Good evening…
First of all, a brief introduction - my colleagues and I are
responsible for Security, Networking and Other Important Things at the
University of Strathclyde.
We’re looking at RTIR as a way of co-ordinating our incident response work.
So far we have installed RT & RTIR on a FreeBSD system, using a Postgresql
backend. Relatively straightforward, despite none of us being pgsql experts.
We’ve now got a “recipe” for the install - I’m happy to share it if anyone’s
interested.
When we installed rtir, it didn’t appear in the main rt menu - a permissions
problem. We had to do
find /usr/local/rt3/share/html/Callbacks -type d -exec chmod 755 {} ;
to fix it.
Also got lots of errors when installing the Whois::RIPE module. Looks like
problems with the tests rather than the module itself… Is this normal?
We’re still finding our way around the system, but our initial impressions
are positive. I feel that to make it work in a campus environment, we’ll need
to implement a fairly detailed local “whois” database, with details
of the contact addresses for each department.
Unfortunately we didn’t realise this until after building rt & rtir - these
are running on pgsql, and the RIPE whois db needs mysql. Sigh.
John - what whois software are you using at janet-cert?
Bruce.
Bruce Rodger |Bruce.Rodger@strath.ac.uk PGP key available
Network Manager, IT Services |http://www.strath.ac.uk/IT/People/bruce.html
The University of Strathclyde | +44 (0)141 548 3300
Glasgow G4 0LN, Scotland. | Fax 553 4100
Bruce Rodger wrote:
Unfortunately we didn’t realise this until after building rt & rtir - these
are running on pgsql, and the RIPE whois db needs mysql. Sigh.
I looked at it a while back and came to the conclusion that RIPE’s whois
server was a little bit ott for our usage.
John - what whois software are you using at janet-cert?
Whois is pretty simple, it just write the options and the IP/hostname to
port 43 and reads back the results. We use djb’s tcpserver although
inetd/xinetd should do similar and run the IP through a number of
cobbled together perl scripts which perform dns lookups, look up whois
info using a cleverish whois client (jwhois) and lookup contact info.
You may also want to take a look at
http://www.kaizo.org/girona/bgp/aswhois.pl which I wrote to do IP->AS
mapping but should be relatively easy to change for IP->departmental
contact.
Hope this helps
John
JANET-CERT
Hi*,
Also got lots of errors when installing the Whois::RIPE module. Looks like
problems with the tests rather than the module itself… Is this normal?
Yes it is 
Unfortunately we didn’t realise this until after building rt & rtir - these
are running on pgsql, and the RIPE whois db needs mysql. Sigh.
Ripes Whois does not work well with mysql 4.x anyway. (so haveing two is
not so bad after all)
John - what whois software are you using at janet-cert?
Not John, but weh are useing RIPE’s whois for our full IP Documentation
at Vienna University. But to do just an IP->Department lookup it is
overpowerd.
lG uk
Ulrich Kiermayr Zentraler Informatikdienst der Universitaet Wien
Network - Security - ACOnet-CERT Universitaetsstrasse 7, 1010 Wien, AT
eMail: ulrich.kiermayr@univie.ac.at Tel: (+43 1) 4277 / 14104
PGP Key-ID: 0xA8D764D8 Fax: (+43 1) 4277 / 9140