abose report
play

AbOSE Report ( Ab ilene O perational S ecurity E xercise) T. Charles - PowerPoint PPT Presentation

Feb 28, 2023 •623 likes •762 views

AbOSE Report ( Ab ilene O perational S ecurity E xercise) T. Charles Yun, Internet2 Presentation Overview 2006 January A bit of scene setting and background Background, Goals Methodology TF-CSIRT, Amsterdam, the Netherlands

  1. AbOSE Report ( Ab ilene O perational S ecurity E xercise) T. Charles Yun, Internet2

  2. Presentation Overview 2006 January • A bit of scene setting and background • Background, Goals • Methodology TF-CSIRT, Amsterdam, the Netherlands • Findings • Lessons Learned • Follow up • Invitation to International Security Exercise • Contact Info Slide 2

  3. 2006 January TF-CSIRT, Amsterdam, the Netherlands Slide 3 Abilene Network Backbone Main office Logo Current location Background Information

  4. Background Information Salsa (1 of 2) 2006 January • Advisory and coordination group for security activities for Internet2 • Security at Line Speed workshop (S@LS), the “fruitcake” document, annual meetings TF-CSIRT, Amsterdam, the Netherlands • Working Groups and meetings • Network Authorization (NetAuth), Federated Wireless Network Authentication (FWNA), Computer Security Incident (CSI2) • Reconnections “Managing Academic Networks With New Requirements”, NetGurus Slide 4 xref Marco’s ENISA hierarchy from yesterday

  5. Background Information Salsa (2 of 2) 2006 January • Address security in various ways: • Time frames: short, medium, long • Process, procedure, policy (think ISO-9000, legal requirements, etc.) TF-CSIRT, Amsterdam, the Netherlands • Groups: community, Community, COMMUNITY • Operational, exploratory, R&D Slide 5

  6. AbOSE 2006 January • One day long event, held November 2005 in Indianapolis, Indiana, USA • Designed to initiate conversations on the Network Operation Center's (NOC) activities in their support of Abilene TF-CSIRT, Amsterdam, the Netherlands • This was not an audit • Information gathering, gap analysis , baseline, document • Report is currently in draft and has been released to participants, public version soon. Slide 6

  7. Methodology 2006 January • Two scenarios, invented, refined, executed • “Table top” exercise (talking, no flows initiated) • DDoS attack TF-CSIRT, Amsterdam, the Netherlands • Backbone link is inconsistently saturated between two core router nodes • Targeting an important demo • Router compromise with press/reporter investigation • Router provides indication of problem and reporter has been contacted by “bad guy” to advertise the compromise Slide 7

  8. Findings 2006 January • Report identifies ~40 observations with suggested responses • Patterns of activity emerged in the two scenarios, TF-CSIRT, Amsterdam, the Netherlands some expected and others not. • Some processes were in place and followed, others need to be developed, noting that the any new process is hinged on the NOC’s return on investment • Some observations revealed policy questions that should be answered by Internet2, or, the NOC’s response is based on other people’s decisions. Slide 8

  9. Lessons Learned (some of them) 2006 January • Well designed, detailed scenarios are important to respond to unexpected questions. • Engineers (plural) need to be involved in the design * and * execution of the scenario. (Obviously, these engineers will not participate in the exercise.) TF-CSIRT, Amsterdam, the Netherlands • Make sure that every external “event” or “character” is represented by a real person. If someone is supposedly upset and sending email, have a real person start sending email… and then call a person’s cell phone. • Test processes, not the cleverness of engineers. Slide 9

  10. Follow Up 2006 January • Initiate regularly occurring Abilene exercise • Planning to hold annually, during the summer holidays • Potentially run a table-top and * live * exercise TF-CSIRT, Amsterdam, the Netherlands • “Regular” exercises with international partners • What is the proper format of an international exercise? Process analysis or “real problems” • Start off with a similar baseline exercise and evolve into more complicated activities Slide 10

