Network Infrastructure Group
From Interlock Rochester Wiki
(Difference between revisions)
(→Proposed Projects: added tonights meeting minutes) |
(→Meeting Agenda / Minutes) |
||
| (4 intermediate revisions not shown) | |||
| Line 21: | Line 21: | ||
* A/V Link | * A/V Link | ||
| - | = Meeting Minutes = | + | = Meeting Agenda / Minutes = |
| - | == | + | == 2012-02-02 == |
| + | * reviewed notes from last meeting | ||
| + | ** wifi password - keeping it the same as last month | ||
| + | ** action items: | ||
| + | *** FreeNAS: Incomplete - JustBill | ||
| + | *** OSSIM: Incomplete. Plan to virtualize and implement. -Carl | ||
| + | *** Doorduino: Incomplete. LDAP, python script, hardware implemented and tested. Testing is unreliable possibly due to hardware issue. | ||
| + | ** NYSYS: Seems reliable. There was a problem with the WAN hub that was replace by JustBill. To stop this from happening in the future, we need to setup proper grounding. | ||
| + | * we need to change the password for members | ||
| + | ** plan to wait until member meeting | ||
| + | ** will give out JustBill's phone number for support | ||
| + | * Meraki: Still getting $10/mo. Not planning on expanding coverage | ||
| + | * pfSense Failure | ||
| + | ** someone was plugging in their phone to charge it into the firewall! | ||
| + | ** CDROM caused crash - remediated and stable. | ||
| + | * Network room lock | ||
| + | ** have lock but no keys | ||
| + | ** plan to implement with a door strike and iButton | ||
| + | * Hacker network - needs a new AP. JustBill will supply. AntiTree will implement | ||
| + | * VPN Access - needs to be updated | ||
| + | |||
| + | Action Items: | ||
| + | * Ground the server room: JustBill | ||
| + | * Implement warzone: AntiTree | ||
| + | * Reimplement VPN: Carl | ||
| + | == 2011-04-07 == | ||
| + | * Begin planning of possible isolation of project network from production environment. | ||
| + | ** Agreed to split project network into two networks: the project network as it exists now will become the "development" network, and a new "project" network will be created by Chris that more closely resembled the warzone (without the open warfare) | ||
| + | * LDAP update - you know who you are. | ||
| + | ** Progress has been made, no ETA yet | ||
| + | * ESX updates - will be going over more technical description of what available. | ||
| + | ** Bill gave us a brief intro to what he has been working on with our VMWare environment. Will be having a class for people who wish to admin the setup within the next few months | ||
| + | == 2011-03-03 == | ||
| + | * LDAP | ||
| + | ** John is going to take over the task | ||
| + | ** We gave him feedback on properties that would be needed | ||
| + | ** Web interface - need volunteer to design | ||
| + | * Status of our ESX ecosystem | ||
| + | ** Wishlist | ||
| + | *** Will review hardware | ||
| + | **** Looks good but add PCI-Express Intel NIC (est. $60) and consider hard drive choice | ||
| + | ** Next big project expense after SDR? | ||
| + | *** Possibly but bring to the whole group | ||
| + | ** Need a volunteer to be another admin on the ESX boxes, currently Bill is only admin - GOOD TRAINING! | ||
| + | * Routing and switching | ||
| + | ** Would like someone to review our setup and make recommendations (looking for volunteers) | ||
| + | *** No immediate volunteers but suggestion to setup some monitoring tools (see below) | ||
| + | * Services | ||
| + | ** Am building a bind, dhcpd, and other services environment, if anyone would like to help I could use them | ||
| + | *** Carl and John will take a look as well | ||
| + | ** Goals: get services off pfSense, have failover, generally be robust | ||
| + | * Monitoring | ||
| + | ** Discussion on tools and implementation | ||
| + | *** MRTG, snort, OSSIM, etc | ||
| + | * Open forum | ||
| + | ** Change MAC address on Doorduino | ||
| + | *** There is a private space to pick from (John will pick one) | ||
| + | ** Meraki | ||
| + | *** Move to 3rd floor or roof | ||
| + | *** Talk to Larry (Ben) | ||
| + | *** Possibly deploy more | ||
| + | *** Consider renewing the license (donations coming from it should cover it) | ||
| + | |||
| + | == 2010-12-02 == | ||
* phone update | * phone update | ||
** successfull established a trunk to HackPGH | ** successfull established a trunk to HackPGH | ||
Latest revision as of 03:01, 3 February 2012
Contents |
Network Infrastructure Group
The network infrastructure group is a project group that is responsible for designing and implementing networks for Interlock, as well as keeping the Infrastructure#Network wiki page updated, and creating and maintaining the network acceptable use policy.
