Firewall Wizards mailing list archives
RE: VM system for firewall use
From: Karl Vogel <karl.vogel () seagha com>
Date: Wed, 13 Oct 2004 10:24:52 +0200
Gentoo-Hardened contains both SELinux and RSBAC, and I know they have a way to do an "audit but don't block" sort of thing for RSBAC that was good for profiling a user or application. Their documentation is pretty good (though I think the TrustedBSD docs are too,) though it's still a lot of reading and wading and guessing and trying.
FWIW.. Fedora Core 3 (The community version from RedHat) will have SELinux active when doing a default install. It comes with 2 policies: strict and targeted. The targeted policy is more relaxed (it only targets daemons, afaik). The SELinux stuff can run in permissive mode, where it will log all violations against the policy but will allow the action to go through, which should help in tuning the policy. Either way.. defining SELinux policies is still a tricky business. It will be interesting to see what will come from this larger exposure. _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: VM system for firewall use, (continued)
- Re: VM system for firewall use Bennett Todd (Oct 12)
- Re: VM system for firewall use Ng Pheng Siong (Oct 14)
- Re: VM system for firewall use Crispin Cowan (Oct 17)
- Re: VM system for firewall use Christian Kreibich (Oct 12)
- Re: VM system for firewall use ArkanoiD (Oct 12)
- Re: VM system for firewall use Paul D. Robertson (Oct 12)
- Re: VM system for firewall use Kevin Sheldrake (Oct 12)
- Re: VM system for firewall use Paul D. Robertson (Oct 12)
- Re: VM system for firewall use sin (Oct 12)
- RE: VM system for firewall use Karl Vogel (Oct 12)
- RE: VM system for firewall use Karl Vogel (Oct 14)