  11. Invitation to Intl Security Exercise 2006 January • Which entities should participate (regional, national, backbone, or collaborative organizations)? • Who should organize? • When: I suggest late summer 2006 TF-CSIRT, Amsterdam, the Netherlands • Format: Baseline assessment, similar to the AbOSE reported here. Probably a distributed event, via video+voice+IM (or in Hawaii/Sicily/Provence) • Goals: Some are obvious, additional thoughts? Slide 11

  12. 2006 January TF-CSIRT, Amsterdam, the Netherlands Slide 12 • http://security.internet2.edu/ Ann Arbor, Michigan, USA charles @ internet2 . edu 734.352.4960 (desk) Contact Info • T. Charles Yun Internet2

Recommend

TOWN OF WHITBY REPORT R E C O M M E N D A T I O N R E P O R T REPORT TO: Planning and

TOWN OF WHITBY REPORT R E C O M M E N D A T I O N R E P O R T REPORT TO: Planning and

TOWN OF WHITBY REPORT R E C O M M E N D A T I O N R E P O R T REPORT TO: Planning and Development Committee REPORT NO: PL 81-09 DATE OF MEETING: September 8, 2009 FILE NO(S): Z-04-08 PREPARED BY: Planning/Public Works Joint Report LOCATION:

896 views • 58 slides
Scotch College morrisby report morrisby report morrisby report morrisby Morrisby

Scotch College morrisby report morrisby report morrisby report morrisby Morrisby

Understanding the Morrisby Report Scotch College morrisby report morrisby report morrisby report morrisby Morrisby Report Overview Intention - to support the process of subject, course and career choice by providing an

672 views • 41 slides
2017 Report Card Annual Report Cards The 2017 Report Card is our 6 th Report Card! 2 Sustainable

2017 Report Card Annual Report Cards The 2017 Report Card is our 6 th Report Card! 2 Sustainable

2017 Report Card Annual Report Cards The 2017 Report Card is our 6 th Report Card! 2 Sustainable Peterborough 2017 Overview 7 3 154 Working Staff Partners Groups Members Climate Change Action Plan updated baseline inventory for 2012-

506 views • 35 slides
Report to PBC 5/21/2014 1 Report to PBC 5/21/2014 2 Report to PBC 5/21/2014

Report to PBC 5/21/2014 1 Report to PBC 5/21/2014 2 Report to PBC 5/21/2014

Report to PBC 5/21/2014 1 Report to PBC 5/21/2014 2 Report to PBC 5/21/2014 3 Report to PBC 5/21/2014 4 Participatory Governance Process Survey Results Spring 2014 4.00 3.50 3.39 3.37 3.31 3.29 3.25 3.20 3.19

562 views • 19 slides
TEST REPORT DIRECTORY Pages A) Documentation Directory 2 Test Standards 3 Address of the

TEST REPORT DIRECTORY Pages A) Documentation Directory 2 Test Standards 3 Address of the

TEST REPORT TEST REPORT Report Number : ETLE090324.03 Report issue date: May 26, 2009 Model / Serial No. : W2-360 / NONE Multiple Model Name : W2-340, W2-360H, W2-310H Product Type : Hot & Cold Water Purifier System Brand Name :

641 views • 37 slides
EMC TEST REPORT DIRECTORY A) Documentation Directory 2 Test Standards 3 Address of the test

EMC TEST REPORT DIRECTORY A) Documentation Directory 2 Test Standards 3 Address of the test

EMC TEST REPORT CE TEST REPORT Report Number : ETLE080619.495 Report issue date : July 21, 2008 Model / Serial No. : HWC-640 / NONE Multiple Model Name : HWC-630, HWC-650, HWC-660, HWC-680 Product Type : Hot & Cold Water Purifier

522 views • 35 slides
EMC TEST REPORT DIRECTORY A) Documentation Directory 2 Test Standards 3 Address of the test

EMC TEST REPORT DIRECTORY A) Documentation Directory 2 Test Standards 3 Address of the test

