May 16th, 2010 | 
Author: Title: June Meeting
Location: Pythian
Link out: Click here
Description:
This month we will be having a presentation from Eseri on virtual environments. Their description follows:
Cloud Computing technology is progressing at several layers – OS virtualization, data-center virtualization, browser based application delivery, and desktop virtualization. Eseri is a local company that has integrated a full organization IT solution from the best of the world’s open source, from hosted Intranet to desktops to applications, and host it in the cloud for access on virtual desktops. Eseri CTO and VP Engineering will demonstrate their solution, describe the architecture, and discuss the security advantages of the virtual desktop approach to the cloud.
Time availability will dictate if we get to continuing the server project. This month we will be adding a basic web server and webmail to the system
Start Time: 19:00
Date: 2010-06-17
End Time: 21:30
I’ve been writing up detailed notes for the course and placing them in the Forums under Initial Configuration (http://www.ovsage.org/forums/?vasthtmlaction=viewforum&f=1.0). I have just finished adding a complete list of all packages installed along with a brief description for each. Next I’ll be performing a detailed descriptions of all the services installed along with instructions for turning specific services on or off based on Scott’s list.
Title: May Meeting
Location: Pythian
Link out: Click here
Description: May Meeting for Ottawa Valley SAGE
This month we have two main topics:
- a presentation by Rove-IT on mobile administration (canceled for now)
- We will continue the configuration of the mail server system. This month we will be configuring the Dovecot portion and securing the connections.
As always, there will be some opening discussions and possibly an ignite video.
Start Time: 19:00
Date: 2010-05-20
End Time: 21:30
Comprehensive Risk Management, Education and Awareness Through
“The Harmonized Threat Risk Assessment Methodology”
Join the High Tech Crime and Investigation Association (HTCIA) Ottawa Chapter, Thursday, May 27, 2010, for a one day training event on the subject of the Harmonized Threat Risk Assessment (HTRA) Methodology. This session is geared towards those who are interested in understanding the methodology used by today’s Security Experts when conducting Threat Risk Assessments. Following the organization of the Harmonized TRA Methodology:
- Introduction;
- Preparation Phase;
- Asset Identification and Valuation;
- Threat Assessment;
- Vulnerability Assessment;
- Calculation of Residual Risk;
- Recommendations; and
- Conclusion
Each of the key areas will be addressed at an introductory level providing workshop attendees the understanding of how the HTRA process works. For those attendees looking for a full “how to” program, details on a full four day technical course will be made available during the workshop.
Since the unification of Threat Risk Assessment methodologies (October 29, 2007), through a joint working group of the Communications Security Establishment (CSE), the Royal Canadian Mounted Police (RCMP) and the parallel User Focus Group the Harmonized Threat Risk Assessment (HTRA) Methodology has become the unified Canadian Standard for the assessment of threat and risk.
Familiarity and understanding of the HTRA Methodology will provide both security professionals and the general public the knowledge, skills and confidence to apply the HTRA principles, regardless of profession, in their everyday life.
Important Note: This training is not generally available to the private sector. Take advantage of this unique opportunity to gain greater familiarity with the HTRA. This very informative training session will be moderated by none other than Mr. John Clayton who was the co-chair of the joint CSE-RCMP working group responsible for the development of the HTRA Methodology!
For further information , please visit the registration page. Seating is limited to 100 people.
This event is available to both members and non-members.
Contact Dale directly:
I have an opportunity for a Linux Systems Administrator.
It’s a 2 year contract, $450 per day.
Qualifications include:
- Two years experience as a System Administrator on a project where Oracle 10g or higher was implemented as part of the solution.
- Experience as a System Administrator on two projects where HP UNIX or Linux was implemented as part of the solution.
- Two years experience as a System Administrator on a project where:
- HP UNIX or Linux; and
- VMware or Integrity Virtual Machine technology, were implemented as part of the solution.
Other assets would include experience with the following:
- Experience as a System Administrator on Geomatics projects.
- Experience as a System Administrator in a SAN, LAN/WAN environment.
- Experience as a System Administrator in a VMware environment using blade server clustering.
- Experience as a System Administrator managing Linux systems in a SOA environment
- Experience as a System Administrator on a project where Oracle 10g was implemented as part of the solution.
If you know of anyone who would be interested in this, feel free to flip them this email or pass my information along.
