible" ("CVE-???????????") ????????,
    ??? ??????? ??? ?????? ?????????? CVE ?????
    ???????, ??????? ????????? ????????????
    ???????????? ?????? ????? ??????? CVE-??????????
    ??????????
  • ??? ????? ?????????????? ? ??????
  • ??? ??????????? (??????-) ???????? ?
    ????????????? ? CVE ???????? -
  • Trend Micro, Inc. ? Security Horizon, Inc.
  • ???????????? US-CERT at the U.S. Department of
    Homeland Security

29
???? ?????? ????????? CSIRT
  • CERT-NL
  • JANET-CERT
  • CERT-RU
  • ?????? ??????? ????? ? ?????????? Trusted
    Introducer http//www.ti.terena.nl/teams/level2.ht
    ml

30
CERT-NL (1) - http//cert.surfnet.nl/
  • ???????? ????????????? ?????????????? CSIRT
  • ??? ??????? ?????????? Jacques Schuurman, Jan
    Meijer
  • ?? 10 ?????? ??????????? ???????? ????????
  • ???? ??????? ????????? ?? ????????? ?
    ??????????????? ???????? ??????? ?? ????? 2-4-?
    ?????
  • CERT-NL ????? ???????? ?????????????? ??????
  • ?????????? ????? ????????????? ?? ??????? ?
    ???????????? ?? ????????????
  • ????????? ????????? ?????????????? ?????????????
  • ????????? ????????? ??????????? ?? ???????????
    ????
  • ?? 2002 ???? ???????? ????? ???????
    ???????????????? ?????? ???????????? ?? ???
  • ???????????? ???????? ???????????????? ??????
    CERT-NO (CERT Nederlandse Overheid)

31
CERT-NL (2)
?????? ?????????? ?? ??????????,
??????????????? CERT-NL
32
JANET-CERT - http//www.ja.net/CERT/cert.html
  • ???????? ????????????? ?????????? CSIRT
    ????????????? ???? JANET ? ?????????
    ??????????????? CSIRT
  • ????? ???????? ?????? ?? ???????????? ??
    ????????? ? ????? ????
  • ????? ???????? ?????????????? ??????
  • ????????????? ???????????? ?????????? ?? ????????
    ????????????
  • ?????? ? ???????? ??? ????????? ????????????
    ???????????? ??????
  • ??????????? ?? ????????????? DDoS-?????????? ?
    ???????????? ? ???? UKERNA
  • Security Software webpage at JANET-CERT
    http//www.ja.net/CERT/JANET-CERT/software/

33
CERT-RU - http//www.cert.ru/
  • ????? ???????????? ?? ???????????? ????????? ?
    ???? RBnet
  • ???? FIRST
  • ????????? ????????? ???????????? ?? ???
  • ???????? ???????????? ?? ?????????
  • ????? ??????????? ????? ???????????? ?? ?????????
  • ????????????? ?????????? ? ????????????
    ??????????? ? ??????????????? ????????????

34
??????????? ?????? ?? ??????
  • ???? ???????? ???????? ????????? ? ????????
  • ?????? ?????????? ?????????????? ??????????????
    ??? ? ??????????? ?????????
  • ??????? ??????????????? ???????????? ?
    ???????????????? ?????????
  • ??????????? ????? ??????????? ?????? ??
    ??????http//www.euro.cauce.org/
  • ?????? ??????????????? ????-??????????
    ???????http//www.euro.cauce.org/en/countries/
  • RIPE Anti-Spam Working Group http//www.ripe.ne
    t/ripe/wg/anti-spam/index.html

35
????????????? ??????? ?????????? ? ???? (1)
  • ?????????? ?? ????????????? ??? ???????????? ?
    ??????????? ? ??????????????? ?????????? ?
    ????????????
  • ??????????? ???????????????? ?? ????? ???????
  • Convention on Cybercrime, ETS No. 185
    http//conventions.coe.int/Treaty/EN/WhatYouWant.
    asp?NT185CM8DF17/07/03
  • http//europa.eu.int/information_society/eeurope/2
    005/index_en.htm
  • ?????????????? The Regulation of Investigatory
    Powers Act 2000 (??. ??????? 12-14 ?
    http//www.legislation.hmso.gov.uk/acts/acts2000/2
    0000023.htm)
  • ????????? ???????????? ??????? ?????????????
    ????????? (???????????)
  • ????????? ???????????? ????? ???? ???????????????
    ??????????
  • ?? ???????? ??????? ?????????? ?????????????
    ???????????? ?? ???? ????????, ?? ?????
    ????????????? ?????? ???????????? ??????? ??
    ?????????????? ????? ??? ??????? ????????? ??????

36
????????????? ??????? ?????????? ? ???? (2)
  • ??????, ??????? ????? ???????? ??????? ?????????
    ? ????? ????????????? ? ??????????? ????????
  • ?????????? ????? ? IETF
  • ??????????? Lawful Intercept in IP Networks -
    Fred Baker, ?????? ???????????? IETF,
    ??????????? ??????? Cisco
  • Cisco Architecture for Lawful Intercept In IP
    Networks http//www.ietf.org/internet-drafts/draf
    t-baker-slem-architecture-01.txt
  • ? ????? ?????? ????????????? ????????????,
    ???????? ????? ??????? ???????? ???????????
    ????????????, ????????? ?? ????????????
    ???????????? ?????
  • ??????, ????????????????? ??????? ????????
    ?????????? ? ????????? - http//www.opentap.org/

37
  • ??????? ? ????????????
Write a Comment
User Comments (0)
About PowerShow.com