EMC TEST REPORT CE TEST REPORT Report Number : ETLE070516.328 Report issue date : June 27, 2007 Model / Serial No. : ROMEO III / NONE Multiple Model Name : W2-360H, W2-340H, W2-300H, W2-310H Product Type : POU Water Cooler Applicant

612 views • 36 slides
Report of Keith Mitchell, Director of Education Purpose of the Report 1. This report and

Report of Keith Mitchell, Director of Education Purpose of the Report 1. This report and

Cabinet 23 March 2006 Industrial Learning Centre Vocational Learning Trust (VOLT) Presentation to Cabinet Report of Keith Mitchell, Director of Education Purpose of the Report 1. This report and attachment seek to summarise where we are on

349 views • 7 slides
DIRECTORS REPORT The directors present their report and the audited 21 May 2014 to

DIRECTORS REPORT The directors present their report and the audited 21 May 2014 to

56 INTERSERVE ANNUAL REPORT 2013 GOVERNANCE DIRECTORS REPORT GOVERNANCE DIRECTORS REPORT The directors present their report and the audited 21 May 2014 to shareholders appearing on the register at the consolidated fjnancial statements

370 views • 9 slides
Flight AF 447 A330-203, F-GZCP 1st Interim Report 2 July 2009 Interim Report This report

Flight AF 447 A330-203, F-GZCP 1st Interim Report 2 July 2009 Interim Report This report

Flight AF 447 A330-203, F-GZCP 1st Interim Report 2 July 2009 Interim Report This report is written in accordance with international standards and practices (ICAO, Annex 13) It contains : The factual elements gathered since the

536 views • 27 slides
MWRA Annual CSO Progress Report 2014 This is the 19 th annual report. Report includes:

MWRA Annual CSO Progress Report 2014 This is the 19 th annual report. Report includes:

MWRA Annual CSO Progress Report 2014 This is the 19 th annual report. Report includes: Progress in 2014 and Q1 2015 CSO control achievements and benefits to-date Remaining activities and court/regulatory requirements Spending,

268 views • 16 slides
Preliminary Report from Preliminary Report from Preliminary Report from Preliminary Report from

Preliminary Report from Preliminary Report from Preliminary Report from Preliminary Report from

Preliminary Report from Preliminary Report from Preliminary Report from Preliminary Report from the JMOC Actuary the JMOC Actuary the JMOC Actuary the JMOC Actuary Presentation to JMOC Committee September 22, 2016 Setting a Growth Target

588 views • 23 slides
CFO Report Finance and Audit Committee 7/16/20 Topics May YTD 2020 Reports: Financial

CFO Report Finance and Audit Committee 7/16/20 Topics May YTD 2020 Reports: Financial

CFO Report Finance and Audit Committee 7/16/20 Topics May YTD 2020 Reports: Financial Performance Report and Asset Liability Management Report Annual Reports: Green Bonds Report and Fares Report Updated Financial Impacts and

811 views • 19 slides
IAB report to the community for IETF-108 This is the IAB report for the period between IETF 107

IAB report to the community for IETF-108 This is the IAB report for the period between IETF 107

IAB report to the community for IETF-108 This is the IAB report for the period between IETF 107 and IETF 108. This report presents a summary of activities. More detailed information on many of the topics is also available at https://www.iab.org

205 views • 3 slides
ROADSHOW PRESENTATION May 2019 DISCLAIMER This report (the Report) was drawn up and

ROADSHOW PRESENTATION May 2019 DISCLAIMER This report (the Report) was drawn up and

ROADSHOW PRESENTATION May 2019 DISCLAIMER This report (the Report) was drawn up and supplied by CFT S.p.A. (the Company) for information and illustrative purposes only. Therefore, the Report does not represent, nor can it be intended

578 views • 29 slides
IESO Report Site Refresh New Report Site Changes October 10, 2014 R. Jovic Introduction The

