Secrétariat général de la défense nationale
Transcription
Secrétariat général de la défense nationale
Secrétariat général de la défense nationale (Secretariat General for National Defense) Direction centrale de la sécurité des systèmes d’information (Central Directorate for Information Systems Security) CERTA ISS organisation in France PRIME MINISTER Departments JUSTICE SECRETARIAT GENERAL FOR NATIONAL DEFENSE (SGDN) DEFENSE FOREIGN AFFAIRS HOME OFFICE FINANCES CENTRAL DIRECTORATE FOR INFORMATION SYSTEMS SECURITY (DCSSI) INDUSTRY TTS PSE AIS HIGH RANKING OFFICIALS OF NATIONAL DEFENSE INTERDEPARTMENTAL COMMITEE FOR INFORMATION SYSTEMS SECURITY (CISSI) Premier ministre - SGDN/DCSSI/CERTA 2 TF-CSIRT - Manchester - 27/09/2001 Missions of the DCSSI To contribute to interdepartmental definition and expression of governmental policy as regards Information Security (IS) To provide a regulatory function of national authority for IS To assist public services in IS (councils, audits, CERTA, …) To develop scientific and technical expertise in the field of the IS, for the benefit of the administration and public services To run training courses and increase awareness in IS Premier ministre - SGDN/DCSSI/CERTA 3 TF-CSIRT - Manchester - 27/09/2001 Organisation of the DCSSI Premier ministre - SGDN/DCSSI/CERTA 4 TF-CSIRT - Manchester - 27/09/2001 French CSIRTs • Three CSIRTs in France: – CERT-RENATER, CERT-RENATER part of GIP RENATER (Academic Network) (Réseau National de télécommunications pour la Technologie, l’Enseignement et la Recherche) – CERT-IST (Industrie Services et Tertiaire) created by the end of 1998 (four partners: ALCATEL, le CNES, ELF and France Télécom) – CERTA (Centre d’Expertise gouvernemental de Réponse et de Traitement des Attaques informatiques) Premier ministre - SGDN/DCSSI/CERTA 5 TF-CSIRT - Manchester - 27/09/2001 CERTA Declaration • Decision of “Comité Interministériel pour la Société de l’Information” (CISI) on 19 January 1999: “To strengthen State networks against attacks In order to strengthen and to co-ordinate the struggle against intrusion into governmental computer systems, the government decide to create an assistance and warning team, whose missions are to watch and to answer issue related to computer attacks” Premier ministre - SGDN/DCSSI/CERTA 6 TF-CSIRT - Manchester - 27/09/2001 CERTA History Created by the end of 1999 FIRST member since 12 September 2000 Trusted Introducer (level 0) since 21 September 2000 Premier ministre - SGDN/DCSSI/CERTA 7 TF-CSIRT - Manchester - 27/09/2001 Constituency • French administration community: all French public offices and services as well as local and territorial offices (the root is *.gouv.fr) • CERTA is not a provider Premier ministre - SGDN/DCSSI/CERTA 8 TF-CSIRT - Manchester - 27/09/2001 Publications • CERTA publishes four kind of documents: – “AVIS” (Advisories) gives a brief description of a vulnerability, its consequences for security and the way to protect the system (patches); – “ALERTES” (Alerts) are specific advisories for witch patch are not provided yet; – “NOTES D’INFORMATION” (Information Notes) are more detailed advisories; – “RECOMMANDATIONS” (Recommendations) suggest appropriate measures to face specific computer threat. Premier ministre - SGDN/DCSSI/CERTA 9 TF-CSIRT - Manchester - 27/09/2001 Publications: Statistics 40 1 Recommandations Notes d'information Avis Alertes 35 30 25 38 20 1 1 15 1 1 3 10 20 7 14 5 17 11 5 1 20 11 11 12 1 1 Premier ministre - SGDN/DCSSI/CERTA 3 1 10 1 1 3 1 1 13 6 6 6 16 13 17 9 5 0 1 6 2 5 2 1 TF-CSIRT - Manchester - 27/09/2001 Resources • Four networks: – “Internal Network”: Network publication tools, incident handling, tools development, vulnerabilities database, … – “Public Network”: Network web site, mail server and DNS – “Surf Network”: Network Internet access – “Test Network”: Network set of easily re-configurable computers (OS, connectivity, …) Premier ministre - SGDN/DCSSI/CERTA 11 TF-CSIRT - Manchester - 27/09/2001 Tools • Incident Handling: GNATS (the GNU Bug Tracking System) • Forensics: open sources tools and CERTA tools • Web server (“Internal Network”): search engine on vulnerabilities, interface to GNATS, email archive, … • Publication version control: CVS Premier ministre - SGDN/DCSSI/CERTA 12 TF-CSIRT - Manchester - 27/09/2001 How to join CERTA • Telephone: • Fax: • E-mail: • WEB: (+33) 1 41 46 25 23 1 (+33) 1 71 75 83 00 2 (+33) 1 41 46 37 01 [email protected] http://www.certa.ssi.gouv.fr Direct call during business hours (Monday-Friday, 08:30 - 18:30, GMT+0100/0200 DST) 2 7/7 - 24/24 (outside business hours) in French only! 1 Premier ministre - SGDN/DCSSI/CERTA 13 TF-CSIRT - Manchester - 27/09/2001