BSDCan2012 - Slide Update J
BSDCan 2012
The Technical BSD Conference
| Speakers | |
|---|---|
|
Brett Lymn |
| Schedule | |
|---|---|
| Day | Talks - 1 - 2012-05-11 |
| Room | MRT 205 |
| Start time | 10:00 |
| Duration | 01:00 |
| Info | |
| ID | 318 |
| Track | Security |
| Language used for presentation | English |
An Introduction to Verifiedexec in NetBSD
The verifiedexec feature has been part of NetBSD for some years now. It seems that a lot of people are unaware of the feature or do not know the full capabilities of verifiedexec. This talk will introduce the feature, what it can do and also what it could be capable of with some kernel changes.
The verified execuction feature is a unique extension to the NetBSD kernel that allows an administrator to ensure the binaries and files that are being accessed have not been modified by comparing the fingerprint of the on-disk file with a "known good" copy of the fingerprint kept in kernel memory. This allows very fine grain control over what will be executed on the machine, even by root, and can provide assurance that files have not been modified. In this talk I will go over some of the history of verified execution, how it works and what it can do, then finally move on to what the next steps I want to take in the development of veriexec. Verified execution has been in NetBSD for a long time but it seems to be a feature that that is not widely known about, hopefully this talk can raise its profile somewhat.