Firewall Wizards mailing list archives
Re: Covert Channels (was dns outbound)
From: "Epstein, Jeremy" <Jeremy_Epstein () NAI com>
Date: Fri, 21 May 1999 09:58:59 -0700
[...] higher grades of security cannot easily be retrofitted onto a unix system.
True. B2 and above (generally) requires designing it in from the beginning, although there have been a few cases of B2 retrofit (Trusted Xenix, and AT&T's ultimately unsuccessful effort with UNIX System V ES come to mind).
defeating covert channels is a requirement of a system that's rated "b2". the other "points" are:
Yes, but even at B1 you need to make a crude effort at identifying them.
B2 formal security policy model device labels DAC and MAC (Message Authentication Code) (fancy checksums)
Actually that's MAC = Mandatory Access Control (bad case of acronym overload), and it's an access control policy based on classification of objects (e.g., files) and clearances of subjects (e.g., processes). As typically implemented (not the only possible implementation), every process and every file has a MAC label. If a process with a "Top Secret" label tries to read a file with a "Secret" label, that's OK, but if a process with an "Unclassified" label tries to read the same file it would be rejected, regardless of file permissions. [This is a gross simplification, but it's enough to show that it's not "fancy checksums".]
covert channel control more extensive testing
Current thread:
- Re: Covert Channels (was dns outbound) Ryan Russell (May 18)
- Re: Covert Channels (was dns outbound) Andrew Brown (May 19)
- Re: Covert Channels (was dns outbound) Stephen P. Berry (May 21)
- <Possible follow-ups>
- Re: Covert Channels (was dns outbound) Epstein, Jeremy (May 21)
- Re: Covert Channels (was dns outbound) Andrew Brown (May 21)