DEFCON 14: Hacking UNIX with FreeBSD Jail(8), Secure Virtual Servers
https://www.ispeech.org/text.to.speech
Speaker: Isaac Levy (.ike)
Abstract:
FreeBSD Jails are a time-tested, secure UNIX virtual machine with endless uses.
Early unix mainframe computing brought elegant process and resource sharing systems, which helped get more application use out of expensive hardware. These concerns have been largely been pushed aside in computing with the rise of desktop PCs, and large farms of ever-shrinking pizza boxes in the data center. Today, as more punch gets packed into 1u than ever, server resources can be further consolidated and abstracted to securely separate complex and sophisticated services in the same hardware server, by running secure virtual UNIX machines.
Who wants jails?
System Administrators who need to securely separate small yet important services.
Software Developers who always need more dev machines to hack amok.
Root-Kit Testing and Debugging.
Educators who could use virtual machines to provide clean unix server systems for student use.
Anyone who wants *secure* virtual machines.
Why would you want jail(8)?
The design of Jail(8) and jail(2) are small and secure, and because jails use native system utilities, they are simple for any unix hacker to work with- very shallow learning curve. They're great for userland-level hacking and development, honeypots, or highly available services for regularly attacked systems.
What I'd like to talk about:
How Jails Work, the technical nitty-gritty
How to setup jails, the practical how-to, cooking show style...
When NOT to use jails
jail(8) security vulnerabilities/considerations, attacking and breaking out of jail(8)
mitigating the risks of attacks and jail(8)breaks
Jails vs. Linux UML, XEN, VMware- fundamental technical differences
For more information visit: http://bit.ly/defcon14_information
To download the video visit: http://bit.ly/defcon14_videos
video, sharing, camera phone, video phone, free, upload
2011-01-31 16:19:18
source
Gloss