From owner-freebsd-security Sun Jun 30 18:14: 2 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5F97837B400 for ; Sun, 30 Jun 2002 18:13:58 -0700 (PDT) Received: from m-net.arbornet.org (m-net.arbornet.org [209.142.209.161]) by mx1.FreeBSD.org (Postfix) with ESMTP id D23A343E0A for ; Sun, 30 Jun 2002 18:13:57 -0700 (PDT) (envelope-from polytarp@m-net.arbornet.org) Received: from m-net.arbornet.org (localhost [127.0.0.1]) by m-net.arbornet.org (8.12.3/8.11.2) with ESMTP id g611EC1H009002; Sun, 30 Jun 2002 21:14:12 -0400 (EDT) (envelope-from polytarp@m-net.arbornet.org) Received: from localhost (polytarp@localhost) by m-net.arbornet.org (8.12.3/8.12.3/Submit) with ESMTP id g611EBdJ008999; Sun, 30 Jun 2002 21:14:11 -0400 (EDT) Date: Sun, 30 Jun 2002 21:14:11 -0400 (EDT) From: pgreen To: "Michael A. Williams" Cc: freebsd security Subject: Re: New V2 Anti-Trojan kernel patches -Improved and extended for FreeBSD 4.6 Release In-Reply-To: <3D1FAB41.396C0D23@netxsecure.net> Message-ID: <20020630211338.C8909-100000@m-net.arbornet.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org You know, residents of London may not like your name of it. On Mon, 1 Jul 2002, Michael A. Williams wrote: > Hi, > > Our latest version of Anti-Trojan software, V2 is now available as a > beta for FreeBSD 4.6 Release. > > V2 adds several new important Trojan Detection features with a big > reduction in the overall impact on a running kernel. > > 1.Cryptographic hash checking and filtering all files loaded through the > memory map call mmap which covers: > -Shared libraries > -Loadable kernel modules > > 2.Activation very early in the boot cycle to provide warnings against > Trojan files waiting to execute at boot time before the secure level is > raised. > > 3.Improved efficiency in terms of system rescues used, providing very > affordable increased security capabilities. > > 4.Cryptographic hash checking and filtering the Execve call including > script files and an associated interpreter as the original reference > version did yet utilizing the more efficient techniques from the V2 > code. > > The link is: > http://www.trojanproof.org/sigexec-fbsd4.6rV2-beta1.tgz > > Regards, Mike. > > > -- > Michael A. Williams > Security Software Engineering and InfoSec Manager > NetXSecure NZ Limited, http://www.nxs.co.nz > Ph: +64.3.318.2973 Fax: +64.3.318.2975 Mob: +64.21.995.914 > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message