May 29, 2010 11:17 PM
Posted by: Dan O'Connor
biba,
CisspHere is a little more information regarding the biba integrity model, wikipeda has a basic explanation about it.
http://en.wikipedia.org/wiki/Biba_Integrity_Model
I prefer the CISSP cbk, It has a good write up of it and other models. If you can borrow that book or pickup your own it's worth...
May 29, 2010 11:06 PM
Posted by: Dan O'Connor
vmware,
Vmware hardeningI found this after doing my last ESXi install and I thought it would be worth sharing, it's always handing to have a document to follow.
http://blogs.vmware.com/security/2010/04/vsphere-40-hardening-guide-released.html
Enjoy.
May 21, 2010 1:06 PM
Posted by: Dan O'Connor
bit,
byte,
pacman,
rolloverTomorrow PacMan will be 30 years young and still played.
If you have seen google today you will be able to play a version in the graphic!
One of the things I found most interesting is the level 256 bug in the pacman game. The level you are playing is stored in a single byte ( 1 byte = 8...
May 21, 2010 12:51 PM
Posted by: Dan O'Connor
biba,
FreeBSD bibaThis is where things can get confusing, learning how labels and the levels work was pretty easy. The compartments work differently, here is an example.
process1 biba/50:5+6+7
process2 biba/50:5+6
process3 biba/50
Here we have three processes, all level...
May 21, 2010 12:37 PM
Posted by: Dan O'Connor
biba,
FreeBSD bibaIn the last section we left off on compartments and labels. I think we have explained what and how the label works with the files and processes in a system, compartments have a good chance at making your head hurt.
Here is an example label with a compartment.
process ...
May 21, 2010 12:26 PM
Posted by: Dan O'Connor
biba,
FreeBSD bibaNow we can put some context around biba running on a FreeBSD system and some things you could do with it.
There is 65,535 levels that can be assigned to a process or file, with 3 special levels.
low - It is lower than any other process.
equal - It is equal it any other process, it's almost...
May 21, 2010 11:05 AM
Posted by: Dan O'Connor
biba integrityIn a Integrity setting the model would play out like this.
The General can only see his Top Secret document, the other two are not visible to him. Why?
The General has high integrity, the documents rated below him have a lower integrity so the information contained in them cannot be...
May 21, 2010 9:58 AM
Posted by: Dan O'Connor
biba modelA quick explanation of biba should be done before we continue just so you can know what is going on. What is biba? biba is a data integrity model.
A quick way to explain this is with a data confidentiality model and a simple military example. If you have 3 people, one is a general, one is...
May 21, 2010 9:46 AM
Posted by: Dan O'Connor
biba,
freebsd,
freebsd kernel mac,
kernel freebsd,
mac bibaOnce the sync is completed go to /usr/src
cd /usr/src/
There is a sys/ dir in under src/ in sys/ there is a listing of possible architectures you can build a kernel for, inside the one you select there is a conf/ dir.
If you do a 'ls' in the conf/ dir you will see the possible...