Current Projects
(projects approved by the group)
- LDAP services
Proposed Projects
- ChaosVPN
- Define network infrastructure group
- Labeling network jacks
- Documentation
- Network
- Services
- Diagrams (Physical, logical)
- Password
- Inventory
- Phone System
- IDS/IPS
- A/V Link
Meeting Agenda / Minutes
2012-02-02
- reviewed notes from last meeting
- wifi password - keeping it the same as last month
- action items:
- FreeNAS: Incomplete - JustBill
- OSSIM: Incomplete. Plan to virtualize and implement. -Carl
- Doorduino: Incomplete. LDAP, python script, hardware implemented and tested. Testing is unreliable possibly due to hardware issue.
- NYSYS: Seems reliable. There was a problem with the WAN hub that was replace by JustBill. To stop this from happening in the future, we need to setup proper grounding.
- we need to change the password for members
- plan to wait until member meeting
- will give out JustBill's phone number for support
- Meraki: Still getting $10/mo. Not planning on expanding coverage
- pfSense Failure
- someone was plugging in their phone to charge it into the firewall!
- CDROM caused crash - remediated and stable.
- Network room lock
- have lock but no keys
- plan to implement with a door strike and iButton
- Hacker network - needs a new AP. JustBill will supply. AntiTree will implement
- VPN Access - needs to be updated
Action Items:
- Ground the server room: JustBill
- Implement warzone: AntiTree
- Reimplement VPN: Carl
2011-04-07
- Begin planning of possible isolation of project network from production environment.
- Agreed to split project network into two networks: the project network as it exists now will become the "development" network, and a new "project" network will be created by Chris that more closely resembled the warzone (without the open warfare)
- LDAP update - you know who you are.
- Progress has been made, no ETA yet
- ESX updates - will be going over more technical description of what available.
- Bill gave us a brief intro to what he has been working on with our VMWare environment. Will be having a class for people who wish to admin the setup within the next few months
2011-03-03
- LDAP
- John is going to take over the task
- We gave him feedback on properties that would be needed
- Web interface - need volunteer to design
- Status of our ESX ecosystem
- Wishlist
- Will review hardware
- Looks good but add PCI-Express Intel NIC (est. $60) and consider hard drive choice
- Will review hardware
- Next big project expense after SDR?
- Possibly but bring to the whole group
- Need a volunteer to be another admin on the ESX boxes, currently Bill is only admin - GOOD TRAINING!
- Wishlist
- Routing and switching
- Would like someone to review our setup and make recommendations (looking for volunteers)
- No immediate volunteers but suggestion to setup some monitoring tools (see below)
- Would like someone to review our setup and make recommendations (looking for volunteers)
- Services
- Am building a bind, dhcpd, and other services environment, if anyone would like to help I could use them
- Carl and John will take a look as well
- Goals: get services off pfSense, have failover, generally be robust
- Am building a bind, dhcpd, and other services environment, if anyone would like to help I could use them
- Monitoring
- Discussion on tools and implementation
- MRTG, snort, OSSIM, etc
- Discussion on tools and implementation
- Open forum
- Change MAC address on Doorduino
- There is a private space to pick from (John will pick one)
- Meraki
- Move to 3rd floor or roof
- Talk to Larry (Ben)
- Possibly deploy more
- Consider renewing the license (donations coming from it should cover it)
- Change MAC address on Doorduino
2010-12-02
- phone update
- successfull established a trunk to HackPGH
- need to open up more ports
- we will pick up a pay phone in March
- need to get a POTS card
- Q: can we proxy SIP? A: Sure but haven't found a free one
- Q: should we set up an XX-NNNN where everyone has the same XX or should XX be changed based on the hackerspace you're calling? A: ...
- chaosVPN
- Q:where to implement ChaosVPN A: Warzone goes on pfsense, openctf subnet routed to warzone
- labeling
- start but we got distracted
- ldap
- Joe will be doing the LDAP server
- documentation
- could be dependant on ldap server
- pfsense infrastructure
- ?Need Intel pro card
- documentation
- need policies, procedures, and statement of what needs to be documented
- put stuff on wiki
- AV link
- haven't seen Drew in a while
- not sure of the status
- Meraki Service Policy
- Q: How do we handle support? A: we don't support it
- Q: How is money handled? A: Steve gets money and he donates it
- Bill will donate his access point to the cause
- repo mirror
- yep but internal only. Details to be decided by interested parties
- monthly password
- password is going to be changed after the first friday
