Re: [Dfey-general-discuss] Bitfolk supporting DFEY

[Tim Dobson]

Robert Leverington wrote:
> Hello,
> 
> On 2009-11-15, Tim Dobson wrote:
>> At Oggcamp I gave a talk about engaging young people in technology,
>> pretty much identical to the one I gave at WYLUG a few weeks ago[2].
>>
>> Afterwards I was approached by Andy Smith from Bitfolk[3]. Some people
>> here may be aware of the community VPS, dogfish.dfey.org which currently
>> hosts our website and a number of other services.
>>
>> Andy offered to allow DFEY to use the Dogfish VPS (maintaining the same
>> spec) for free with a number of preconditions, none of which I see being
>> a major issue:
>>
>> * It is not used for commercial purposes
>> * We take steps to ensure abuse doesn't originate from dogfish
>> * We take steps to ensure that dogfish isn't compromised
>> * We notify Bitfolk immediately if dogfish is compromised
>> * If the machine causes him a lot of work (eg. is compromised more than
>> once) then we will have to understand it is not viable for bitfolk to
>> continue supporting us.
>>
>> In return for the VPS, we will list them on our website as providing the
>> VPS.
> 
> This is great news, I have updated the wiki and will update the website
> tomorrow if no one else does so before (along with a number of other
> adjustments to the website I proposed some time ago).

Great Stuff!

> 
>> If we ever need more hosting for special events etc we should negotiate
>> with them.
>>
>> Keeping the machine secure should not mean that people are tied down and
>> unable to play around on it however it does mean we need to take a
>> pro-active response to the security and administration of the machine.
> 
> At this point our attitude towards security is very good, regardless
> there are couple of minor changes I am suggesting below.
> 
> I would like to propose implementing a firewall, with the intent of
> prohibiting daemons from being run - at the moment any user is able to
> run these on non-privileged ports.  This should not affect any normal
> usage, and the rules could be adjusted on a case-by-case basis if
> necessery.

Yes. This sounds like a very good idea to prevent people having daemons
that listen on high up ports.

> 
>> We already require ssh public key authentication to access dogfish. This
>> is good. We need to continue to only allow access with keys.
>>
>> We already have a proactive outlook on security updates with the
>> sysadmin team being emailed when new updates are available and with them
>> typically being installed promptly.
>>
>> We need to establish a policy towards accounts on the machine - give
>> them out to people who we trust and have known for some time. Accounts
>> need to be deactivated after a period once people lose touch and stop
>> using them. I'm not sure exactly how people feel this should work put
>> thoughts are more than welcome.
> 
> I think the best method would be to decide upon an arbitrary length of
> time used in determining whether a member should have access.  They can
> be given access after x amount of time of being active in the community
> (mailing lists or IRC), and lose access after x amount of time of not
> participating in these parts of the community.  My suggestion would be
> two months.

Yes. Something like that. Of course this wouldn't be a 1-2-3-delete the
account but would probably involve sending a mail to see what they were
up to... Maybe send them a mail at 2 months, another at 2 months 2 weeks
and if no response disable logins at 3 months (and let them know that
this has been done by mail?

Maybe it should be quicker - sending that initial mail at 1 month but
that might start becoming a bit of a lot of work? :-/ Thoughts?

> 
> Regarding root access, it makes sense to be a bit more strict about
> this.  My proposal would be to remove roots after one month of
> inactivity, and to give root access out on an as-required basis with the
> majority consensus of all existing roots and a positive indication from
> the rest of the community.  Where possible, more specific group-based
> access should be used instead.

This sounds fine to me.

> 
>> We need to keep reliable written records of who has access to what and
>> how to contact them.
> 
> Updated on the wiki.

Ok.

> 
>> We need to regularly audit web applications installed on the machine for
>> potential security issues and make sure everything is patched appropriately.
> 
> Updated on the wiki.

Brilliant.

> 
>> Bitfolk have been very supportive of what we are setting out to do and
>> I'm very pleased to announce this partnership.
> 
> ++

:)

Tim