Hi again,
maybe it is better if I explain few things.
CSIRT means Computer Security Incident Response Team
you might find useful this link about csirts in general.
http://www.cert.org/csirts/csirt_faq.html
the info you have to put in depends on the site policy and department
decisions.
In EGEE/LCG a csirt is the person or team that responds to the incident
and is responsible for the analysis and written report and filling the
gridpp form
(https://www.gridpp.ac.uk/deployment/security/inchand/report.html). It is
also responsible for telling to other sites when an incident occurs and
they will be the reciepients of other sites incidents reports so that he
can check that the same hack hasn't happened at your site. In other words
the emails contacts you put in there will be inserted in the
[log in to unmask]
At the moment it is us, but you might want to discuss with your university
and decide to put your university security team instead. The positive side
of this would be that you are better covered both technically and legally,
the negative is involving the university in LCG/EGEE procedures might mean
to keep your site down waiting for longer response time from the
university. They normally have to deal with more than one department and
they dont make preferences.
I think you should evaluate the situation with your university security
team. That's what I'll do for manchester tomorrow.
thanks
cheers
alessandra
On Thu, 9 Jun 2005, Alessandra Forti wrote:
> Hi,
>
> you should all have received similar tickets about the security contact
> information. Can all of you check that they are complete for your site in the
> GOC database?
>
> thanks
>
> cheers
> alessandra
>
>
--
********************************************
* Dr Alessandra Forti *
* Technical Coordinator - NorthGrid Tier2 *
* http://www.hep.man.ac.uk/u/aforti *
********************************************
|