Jeff Templon wrote:
>
> Now *i* am confused. What "log files" are being discussed here -- the
> gatekeeper logs, or the APEL logs? You want to be able to answer a
> question like the following:
>
> 'at 10.50 GMT on 26/07/2005 a burst of IP traffic originating from
> your site was detected, aimed at disabling incoming ftp traffic on
> javasrv.web.sun.com. This burst lasted for approximately 20 minutes
> and was traceable to your site's router box, but no further (NAT?)'
>
> or
>
> 'a file was found on your site containing a list of credit card
> numbers, owned by uid/gid 'alice031/alice' and created on 04-07-2006.
> please either identify the culprit's identity or have your lawyers
> contact us. Love, MasterCard.'
>
> Can the APEL log file / database be used to answer these questions?
> A gatekeeper log file will go a long way here ...
Hi Jeff,
my question was about the functionality of the Apel accounting software
whereas you are referring to the security policy of each resource
centre. This is different thing and as far as i know Apel is not
designed in that context, but as a tool to provide statistics for the
utilization of each resource center per VO or per user maybe and things
like that. Apart from that, i think it's up to each site to decide his
security policy and backup procedures.
best regards,
--
Antonis Zissimos, Phd Candidate
National Technical University of Athens (NTUA)
School of Electrical and Computer Engineering
Computing Systems Laboratory
e-mail: [log in to unmask]
web: http://www.cslab.ece.ntua.gr/~azisi
Tel: +30-2-10-7722402
|