Derek Newberry
Recruiting Consultant
The Mergis Group
Your Bridge to the Best Hire
120-440 Laurier Avenue West
Ottawa, ON K1R 7X6
TEL: (613) 230-7983 X 221 FAX: 613-782-2434
dereknewberry[at]mergisgroup.ca
For an interesting presentation on the complexity of e-mail check out the following presentation:
Until I saw this, I was unaware of how badly designed the current e-mail structure is, and how badly/incomplete the RFCs for e-mail are. Unfortunately the slides are blurry so you cannot see the examples very well but the talk alone is very informative.
Title: ovSAGE April Meeting
Location: The Pythian Group (St. Laurent Mall)
Link out: Click here
Description: The next step in our mock SMB server.
email and email web services will be enabled during this session. Feel free to do this in advance and bring any questions to the meeting.
In addition, we will look at which direction we wish to go next. What services should be added, what else would be useful?
Start Time: 19:00
Date: 2010-04-15
Before anyone points it out to me: Yes, I am aware the font size is a little small in the forums. I’ll fix it up sometime on Saturday when I feel up with wrestling with CSS and fixing the lines where the designer decided that 85% of any font size is appropriate. I ran across this before, but I have to go searching several sets of CSS files before I find the right one.
This was the first evening where we started the virtual server configuration for our mythical SMB type environment. We went over the text based install of CentOS 5.4 and initial package selection, as well as running services on the box.
After a few technical difficulties while looking up some packages (trousers and fipscheck) that were installed that had not been selected, the rest of the install was reviewed. During the ‘firstboot’ process, we went through the list of services, which was rather enlightening for all involved. It appears that a number of things that you do not normally think about are enabled by default, even when unnecessary.
TrouSerS is an implementation of the Trusted Computing Group’s Software
Stack (TSS) specification. You can use TrouSerS to write applications that
make use of your TPM hardware. TPM hardware can create, store and use RSA
keys securely (without ever being exposed in memory), verify a platform’s
software state using cryptographic hashes and more.
FIPSCheck is a library for integrity verification of FIPS validated
modules. The package also provides helper binaries for creation and
verification of the HMAC-SHA256 checksum files.
Links:
- Installation and configuration of postfix
- The kickstart file for our base install
base kickstart file (137) - The list of services after configuration
Services List from Basic Install (140) - Configurations settings for the virtual machine Virtual Box configuration for the VM container (117)
During the time between now and the next meeting, we will be launching a forum section on the site to discuss the installation and address any questions, as well as try to establish some effective methodology (formerly “Best Practices”). This is a community effort and while I am willing to provide some guidelines and direction at the start, this is very much going to be a group effort, along with all that entails. We will document as we go and hopefully at the end we will have a useful set of procedures as well as lessons learned.
On a side note, to explain the “Best Practices” comment in the preceding paragraph, the term “Best Practices” is often used to convey the idea that this is the best method to do something. Without some unbiased way of judging the relative merits against all other implementations, this is just an opinion or a popular consensus as to methodology. In my opinion, it also predisposes you to think that this is THE WAY to do it and you stop thinking about ways to improve a process. It may very well be the best way, but there is no reason to be blind to other interpretations or be constrained to a particular implementation that doesn’t fit what you need just because it’s a “Best Practice”. Best practice for whom?
Current minimal resources for the project:
- CentOS 5.4 available from the CentOS project site.
- Oracle VirtualBox available from Oracle Corporation. We are using the binary distribution, not the community edition for cross platform similarity and ease of installation.
Posted in Training/Education | 
Tags: CentOS, HOWTO, SMB, VirtualBox, virtualization | 
Comments Closed
We had an average turnout at the OCUUG meeting on Wednesday night. It was a good time and for those who do not know, it’s more of a social group than a technology group. Having said that, tech topics do come up. For those who were, Dru just launched her latest book: The Definitive Guide to PC-BSD. This one is published under the Apress banner.
There were copies for all at the meeting and DVDs to go with it.Of course, it’s not completely free, We are supposed to blog about it (notice I’m doing so now) and write a book review. I’m considering writing my BSDA at BSDCan 2010, so hopefully this will fill n the blanks for me. Either way, it’s an excuse to read a book, work through a new flavor of OS and take a certification exam.
I’ll bring my copy to the meeting so you can look at it. I’ll also have a few copies of PC-BSD 8.0 RC2 for anyone who wants one. These are 64 bit, but you will be able to run them under virtual box.
