Table of Contents
CSIRT
~~META: status = active &relation firstimage = :project:brmcsirtfin.png ~~
BRMlab Computer Security Incident Response Team
Hackerspaces and CSIRTs are both organizations that are focused on computer security so they can benefit from each other.
Also, hackerspace is a place where young potentially talented people come to socialize. The value of a hackerspace organized CSIRT would be to engage such young talents into CSIRT oriented cybersecurity activities.
How we will establish an CSIRT and which role it will fullfill
1. Constituency
(aka to whom services are provided)
Constituency Type: Non-Commercial Organisation
- Incident handling:
- ASNs, Domains, IP ranges:
- 2001:67c:2190:c0de::/64
- 77.87.241.77/32
- brmlab.cz
2. Contacts
- email/mailing list: [email protected]
- GnuPG - TODO
3. Services and teams
- what CSIRT offers and who does that. (Will be determined by results of our internal discussion.)
Incident handling
- …
Can I haz an CSIRT? =^..^=
Roughly speaking anybody who declares his/her responsibility for providing an incident handling service can. That is the only prerequisite to being considered an registered CSIRT. That means responding to requests and reports and analyzing incidents and events related to the IP_range/infrastructure/etc.
Other topics that CSIRT can do are optional and roughly described in the following overview presentation:
Presentation (ENG): | csirt.pdf |
---|---|
Zaznam prezentace (CZE): |
If You are into actively participating in of these topics just write down your nick/name into the “3. services and teams” section or drop me an email or to our mailing list.
More info
History
3.11.2016 - Internal presentation on Talknight session.
14.11.2016 - Brmlab presentation on “Pracovni skupina CSIRT”
Topics on security to improve
aka i don't know what to do.
- SELinux in Ubuntu is a bit derelict
- debsecan is not working well on Ubuntu
- Can we have privacy aware web browser? (Spyzilla)
- Investigate SCAP and its integration with Ubuntu/Debian. Seems that the situation in the RedHat world is noticeably better.
- scap-security-guide is not packaged for Ubuntu/Debian.