Firewall Wizards mailing list archives
Re: Covert Channels (was dns outbound)
From: Andrew Brown <atatat () atatdot net>
Date: Tue, 18 May 1999 21:50:58 -0400
You're almost saying that a firewall needs to have design properties from those A1 Orange book systems (which we all love to hate) by being careful to eliminate leakage of information.Hmm... I don't know the standards that well. I can't imagine they do that effective a job of eliminating this threat. I wish I had one I could try to fool.
ftp://ftp.leo.org/pub/comp/doc/security/orange-book/obook (which is not an "official" site, but it serves my purpose :) and also http://pandonia.canberra.edu.au/ClientServer/week3/security.sgml-005.html which comments on unix. higher grades of security cannot easily be retrofitted onto a unix system. defeating covert channels is a requirement of a system that's rated "b2". the other "points" are: http://pandonia.canberra.edu.au/ClientServer/week3/security.sgml-005.html B2 formal security policy model device labels DAC and MAC (Message Authentication Code) (fancy checksums) covert channel control more extensive testing -- |-----< "CODE WARRIOR" >-----| codewarrior () daemon org * "ah! i see you have the internet twofsonet () graffiti com (Andrew Brown) that goes *ping*!" andrew () crossbar com * "information is power -- share the wealth."
Current thread:
- Re: Covert Channels (was dns outbound) Ryan Russell (May 18)
- Re: Covert Channels (was dns outbound) Andrew Brown (May 19)
- Re: Covert Channels (was dns outbound) Stephen P. Berry (May 21)
- <Possible follow-ups>
- Re: Covert Channels (was dns outbound) Epstein, Jeremy (May 21)
- Re: Covert Channels (was dns outbound) Andrew Brown (May 21)