linux, säkerhet

83252 2002-11-04  19:46  /48 rader/ Paolo Perego <p_perego@modiano.com>
Importerad: 2002-11-04  19:46  av Brevbäraren
Extern mottagare: bugtraq@securityfocus.com
Externa svar till: p_perego@modiano.com
Mottagare: Bugtraq (import) <2214>
Ärende: [Announce] AngeL v0.9.0
------------------------------------------------------------
Hi guys from all over the world. I'm very  happy to announce the
world, the new development version of AngeL. AngeL is linux kernel
module designed with security as goal.

However, it is not AngeL's purpose to defend your host from your
network neighbours. AngeL prevents your host from becoming a hostile
network node, i.e., it prevents it from sending hostile packets
across the network. By "hostile" we mean both malicious (e.g., a
remote exploit attempt) and malformed (e.g., with IP or TCP header
not properly built) packets. AngeL operates at network level,
blocking all outgoing packets that match some well known
patterns. This is done, using the Linux kernel firewalling
capabilities to capture packets, when packets go through the kernel
TCP/IP stack. Outgoing packets are inspected, at header level or at
payload level if needed, and a decision is made whether to let them
out or not.

AngeL also operates at host level, trapping a set of system calls by
means of appropriate wrappers. Such wrappers look for badly formed
requests, such as passing a shellcode as parameter to a suid program,
or requesting a fork() within an infinite loop. If AngeL accepts the
analyzed system call invocation, it calls the original system call,
otherwise it refuses the operation to the calling program.

The new development tree goals will be: 1. increasing stability and
improve hook performance 2. rewrite network layer in order to have a
more modular design and make security rules upgrade easier 3. using
the LSM ( http://lsm.immunix.org ) framework when kernel version 2.6
will be out.  4. ... more, I guess :)

Please take a look to http://www.sikurezza.org/angel for more details
and for downloading the new development version ( AngeL 0.9.0 )

Thanks

Ciao ciao
TheSponge

-- 
$>cd /pub
$>more beer

(0>
//\  Perego Paolo <p_perego@modiano.com> - www.sikurezza.org/angel
V_/_ 'It seems the hardest life I've never known'
I'm Linux drow 2.4.19-4GB - SuSE Linux 7.3 (i386) powered.
(83252) /Paolo Perego <p_perego@modiano.com>/(Ombruten)
Bilaga (application/pgp-signature) i text 83253
83253 2002-11-04  19:46  /8 rader/ Paolo Perego <p_perego@modiano.com>
Bilagans filnamn: "signature.asc"
Importerad: 2002-11-04  19:46  av Brevbäraren
Extern mottagare: bugtraq@securityfocus.com
Externa svar till: p_perego@modiano.com
Mottagare: Bugtraq (import) <2215>
Bilaga (text/plain) till text 83252
Ärende: Bilaga (signature.asc) till: [Announce] AngeL v0.9.0
------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQA9xijwe2SOXFIw7OcRAgdbAJ9kJbpg9pTVlYltQ5BTbS1XoS7azACfRcGH
939DvoVw47RwiNqgFTnajKU=
=bwPu
-----END PGP SIGNATURE-----
(83253) /Paolo Perego <p_perego@modiano.com>/-------