IESO Report Site Refresh New Report Site Changes October 10, 2014 R. Jovic Introduction The

IESO Report Site Refresh New Report Site Changes October 10, 2014 R. Jovic Introduction The current IESO Report Site faces a number of issues: Report Site Performance and Capacity The IESO Report Site is built upon aging hardware

227 views • 7 slides
OIG FINAL REPORT July 23, 2018 OIG Report Key Points The recommendations in the report relate

OIG FINAL REPORT July 23, 2018 OIG Report Key Points The recommendations in the report relate

OIG FINAL REPORT July 23, 2018 OIG Report Key Points The recommendations in the report relate to the financial system in place during the start-up phase of the organization (2012 2014). The financial system has improved as our

351 views • 3 slides
TEST REPORT Test Report # 19H 001811 Date of Report Issue: April 4, 2019 Date of Sample

TEST REPORT Test Report # 19H 001811 Date of Report Issue: April 4, 2019 Date of Sample

In December 2018, ANSECO became QIMA. AT-1500 TEST REPORT Test Report # 19H 001811 Date of Report Issue: April 4, 2019 Date of Sample Received: March 28, 2019 Pages: Page 1 of 35 CLIENT INFORMATION: Company: Numo Manufacturing Recipient:

806 views • 35 slides
REPORT TO: Council FOR: Committee of the Whole REPORT FROM: Community Planning &

REPORT TO: Council FOR: Committee of the Whole REPORT FROM: Community Planning &

REPORT TO: Council FOR: Committee of the Whole REPORT FROM: Community Planning & Infrastructure PRESENTED: April 18, 2017 FILE: SUBJECT: Squamish2040 OCP Update: Growth Management Policy Discussion

891 views • 73 slides
Well Operators Report of Well Work a.k.a. Completion Report Update John Kearney

Well Operators Report of Well Work a.k.a. Completion Report Update John Kearney

Well Operators Report of Well Work a.k.a. Completion Report Update John Kearney Environmental Resource Analyst Office of Oil and Gas Oil and Gas Workshop Charleston Civic Center May 15, 2014 Overview Completion Report

1.28k views • 70 slides
Tier Two Report WHAT IS THE TIER TWO TIER TWO REPORT? EMERGENCY AND HAZARDOUS CHEMICAL A

Tier Two Report WHAT IS THE TIER TWO TIER TWO REPORT? EMERGENCY AND HAZARDOUS CHEMICAL A

Tier Two Report WHAT IS THE TIER TWO TIER TWO REPORT? EMERGENCY AND HAZARDOUS CHEMICAL A report required under SARA Title III INVENTORY Section 312 of Hazardous substances at a facility that are above the threshold, Susan Parker

333 views • 14 slides
Lampton 360 Group Report Quarter Three 1 Purpose of report The purpose of this report is to

Lampton 360 Group Report Quarter Three 1 Purpose of report The purpose of this report is to

Lampton 360 Group Report Quarter Three 1 Purpose of report The purpose of this report is to update the cabinet on the performance of the Lampton 360 group; Recycle 360, Property 360 and Facilities Maintenance 360 for the end of quarter three.

701 views • 34 slides
Acing the Test Report: Test Report Standardization and Transparency Agenda Introductions Who

Acing the Test Report: Test Report Standardization and Transparency Agenda Introductions Who

Acing the Test Report: Test Report Standardization and Transparency Agenda Introductions Who are We? Why are we Here? Importance of BIFMA Standards Worst Case Scenario Accredited Labs Report Format Changes Conformance Questions

433 views • 24 slides
>>>CLICK HERE<<< Report writing and presentation Buckinghamshire. vehicle

>>>CLICK HERE<<< Report writing and presentation Buckinghamshire. vehicle

Report Writing And Presentation Report writing and presentation Hartford help with homework westminster english essays sri lanka essay character building need of the day. Report writing and presentation Wisconsin writing assignment 8 the game's

83 views • 4 slides

More recommend