[nycbug-talk] BSDCan ike-notes - SMPng, TrustedBSD AuditLogging
Isaac Levy
ike
Fri May 20 20:52:01 EDT 2005
More BSDCan ike-notes,
Robert Watson gave 2 great presentations, one on SMPng, the FreeBSD
Network Stack, where he discussed the accomplishments and current
challenges for improving SMP on FreeBSD at a low level. Watson, and
the folks working on SMP, REALLY have their work cut out for them here-
and their general direction is really solid. For me, it was cool to
see dev. details for things I rarely think about- because they just
work :)
His second lecture, "TrustedBSD Audit: BSM Security Event Logging for
FreeBSD", was REALLY eye-opening. Basically, this work revolves around
creating hooks in the kernel which allow for total event logging for
system activities. Every time a file is touched, a process started,
etc...
2 historical notes struck me, first being this was implemented long ago
in SunOS, according to US military specifications. Second, that Apple
hired McAffe Research, (where Robert Watson works), to impliment this
work in Darwin 8, (OSX Tiger), for use with Spotlight! (was anyone but
me wondering how this worked?). Apple was convinced to release the
code under a BSD (*not* APSL) license, and this TrustedBSD project code
is to be merged into FreeBSD 6.0. Now THAT's cool, and a great example
of how Apple is contributing back to the Open Source community!!! (Too
bad apple marketing doesn't talk about low-level open source dev :)
More info:
http://www.trustedbsd.org/
Rocket-
.ike
More information about the talk
mailing list