Presentation is loading. Please wait.

Presentation is loading. Please wait.

INCident Handling BOF (INCH) 0900-1130 Thursday, March 21. 2002 IETF 53.

Published byMyron Goodman Modified over 8 years ago

Similar presentations

Presentation on theme: "INCident Handling BOF (INCH) 0900-1130 Thursday, March 21. 2002 IETF 53."— Presentation transcript:

1 INCident Handling BOF (INCH) 0900-1130 Thursday, March 21. 2002 IETF 53

2 March 21. 2002IETF 532 INCH BOF Agenda PREAMBLE 1. Agenda Bashing, Introduction, Minutes Taker – Danyliw -- 5 min. 2. INCH Status Report and News – Danyliw – 5 min. PRESENTATIONS 3. Terena IODEF Working Group Status Report – Meijer – 15 min 4. DMTF Common Support Schema – Rafalowi – 20 min FUTURE 5. Discuss requirement document (RFC 3067, new requirements) – 30 min 6. Discuss data model document (IODEF, high-level data elements) – 45 min 7. Discussions and Plans for the Future – 15 min

3 March 21. 2002IETF 533 INCH Status (Timeline) 12/10/2001 : IETF 52 – BOF #1 12/17 – 01/21/2002 : Charter Discussion 01/21/2002 : Charter Submitted 03/21/2002 : IETF 53 – BOF #2 We wait for IESG approval …

4 March 21. 2002IETF 534 Charter Review: Goals Define data formats for communication between –a CSIRT and its constituency (e.g., users, customers, trusted reporters) which reports system misuse; –a CSIRT and parties involved in an incident investigation (e.g., law enforcement, attacking site); and –collaborating CSIRTs sharing information.

5 March 21. 2002IETF 535 Charter Review: Deliverables 1. A document describing the high-level functional requirements of a data format … 2. A specification of the extensible, incident data language that describes the data formats that satisfy the requirements. 3. Guidelines for implementing the data format 4. A set of sample incident reports …

6 March 21. 2002IETF 536 Other News Terena IODEF-WG disbanded W3C XML signing standard

7 March 21. 2002IETF 537 Requirements Document Are we happy with RFC 3067? –Reuse outright? –Reuse and Modify? –Ignore and start over? –Others? Volunteers?

8 March 21. 2002IETF 538 Mailing List Lifetime of a document instance Is an archiving format? Wire-format?

9 March 21. 2002IETF 539 Data Model Is it premature to discuss without the requirements? Reuse of IODEF –Reuse outright? –Reuse and Modify? –Ignore and start over? –Others?

10 March 21. 2002IETF 5310 Mailing List -- General Represent analysis results Represent vulnerability reports Sanitization Diverse Evidence Support

11 March 21. 2002IETF 5311 Mailing List -- IODEF Degree of IDMEF compatibility Self-documentation (History class) Setting restrictions on data usage Constructs to support document updates Impact and Confidence representation “Purpose” (attribute) of an incident

12 March 21. 2002IETF 5312 Mailing List Post: inch@nic.surfnet.nl Archive: http://listserv.surfnet.nl/archives/inch.html Subscribe: send mail to listserv@nic.surfnet.nl with "subscribe inch " in the body

Download ppt "INCident Handling BOF (INCH) 0900-1130 Thursday, March 21. 2002 IETF 53."

Similar presentations

1 ISMS WG 79th IETF Beijing November 10, 2010 Goal:Creating a security model for SNMPv3 that will meet the security and operational needs of network administrators.

1 ISMS WG 79th IETF Beijing November 10, 2010 Goal:Creating a security model for SNMPv3 that will meet the security and operational needs of network administrators.
IETF #77 - NETMOD WG session1 NETMOD WG IETF 77, Anaheim, CA, USA March 23, 2010 0900-1130 David Kessens David Partain.

IETF #77 - NETMOD WG session1 NETMOD WG IETF 77, Anaheim, CA, USA March 23, David Kessens David Partain.
Managed Incident Lightweight Exchange (MILE) Overview and Participation Kathleen Moriarty Global Lead Security Architect EMC Corporate CTO Office.

