2022-12-02 - Network Traffic Control Working Group Meeting Notes

Date

Attendees

Discussion items

TimeItemWhoNotes
5 MinWelcomeAxel
5-10 MinMeeting times and frequenciesAllFridays 15 CET, 45 minutes. Maybe every other week
20 MinScope and how to startAxel
  • protect Okapi
  • protect webserver ingres, protect nginx
  • people could try to reverse-engineer nginx
  • prevent database injection attacs
  • Start with some document where we could split of what kind of attacks there are. Come up with some examples. Our environments will be very different. The best we can do is to come up with guidlines and a sample implementation.
  • can't work with IP range lists. Assumption here is : Okapi is freely open to the world. What tools could be used for this ? How to set up firewalls to set up denial of service attacks. 
  • Assumption: Kafka is only used for FOLIO.
  • Define an investigation environment. Define the tools that we want to investigate (web servers). Define possible attack vectors. 
  • start with weekly meetings
  • next meeting Friday (December 9) 11 CET

Action items