Islandora Security Working Group: Call for Convenors and Participants

52 views
Skip to first unread message

Melissa Anez

unread,
May 26, 2016, 2:51:39 PM5/26/16
to islandora, island...@googlegroups.com
Hi all,

Following our brush with security vulnerabilities last month[1], we've identified a clear need for a better (or any) policies to guide the Islandora community through the next time this happens. Dan Aitken put forward a document[2] a couple of weeks ago for feedback from the community, and now it's time to review that feedback and start formulating some plans.

To that end, you are invited to join an Islandora Security Working Group, whose goal will be to review community feedback, examples from other communities, and existing practices, and to come up with a proposal for an official policy or procedures for our community to follow when dealing with security issues in Islandora.

We are also looking for interested parties to *lead* the effort. It could be organized as a temporary Interest Group[3], or follow a more informal structure and organize as needed. Either way, we will need one or two people to shepherd things along and organize discussions. If you are interested in taking part, please reply (or email me at ma...@islandora.ca). Ditto if you want to convene. 

Thank you,

- Melissa


Melissa Anez

unread,
Jun 7, 2016, 11:52:35 AM6/7/16
to islandora, island...@googlegroups.com
Giving this a bump. This will be the last week for recruitment, and then the works starts, so if you are interested in being a part of the conversation about how we handle security in Islandora, please let me know.

- Melissa

dric...@utk.edu

unread,
Jun 8, 2016, 8:54:33 AM6/8/16
to islandora-dev, isla...@googlegroups.com
I'm interested in leading this group. Is there something specific the community wants out of this group? 

Vlastimil Krejčíř

unread,
Oct 2, 2020, 1:33:22 AM10/2/20
to islandora-dev
Hi all,

we're new to Islandora and we like to join the community. We've set up our first Islandora instance recently and we're near to move it to production. I've tried to find something like "securing Islandora" and I've found this thread.

Short story long: we set up our Islandora instance month and half ago, only for the testing purposes, so we set the firewall INPUT chain quite strict. However, by accident, the firewall didn't start after we restarted the server and we didn't notice it. 14 days later, our CSIRT was reported that the server was used for DDoS attack. After the netflow analysis we realized that it is true and the server was hacked somehow. Since it wasn't production service we disconnected the server from network and I have it for forensic analysis now (the server is under the VMware).

The server itself was secured in a standard way - upgrades, ssh access only via keys, Tripwire (including integrity control of tripwire keys and binaries) etc. And it seems the attacker very probably didn't get the root. But I haven't found what really happened yet (I'm not expert on forensic analysis, I'm just pure sys admin). Probably I'll get the backup of the server using veam and I'd like to work on it further and I can share my findings.

The weakness probably lies in Drupal and several external modules we use - we didn't do security upgrades of it :-(. That was a mistake.

So, the question is if there is some kind of "How to secure Islandora". If not, what do you do to secure it? 

My plan to secure it is to:
a) do automatic upgrades of Drupal and related modules (using Drush)
b) take the Islandora under Tripwire control
c) ???

I would really appreciate if you could help me.

Regards

Vlastik Krejčíř
Library and Information Centre, Institute of Computer Science
Masaryk University, Brno, Czech Republic




Dne středa 8. června 2016 v 14:54:33 UTC+2 uživatel dric...@utk.edu napsal:

Vlastimil Krejčíř

unread,
Oct 13, 2020, 6:03:29 AM10/13/20
to islandora-dev
Hi all,

nobody has responded yet so I'm responding to myself :-) (just to share my finding for the rest of the community). I went a bit deeper into the topic and I guess this is true:
"securing Islandora" ~= "securing Drupal".


Which is probably most of the Islandora experienced users are aware of.

Regards,

Vlastik Krejčíř
Library and Information Centre, Institute of Computer Science
Masaryk University, Brno, Czech Republic






Dne pátek 2. října 2020 v 7:33:22 UTC+2 uživatel Vlastimil Krejčíř napsal:
Reply all
Reply to author
Forward
0 new messages