Re: Question


From: Amon Ott <ao@rsbac.org>
Subject: Re: Question
Date: Fri, 30 Mar 2001 08:02:21 +0200

Next Article (by Author): Re: Feature request for 1.2 (or for 2.0) Amon Ott
Previous Article (by Author): Re: About setreuid() and setresuid() Amon Ott
Top of Thread: Question "Vitalik Shakhov"
Articles sorted by: [Date] [Author] [Subject]


On Don, 29 Mär 2001 Vitalik Shakhov wrote:
> I have a question about rsbac. Have are You any finished model for support networks security? I mean protection for sniffing, substitution of hosts, packets, etc. 
> For examle, how can I be sure that I receive a correct packets from network if it is possible? Or I must to use other methods and tools.

There is no real network security in RSBAC yet. What you should use are the
security mechanisms the standard Linux solutions provide, e.g. packet filter
rules with interface name, ipsec (FreeSwan), etc.

Combined with access control in the system, e.g. through RSBAC, this is in most
cases sufficient.

Amon.
-
To unsubscribe from the rsbac list, send a mail to
majordomo@rsbac.org with
unsubscribe rsbac
as single line in the body.

Next Article (by Author): Re: Feature request for 1.2 (or for 2.0) Amon Ott
Previous Article (by Author): Re: About setreuid() and setresuid() Amon Ott
Top of Thread: Question "Vitalik Shakhov"
Articles sorted by: [Date] [Author] [Subject]


Go to Compuniverse LWGate Home Page.