Managed Incident Lightweight Exchange (MILE) Overview and Participation Kathleen Moriarty Global Lead Security Architect EMC Corporate CTO Office.
IODEF datamodel update. Stability of the datamodel Datamodel stable since Feb 2003 interim meeting Draft stable since publication March 31st.

IODEF datamodel update. Stability of the datamodel Datamodel stable since Feb 2003 interim meeting Draft stable since publication March 31st.
Requirements for Format for INcident data Exchange (FINE) draft-ietf-inch-requirements-00.txt INCH WG, IETF56 March 19, 2003 Yuri Demchenko Glenn Mansfield.

Requirements for Format for INcident data Exchange (FINE) draft-ietf-inch-requirements-00.txt INCH WG, IETF56 March 19, 2003 Yuri Demchenko Glenn Mansfield.
INCH Requirements (2) IETF INCH-WG, March.2003 Glenn M. Keeni/Yuri Demchenko.

INCH Requirements (2) IETF INCH-WG, March.2003 Glenn M. Keeni/Yuri Demchenko.
INCH Requirements IETF Interim meeting, Uppsala, Feb.2003.

INCH Requirements IETF Interim meeting, Uppsala, Feb.2003.
Open Pluggable Edge Services (opes) 62 nd IETF Meeting Minneapolis, MN, USA.

Open Pluggable Edge Services (opes) 62 nd IETF Meeting Minneapolis, MN, USA.
Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any statement made.

Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any statement made.
PPSP Working Group IETF-89 London, UK 16:10-18:40, Tuesday, 2014-3-4 Webex:http://www.ietf.org/meeting/89/remote- participation.html.

PPSP Working Group IETF-89 London, UK 16:10-18:40, Tuesday, Webex: participation.html.
EMAN WG IETF 84. Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and.

EMAN WG IETF 84. Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and.
IDN over EPP (IDNPROV) IETF BOF, Washington DC November 2004.

IDN over EPP (IDNPROV) IETF BOF, Washington DC November 2004.
CCAMP Working Group Online Agenda and Slides at: Tools start page:

CCAMP Working Group Online Agenda and Slides at: Tools start page:
IETF 90: NetExt WG Meeting. Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet- Draft.

IETF 90: NetExt WG Meeting. Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet- Draft.
IODEF Design principles and IODEF Data Model Overview IODEF Data Model and XML DTD pre-draft Version 0.03 TERENA IODEF WG Yuri Demchenko.

IODEF Design principles and IODEF Data Model Overview IODEF Data Model and XML DTD pre-draft Version 0.03 TERENA IODEF WG Yuri Demchenko.
Incident Object Description and Exchange Format TF-CSIRT at TERENA IODEF Editorial Group Jimmy Arvidsson Andrew Cormack Yuri Demchenko Jan Meijer.

Incident Object Description and Exchange Format TF-CSIRT at TERENA IODEF Editorial Group Jimmy Arvidsson Andrew Cormack Yuri Demchenko Jan Meijer.
Abierman-nanog-30may03 1 XML Router Configs BOF Operator Involvement Andy Bierman

Abierman-nanog-30may03 1 XML Router Configs BOF Operator Involvement Andy Bierman
June 10, 2004IETF 59,5 - Richardson, TX, USA1 lemonade Interim 59,5 Eric Burger Glenn Parsons

June 10, 2004IETF 59,5 - Richardson, TX, USA1 lemonade Interim 59,5 Eric Burger Glenn Parsons
IETF Trade WG Adelaide, South Australia 29 March 2000 Donald E. Eastlake, 3rd

IETF Trade WG Adelaide, South Australia 29 March 2000 Donald E. Eastlake, 3rd
DIME WG IETF 79 DIME WG Status & Other Stuff Thursday, November 11, 2010 Jouni Korhonen, Lionel Morand.

DIME WG IETF 79 DIME WG Status & Other Stuff Thursday, November 11, 2010 Jouni Korhonen, Lionel Morand.

Similar presentations

Ads by Google