applications/system

grid-monitoring-probes-eu.egi.sec - Security monitoring probes based on EGI CSIRT requirements

License: ASL 2.0
Vendor: Koji
Description:
This package includes the framework to submit grid jobs to monitor the security of the EGI sites.
Special care has been taken so that results of the probes are transmitted back to the Nagios server using a secure channel.

Currently it supports the following middlewares:
- gLite
- ARC

Additionally it contains the following Nagios probes:
* WN-pakiti
- Pakiti results from the tested WN are sent to configured pakiti server(s). The probe reports to Nagios whether the reporting to Pakiti server(s) was successful.
* WN-CRL
- Tests the CRLs validity on WN.
* WN-Permissions
- Checks the permissions of folders exported in environment variables for world writable files/folders.
* WN-FilePermVulns
- Checks the permissions of files/folders related to known vulnerabilities.
* WN-RDSModuleCheck
- Checks if an RDS socket can be opened (blacklisted as a mitigation for CVE-2010-3904)
* WN-Torque
- Checks if torque server has vulnerable options
* WN-dcache-perms
- Check for vulnerable permissions in dcache related folders.
* WN-libkeyutils
- check for any hosts that have a file matching the glob
pattern libkeyutils.so* that doesn't belong to an installed RPM package
* WN-check_CVE-2013-2094
- check for hosts with old vulnerable kernels
* WN-check_EGI-SVG-2013-5890
- check for hosts with cvmfs local root exploit vulnerability
* Pakiti-Check
- Query pakiti portal and checks if a WN is in the vulnerable list

Packages

grid-monitoring-probes-eu.egi.sec-1.0.11-24.el5.src [35 KiB] Changelog by Pavlos Daoglou (2014-10-06):
- Updated pakiti servers in pakiti-client

Listing created by Repoview-0.6.4-1.el5

The EGI UMD repository, has been designed and developed by IASA on behalf of the EGI.eu.