Hi Alessandra,
my question is, how can we find out if something is incorrectly find out
for our own site? Where can we see the results of this monitoring?
Do you know (or know who knows) this?
Thanks,
Simon
Alessandra Forti wrote:
> Hi Andrew,
>
> I always found these imposed external checks irritating and patronising.
> :-\ However that's where it ends, because in an afterthought, I think
> they are doing it for the good of the project and some sites might
> benefit from it. Things that are incorrectly flagged can be corrected if
> you let them know I'm sure your feedback will be appreciated.
>
> cheers
> alessandra
>
> Sansum, Andrew (STFC,RAL,ESC) wrote:
>> It would have irritated me anyway, but part of the issue has been that
>> the content on the pakiti server was incorrectly flagging some of our
>> hosts as unpatched when they actually were patched.
>>
>>
>>> -----Original Message-----
>>> From: Testbed Support for GridPP member institutes
>>> [mailto:[log in to unmask]]On Behalf Of Simon George
>>> Sent: 25 September 2009 14:04
>>> To: [log in to unmask]
>>> Subject: Re: recent EGEE policy wrt kernel patching
>>>
>>>
>>> Thanks for the link Pete. Maybe I missed something because this is
>>> the first I have heard about it.
>>>
>>> So in my opinion, EGEE needs to improve communication about this.
>>>
>>> I think all site monitoring used to make decisions about sites should
>>> at least be open to the sites themselves to ensure accuracy. Since I
>>> have not heard anything about this until now, and still nothing
>>> officially with a reference to the stats for my site, I think it
>>> would be unreasonable to blacklist sites based on private and
>>> possibly wrong information held about them. We all know how much
>>> effort we, the sites, have to put into each new monitoring/accounting
>>> initiative to make sure it is right before it can be used.
>>>
>>> Cheers,
>>> Simon
>>>
>>> Peter Gronbech wrote:
>>>
>>>> This security testing has been talked about for some time
>>> and was run by
>>>
>>>> Romain Wartels group.
>>>> It basically ran a grid job at your site which did a rpm
>>> -qa and then
>>>
>>>> compared that with what was expected for a system running that OS.
>>>>
>>>>
>> http://indico.cern.ch/contributionDisplay.py?contribId=107&sessionId=137
>>
>>> &confId=55893
>>> Shows an abstract and a Poster they presented about it at EGEE09 this
>>> week.
>>>
>>> I must admit I was surprised that they sent the email from the EGEE PMB
>>> saying sites that did not act would be de certified, but I think I'm in
>>> favour generally.
>>>
>>> I have no doubt that the data stored is being held in a responsible way.
>>>
>>> Cheers Pete
>>>
>>>
>
|